This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa File: a6c6065d-431b-4a4f-98c4-f607358ee480.roa (raw, json) Hash identifier: BQMVscjNClwaqt//I/TyrsL4iVx/OHdaEa9swEznpnk= Subject key identifier: 81:66:8A:63:B7:39:76:97:13:F2:5C:38:56:1B:C5:32:54:AB:6E:6A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3CED569037F971CB7C8E72943021BE549A341A3A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa Signing time: Sat 15 Nov 2025 05:20:12 +0000 ROA not before: Sat 15 Nov 2025 05:20:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:ed:56:90:37:f9:71:cb:7c:8e:72:94:30:21:be:54:9a:34:1a:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9ab44ed166b5a939e5657af13a4e0d1167d1b5b4fc6ff21349e3a05c0d1338a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:3d:e9:7a:2b:2a:a0:1e:fd:93:a4:f7:4a:a5: 19:2a:3d:9c:40:2e:65:82:e2:22:97:8e:f2:fc:5f: b4:68:77:a3:86:21:4f:9a:4c:aa:12:15:0d:1b:a7: dd:bf:59:96:c7:c7:ab:9e:41:0c:41:4e:fc:7c:55: 1a:e3:7b:f4:f5:d1:83:a2:80:b3:b2:60:eb:32:f5: 52:43:6f:e3:a1:61:8d:e6:68:40:be:6c:0c:d8:1f: a0:74:c0:d2:5e:dd:67:12:66:30:3a:4a:f1:cf:61: 90:5a:03:76:85:ba:83:8a:35:d8:11:b6:93:2b:33: c4:cb:4f:ef:81:66:83:a6:b9:0a:ee:e4:16:9c:79: f2:4c:59:3d:46:21:f2:d7:a5:d1:ec:5d:c7:7b:b1: 72:d9:f4:40:14:56:92:09:f0:28:b5:23:3c:86:87: 7a:00:3d:a7:43:47:f1:c1:9e:f3:90:45:ef:3e:df: 48:90:3e:f3:e2:8c:3b:aa:3a:e6:05:8c:ab:f9:d4: 3b:6c:a2:03:01:df:6b:08:5d:96:66:57:d0:9b:be: b0:78:79:98:a8:61:18:66:56:fa:24:ef:c1:4e:67: 38:a1:0a:bd:31:60:9b:d5:cc:ae:c0:c9:c2:a7:15: fe:ef:10:ab:8b:77:63:2a:93:79:2e:c1:dd:45:80: a4:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:66:8A:63:B7:39:76:97:13:F2:5C:38:56:1B:C5:32:54:AB:6E:6A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:c000::/40 Signature Algorithm: sha256WithRSAEncryption 76:de:f9:41:98:9d:d0:ab:e4:94:a8:72:62:2b:1a:fd:e2:a2: 52:7b:e8:d3:08:8c:45:64:57:2a:95:02:e7:f9:82:ef:4f:db: ca:a1:36:18:ba:96:20:23:6e:d0:51:85:6c:5b:a5:8f:cc:b0: 6f:c2:0f:3f:33:08:01:c4:b9:62:25:3d:d7:9e:9e:8b:6b:73: 31:3e:09:77:70:1a:f9:25:83:2f:ac:5f:ca:16:62:34:9d:27: 9b:77:fb:13:5b:29:6b:ab:c8:f9:e6:97:de:45:fc:4b:31:61: f1:a0:02:1f:68:67:83:de:5c:ba:d7:50:30:26:56:bf:ae:29: fa:83:37:8e:ea:3f:bb:d4:ac:5f:5d:cb:59:15:af:23:20:7e: cd:79:9c:de:a0:d4:50:92:9c:5c:37:da:63:9f:79:bf:d4:8f: d5:c6:86:10:a4:69:73:ee:ad:b0:00:ab:d5:35:a5:f2:af:04: af:ab:39:8e:1e:2a:23:51:8c:cd:c1:03:18:00:2a:ee:3b:16: 8d:03:d3:c9:aa:26:29:e0:14:9e:3e:ce:91:69:ab:cc:a8:f4: fc:0d:15:8f:61:81:df:15:90:7c:21:16:b7:7e:d5:ae:b5:7c: 84:3a:f1:7d:8f:6d:99:ba:c9:6b:8b:7d:e4:f1:10:50:a6:4b: 8f:db:8a:53 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPO1WkDf5cct8jnKUMCG+VJo0GjowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDlhYjQ0ZWQxNjZiNWE5MzllNTY1N2FmMTNhNGUwZDExNjdkMWI1YjRmYzZm ZjIxMzQ5ZTNhMDVjMGQxMzM4YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM096XorKqAe/ZOk90qlGSo9nEAuZYLiIpeO8vxftGh3o4YhT5pMqhIVDRun 3b9ZlsfHq55BDEFO/HxVGuN79PXRg6KAs7Jg6zL1UkNv46FhjeZoQL5sDNgfoHTA 0l7dZxJmMDpK8c9hkFoDdoW6g4o12BG2kyszxMtP74Fmg6a5Cu7kFpx58kxZPUYh 8tel0exdx3uxctn0QBRWkgnwKLUjPIaHegA9p0NH8cGe85BF7z7fSJA+8+KMO6o6 5gWMq/nUO2yiAwHfawhdlmZX0Ju+sHh5mKhhGGZW+iTvwU5nOKEKvTFgm9XMrsDJ wqcV/u8Qq4t3YyqTeS7B3UWApKUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBZopj tzl2lxPyXDhWG8UyVKtuajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTZjNjA2NWQtNDMxYi00YTRmLTk4YzQtZjYwNzM1OGVlNDgwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/A MA0GCSqGSIb3DQEBCwUAA4IBAQB23vlBmJ3Qq+SUqHJiKxr94qJSe+jTCIxFZFcq lQLn+YLvT9vKoTYYupYgI27QUYVsW6WPzLBvwg8/MwgBxLliJT3Xnp6La3MxPgl3 cBr5JYMvrF/KFmI0nSebd/sTWylrq8j55pfeRfxLMWHxoAIfaGeD3ly611AwJla/ rin6gzeO6j+71KxfXctZFa8jIH7NeZzeoNRQkpxcN9pjn3m/1I/VxoYQpGlz7q2w AKvVNaXyrwSvqzmOHiojUYzNwQMYACruOxaNA9PJqiYp4BSePs6RaavMqPT8DRWP YYHfFZB8IRa3ftWutXyEOvF9j22Zuslri33k8RBQpkuP24pT -----END CERTIFICATE-----Generated at Sat Dec 6 14:41:30 2025 by rpki-client