This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa File: a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa (raw, json) Hash identifier: gVOJEvj7ZBYPoYRnJFXzEEgDcyGfCugBC+HttgPibgM= Subject key identifier: 3A:00:90:E0:8E:97:EC:56:20:43:40:B9:46:7D:26:D2:B4:D4:36:3D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0A507EBF25536D952A56891088834A53ECED8600 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa Signing time: Sat 29 Nov 2025 03:10:42 +0000 ROA not before: Sat 29 Nov 2025 03:10:42 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d05b::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:50:7e:bf:25:53:6d:95:2a:56:89:10:88:83:4a:53:ec:ed:86:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:42 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=e8031c7a2116adabe324004adfa196a1ed35bf4378a417c08fa21c931e4311a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ff:d8:d9:8c:f5:92:cd:14:d2:4e:e7:00:5e: 57:ff:8b:fd:93:6a:18:74:14:22:9a:6a:9b:a7:b5: 32:06:e4:b2:cf:38:7e:1b:98:d2:67:8a:6a:af:be: 70:e5:63:90:6a:61:29:de:fc:55:ec:35:fb:32:b3: 8c:61:e0:2d:22:47:99:02:21:5a:fb:8a:d0:ad:6c: 8f:98:f5:c2:90:a4:d6:87:38:74:9a:5c:77:5b:cb: e6:01:48:a2:f1:88:c3:d6:e1:a7:f7:1c:14:18:be: 14:bc:61:13:a6:59:af:eb:78:da:d8:58:ac:bb:29: be:ae:4b:e6:3d:92:72:1d:21:6b:37:78:d5:b9:55: ac:fe:77:16:55:cd:04:9c:5c:c0:d4:f3:61:93:f6: c8:c7:69:f5:9f:6a:47:25:b8:0a:4d:12:f6:5c:db: 55:6b:49:ec:22:dc:2a:e2:21:43:d4:77:06:49:8a: 9b:7a:0d:54:29:8b:7f:40:11:ee:3c:27:d7:8a:83: 7c:27:98:62:58:82:16:93:13:20:f2:a2:4b:06:52: 40:75:b3:d5:03:47:fe:e8:5f:02:64:e6:2b:85:f8: 2e:43:0b:e1:31:96:24:a4:40:64:ce:58:62:8f:0f: b2:bd:d3:22:e8:88:cd:2f:44:11:f6:6f:54:e4:90: d0:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:00:90:E0:8E:97:EC:56:20:43:40:B9:46:7D:26:D2:B4:D4:36:3D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d05b::/32 Signature Algorithm: sha256WithRSAEncryption 0f:f4:43:6d:42:a8:b8:b9:49:27:63:a5:e3:4f:7d:3e:d5:62: 13:24:21:07:32:1c:c7:81:7e:de:d0:37:cc:d3:f9:ba:d4:99: 94:35:41:cb:10:0d:c2:af:b4:1b:bc:1b:ef:a7:3f:c0:70:05: 4c:e1:e6:16:ba:dc:28:e1:e4:cb:b5:f6:2e:0c:3b:a6:a6:18: 84:58:a2:86:90:4c:3c:d5:09:e9:ae:37:c9:14:e2:7a:82:8b: 13:b0:f4:61:d2:e1:d0:7c:b8:87:6b:66:35:0a:8d:34:cc:b1: d6:46:7b:39:60:f0:56:78:05:90:38:6f:29:23:ae:9b:35:99: 58:f7:86:b9:e8:ef:f0:d1:7d:c1:5c:97:9b:a0:36:cc:62:b6: 6b:9e:9d:4c:40:83:48:a7:88:7c:c9:00:b4:f0:35:fc:5b:83: fb:b7:8e:99:fb:18:a2:66:e6:9f:6e:0d:e0:0e:3f:4d:26:75: b6:13:8c:9a:6f:08:91:20:ff:81:7a:60:3e:61:a4:e6:16:99: a6:f9:25:54:40:4c:d8:cc:ef:d1:06:aa:e9:c3:c1:d6:e9:b8: 80:8c:91:c1:a7:52:34:97:e6:e1:1b:c7:22:58:09:a5:bc:69: 7a:de:df:a0:b6:66:03:be:0d:83:4e:45:98:97:ab:12:ec:8c: 30:b9:83:a0 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUClB+vyVTbZUqVokQiINKU+zthgAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwNDJaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGU4MDMxYzdhMjExNmFkYWJlMzI0MDA0YWRmYTE5NmExZWQzNWJmNDM3OGE0 MTdjMDhmYTIxYzkzMWU0MzExYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKr/2NmM9ZLNFNJO5wBeV/+L/ZNqGHQUIppqm6e1Mgbkss84fhuY0meKaq++ cOVjkGphKd78Vew1+zKzjGHgLSJHmQIhWvuK0K1sj5j1wpCk1oc4dJpcd1vL5gFI ovGIw9bhp/ccFBi+FLxhE6ZZr+t42thYrLspvq5L5j2Sch0hazd41blVrP53FlXN BJxcwNTzYZP2yMdp9Z9qRyW4Ck0S9lzbVWtJ7CLcKuIhQ9R3BkmKm3oNVCmLf0AR 7jwn14qDfCeYYliCFpMTIPKiSwZSQHWz1QNH/uhfAmTmK4X4LkML4TGWJKRAZM5Y Yo8Psr3TIuiIzS9EEfZvVOSQ0DMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ6AJDg jpfsViBDQLlGfSbStNQ2PTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTViY2I3NzAtN2UzZC00Y2NkLWJmMWMtNGNjMTdlYTAxYzFkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fsw DQYJKoZIhvcNAQELBQADggEBAA/0Q21CqLi5SSdjpeNPfT7VYhMkIQcyHMeBft7Q N8zT+brUmZQ1QcsQDcKvtBu8G++nP8BwBUzh5ha63Cjh5Mu19i4MO6amGIRYooaQ TDzVCemuN8kU4nqCixOw9GHS4dB8uIdrZjUKjTTMsdZGezlg8FZ4BZA4bykjrps1 mVj3hrno7/DRfcFcl5ugNsxitmuenUxAg0iniHzJALTwNfxbg/u3jpn7GKJm5p9u DeAOP00mdbYTjJpvCJEg/4F6YD5hpOYWmab5JVRATNjM79EGqunDwdbpuICMkcGn UjSX5uEbxyJYCaW8aXre36C2ZgO+DYNORZiXqxLsjDC5g6A= -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:59 2025 by rpki-client