This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa File: a507fd37-f907-46ea-8c80-857b97a67610.roa (raw, json) Hash identifier: Z3hdWasTut605zKQ/nlbLSuZao6JE37U4RkDMSQ1LCs= Subject key identifier: 5E:97:B7:9D:E1:FC:46:53:49:A8:3D:14:18:12:3A:C8:49:1B:D1:C9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 79FE3BC4B42B883315FAB639D29835EA88C67447 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa Signing time: Wed 10 Dec 2025 06:11:31 +0000 ROA not before: Wed 10 Dec 2025 06:11:31 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:fe:3b:c4:b4:2b:88:33:15:fa:b6:39:d2:98:35:ea:88:c6:74:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:31 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=82ae289eb3ac827172537ad35a120c8b7a28fc7cf0af60f454ea449b77f6a973, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:28:65:25:1f:92:e1:5d:28:29:eb:73:cc:f7: a7:e4:6f:a2:2c:d3:1b:db:db:66:f0:2f:65:48:e3: 23:2f:e8:0e:88:22:6b:e1:bc:dc:b5:86:10:e0:53: 45:1f:48:eb:48:34:0d:62:9d:26:08:a0:8d:be:56: e2:cc:e5:81:76:2b:a6:03:dd:03:ff:bc:53:6f:b4: 68:6d:90:0c:4f:1e:6e:f7:4c:02:9a:e2:ad:ce:2d: 89:8e:11:11:fc:31:db:30:fb:0b:e8:13:7f:fd:f3: 0b:e1:8c:89:80:cb:c2:b7:a6:52:85:7a:02:d1:42: 2b:61:01:e6:64:e8:1b:c9:3b:af:b4:e1:eb:39:8c: ce:f0:6c:9e:37:d8:80:a5:06:98:22:b2:50:28:65: 05:be:6b:38:8c:5c:c5:23:2f:8a:a1:ba:ee:98:46: 55:05:71:90:c8:6a:cb:a8:77:e7:52:bf:5d:4c:b4: 27:dc:27:38:91:81:b6:ea:c3:3d:43:4a:63:ac:e2: 0e:91:78:06:49:b5:49:77:c4:98:4d:7f:c9:ec:5f: ad:62:25:e4:23:ec:a3:86:1d:44:d4:98:b2:e9:eb: 03:cf:04:19:4f:69:f1:08:6c:ac:d6:20:71:d5:2f: 1f:62:aa:b7:a8:cb:35:a5:be:a6:76:6b:64:47:57: d0:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:97:B7:9D:E1:FC:46:53:49:A8:3D:14:18:12:3A:C8:49:1B:D1:C9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:e000::/40 Signature Algorithm: sha256WithRSAEncryption 59:d3:3d:c9:de:0f:f8:3a:03:00:27:46:8c:ed:7c:2c:f8:af: 7f:ef:bd:7b:c8:06:fd:1c:16:7a:45:d4:f6:1a:c1:03:58:ca: c0:64:32:79:dc:7e:12:af:6f:90:f9:a0:a4:f6:1e:93:09:d9: e4:a3:86:fe:17:3f:8e:82:35:3c:0d:65:cb:91:00:3d:57:a7: c2:be:55:79:aa:aa:34:c1:b3:a6:6b:b8:21:8b:be:bd:bc:54: d4:e7:d1:5d:d7:23:0c:db:eb:9f:e9:1c:a4:b1:3c:ae:51:ec: f2:5c:0a:77:07:d5:70:4a:28:e1:10:f3:c3:96:73:44:77:6b: c1:34:60:c9:8e:96:50:e6:d2:aa:05:ff:b3:dc:e5:af:a8:af: 75:59:e7:e1:c1:dc:94:da:60:22:fe:f4:62:7b:d4:91:21:c9: 53:d6:c4:cf:ae:3d:a4:97:c2:54:5e:fc:22:5e:c9:ce:cc:ab: db:af:4a:02:8d:98:14:67:98:54:5c:08:c2:02:35:b4:4e:f7: e5:40:20:9b:98:dd:c6:0c:d4:f7:af:78:50:8b:3e:ca:c1:07: 23:6b:a2:24:14:ac:f0:d9:ab:c2:d5:11:d1:96:4a:df:d9:a4: 7a:35:07:85:3b:c8:28:57:9e:9e:01:5a:23:9f:9e:e3:3b:7d: 4d:36:f3:55 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUef47xLQriDMV+rY50pg16ojGdEcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMzFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDgyYWUyODllYjNhYzgyNzE3MjUzN2FkMzVhMTIwYzhiN2EyOGZjN2NmMGFm NjBmNDU0ZWE0NDliNzdmNmE5NzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAoZSUfkuFdKCnrc8z3p+RvoizTG9vbZvAvZUjjIy/oDogia+G83LWGEOBT RR9I60g0DWKdJgigjb5W4szlgXYrpgPdA/+8U2+0aG2QDE8ebvdMAprirc4tiY4R Efwx2zD7C+gTf/3zC+GMiYDLwremUoV6AtFCK2EB5mToG8k7r7Th6zmMzvBsnjfY gKUGmCKyUChlBb5rOIxcxSMviqG67phGVQVxkMhqy6h351K/XUy0J9wnOJGBturD PUNKY6ziDpF4Bkm1SXfEmE1/yexfrWIl5CPso4YdRNSYsunrA88EGU9p8QhsrNYg cdUvH2Kqt6jLNaW+pnZrZEdX0BECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRel7ed 4fxGU0moPRQYEjrISRvRyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTUwN2ZkMzctZjkwNy00NmVhLThjODAtODU3Yjk3YTY3NjEwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg MA0GCSqGSIb3DQEBCwUAA4IBAQBZ0z3J3g/4OgMAJ0aM7Xws+K9/7717yAb9HBZ6 RdT2GsEDWMrAZDJ53H4Sr2+Q+aCk9h6TCdnko4b+Fz+OgjU8DWXLkQA9V6fCvlV5 qqo0wbOma7ghi769vFTU59Fd1yMM2+uf6RyksTyuUezyXAp3B9VwSijhEPPDlnNE d2vBNGDJjpZQ5tKqBf+z3OWvqK91WefhwdyU2mAi/vRie9SRIclT1sTPrj2kl8JU XvwiXsnOzKvbr0oCjZgUZ5hUXAjCAjW0TvflQCCbmN3GDNT3r3hQiz7KwQcja6Ik FKzw2avC1RHRlkrf2aR6NQeFO8goV56eAVojn57jO31NNvNV -----END CERTIFICATE-----Generated at Mon Dec 15 17:04:48 2025 by rpki-client