This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json) Hash identifier: D1Exf6+/CrF+Q9wDp+3UmWoI1zval73FiV6dkktlCtE= Subject key identifier: 0C:33:88:BF:43:2D:A2:9D:6A:AF:D5:B0:9E:19:93:7C:7A:96:B7:C7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4B12999D0ABF1725E7346262EF285481EF6FB924 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa Signing time: Sat 15 Nov 2025 06:30:55 +0000 ROA not before: Sat 15 Nov 2025 06:30:55 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:12:99:9d:0a:bf:17:25:e7:34:62:62:ef:28:54:81:ef:6f:b9:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:55 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=576602f02d86001cc7cb26a0dd89c192c375f7ce6a102025e96fe4005a965e49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a2:67:d3:ab:74:ba:93:07:3d:2c:0d:bc:27: e9:0d:5c:45:1d:f3:c8:a2:8e:83:16:51:46:e1:ee: b4:f7:47:61:4e:76:63:f2:c0:62:89:10:f1:df:88: 8f:57:0c:46:0f:eb:04:e5:20:0c:7d:30:ad:90:59: 47:37:38:3e:36:bd:f0:4f:b6:ec:4a:cb:5d:01:d8: 9c:8f:5e:85:2f:06:28:65:77:7d:d6:80:1c:f3:a0: eb:85:29:d5:fc:75:3a:9e:3b:37:78:70:21:ea:4f: 0a:24:11:e4:49:94:cf:ea:69:30:df:3e:fb:52:a9: 6d:de:90:1c:0e:50:7f:4f:27:80:f3:03:f9:e6:91: 3e:a9:5a:33:ba:80:15:d8:d5:fc:02:3f:83:bb:e3: d4:b9:39:f1:de:44:b8:0d:2b:a5:c0:af:58:67:2c: 23:6b:6a:80:1d:93:a3:2b:0d:2d:47:c0:23:ed:46: cc:14:1d:c9:d4:fe:21:90:73:e0:85:d3:b9:b0:5c: 8b:07:73:78:9f:fd:41:1f:c4:53:cb:28:00:47:a1: cf:9d:d9:15:1e:ba:84:0e:2b:c4:01:47:ad:9a:58: 31:43:cd:08:b5:42:1d:57:34:94:99:6f:7d:07:c6: 87:65:09:38:10:b0:e4:78:ef:d3:f4:e4:00:c4:55: 69:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:33:88:BF:43:2D:A2:9D:6A:AF:D5:B0:9E:19:93:7C:7A:96:B7:C7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:1000::/40 Signature Algorithm: sha256WithRSAEncryption 07:97:ab:a1:6d:bc:ca:6c:a4:22:6f:62:9b:35:84:c3:73:6e: bb:80:63:a9:ba:5d:29:8b:32:9b:3e:37:7f:e2:39:86:29:ef: 91:27:0e:65:b6:21:3f:9b:47:22:df:44:05:cf:7d:11:1b:ad: 58:6a:68:75:90:cd:ce:cf:ff:5a:9c:51:3f:cb:72:31:f6:01: 6a:4f:53:e5:c2:7e:65:67:18:55:82:e4:4d:3e:62:25:45:b1: 08:db:c5:40:bc:b2:43:49:fb:ae:a3:75:58:dd:6d:0a:fb:bf: b0:ab:9f:06:a7:9c:1d:5c:2d:6a:6b:a9:bf:e4:ca:b1:01:45: 84:eb:1d:3b:16:15:6b:02:2b:97:d9:2b:5b:f0:e6:cf:85:63: af:42:bc:3a:f2:4f:d1:a7:8f:2c:21:c1:88:a8:11:43:c8:63: e3:80:26:e9:8e:93:1b:3f:78:5e:68:22:2b:46:30:88:61:b1: 5c:af:b8:90:74:5c:15:3d:fa:5f:7e:ff:7a:3e:38:04:a7:1d: 85:b0:c8:b0:bd:8d:f4:05:c1:a0:9a:eb:5b:58:4a:49:52:ed: 89:bd:03:a2:ae:5a:36:59:35:20:a1:af:56:8a:c0:af:cc:f1: 38:08:2d:51:66:59:3d:25:d2:d8:36:31:2e:39:ea:55:0f:1b: ea:d6:06:7e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUSxKZnQq/FyXnNGJi7yhUge9vuSQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwNTVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDU3NjYwMmYwMmQ4NjAwMWNjN2NiMjZhMGRkODljMTkyYzM3NWY3Y2U2YTEw MjAyNWU5NmZlNDAwNWE5NjVlNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKOiZ9OrdLqTBz0sDbwn6Q1cRR3zyKKOgxZRRuHutPdHYU52Y/LAYokQ8d+I j1cMRg/rBOUgDH0wrZBZRzc4Pja98E+27ErLXQHYnI9ehS8GKGV3fdaAHPOg64Up 1fx1Op47N3hwIepPCiQR5EmUz+ppMN8++1Kpbd6QHA5Qf08ngPMD+eaRPqlaM7qA FdjV/AI/g7vj1Lk58d5EuA0rpcCvWGcsI2tqgB2ToysNLUfAI+1GzBQdydT+IZBz 4IXTubBciwdzeJ/9QR/EU8soAEehz53ZFR66hA4rxAFHrZpYMUPNCLVCHVc0lJlv fQfGh2UJOBCw5Hjv0/TkAMRVaecCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMM4i/ Qy2inWqv1bCeGZN8epa3xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ MA0GCSqGSIb3DQEBCwUAA4IBAQAHl6uhbbzKbKQib2KbNYTDc267gGOpul0pizKb Pjd/4jmGKe+RJw5ltiE/m0ci30QFz30RG61Yamh1kM3Oz/9anFE/y3Ix9gFqT1Pl wn5lZxhVguRNPmIlRbEI28VAvLJDSfuuo3VY3W0K+7+wq58Gp5wdXC1qa6m/5Mqx AUWE6x07FhVrAiuX2Stb8ObPhWOvQrw68k/Rp48sIcGIqBFDyGPjgCbpjpMbP3he aCIrRjCIYbFcr7iQdFwVPfpffv96PjgEpx2FsMiwvY30BcGgmutbWEpJUu2JvQOi rlo2WTUgoa9WisCvzPE4CC1RZlk9JdLYNjEuOepVDxvq1gZ+ -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:07 2025 by rpki-client