This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa File: a6d14d01-1a1b-448e-bb4a-73279a06c540.roa (raw, json) Hash identifier: iBhA4QTdeqs4dgLSpLdPJg64bwJ/+dZ5GhrKeWOOGSE= Subject key identifier: 25:98:0C:C5:53:18:12:10:00:7A:FA:9F:56:52:C0:52:5B:0C:F1:EF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 48607E799A2C86BEF9BA0C5FA1F03B9D8F1CC357 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa Signing time: Sat 15 Nov 2025 05:51:05 +0000 ROA not before: Sat 15 Nov 2025 05:51:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:5040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:60:7e:79:9a:2c:86:be:f9:ba:0c:5f:a1:f0:3b:9d:8f:1c:c3:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:51:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=bbb2e19f586d3ef548718af23af4900c90bac66213a67447330407113485e2b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fd:e0:b6:ba:67:be:58:d7:39:0e:f3:59:d3: 40:60:84:d9:e7:99:f9:28:17:9d:87:dd:d3:2a:c7: cb:b6:b8:d2:b8:8c:84:9b:83:cc:d4:7a:49:11:62: b2:ae:2b:cc:e8:c2:3c:9b:a4:b1:3c:60:3b:c0:05: fa:3c:fa:44:f9:bc:6f:46:b4:b3:a3:4c:15:1c:7a: e1:75:bd:9e:ef:f2:29:e4:bd:2d:92:d8:fe:3a:a1: 24:8c:64:cb:a7:ce:cd:08:fa:62:42:a4:98:43:0d: e7:14:61:f7:ab:cc:5f:bc:4c:06:06:8f:e9:7b:c1: ee:10:c5:53:7c:f4:9e:e9:bb:39:22:02:65:75:1e: b4:9a:94:75:55:78:97:cf:a6:3a:77:31:0e:9f:07: 55:1a:b3:1e:9b:4d:d2:84:af:57:66:cb:ac:e7:19: 43:14:b7:ec:4f:d6:a9:7d:33:17:2a:75:1e:e1:e5: f0:d9:ef:18:ee:d3:b6:05:2c:6f:6a:19:8e:07:60: 52:b0:92:fd:64:a4:55:62:e0:bb:c2:33:f2:c3:1d: 3f:e3:78:57:f3:17:74:6b:7b:fc:e5:e7:55:70:28: d3:16:38:e5:d0:9d:de:90:60:0c:73:88:68:62:50: 9d:fe:c5:a7:09:9a:d9:89:7d:b8:e5:ed:c8:96:0b: fb:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:98:0C:C5:53:18:12:10:00:7A:FA:9F:56:52:C0:52:5B:0C:F1:EF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:5040::/48 Signature Algorithm: sha256WithRSAEncryption 2e:7c:ca:9c:eb:35:40:e9:10:b0:01:4d:85:35:3e:e2:9f:e0: 37:7b:81:f4:8e:93:cf:ce:29:e5:7a:22:8a:8a:e2:bb:16:21: 57:df:c1:a1:55:c5:77:12:14:76:76:4f:84:c6:14:ad:c6:03: b9:ed:58:39:bd:0f:0e:8a:c1:ca:f1:5a:19:b8:1d:a6:dc:d6: 2c:a7:5d:31:c1:90:46:e4:41:da:90:cd:4a:18:e3:65:06:7b: 4a:41:91:4e:85:53:cf:83:a8:68:76:cc:35:59:07:4c:65:e3: a8:a3:f0:6f:e2:02:0d:79:81:a5:92:51:6e:e1:a6:a8:77:88: 1e:7e:36:2e:23:59:69:c7:db:c4:05:7d:86:b2:a5:ba:3d:1f: 32:66:54:57:5b:44:cb:41:16:d1:2a:e4:a1:0a:54:e9:41:e6: 5c:84:d4:25:ed:7a:fe:14:14:f0:3c:87:fd:bf:cd:2b:63:c3: 61:ee:05:fb:f0:4e:39:fd:04:44:b8:07:7c:10:dc:fa:8b:f9: 29:7f:c0:48:18:a0:86:28:54:68:de:a6:cb:5d:8e:f0:5b:24: 76:9b:3b:40:57:1e:ea:65:37:75:60:b9:c3:4b:51:46:ca:79: 59:31:7f:26:29:1a:e8:4d:e2:8b:86:53:d8:30:95:fd:10:31: d5:ce:b4:64 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUSGB+eZoshr75ugxfofA7nY8cw1cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUxMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGJiYjJlMTlmNTg2ZDNlZjU0ODcxOGFmMjNhZjQ5MDBjOTBiYWM2NjIxM2E2 NzQ0NzMzMDQwNzExMzQ4NWUyYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/94La6Z75Y1zkO81nTQGCE2eeZ+SgXnYfd0yrHy7a40riMhJuDzNR6SRFi sq4rzOjCPJuksTxgO8AF+jz6RPm8b0a0s6NMFRx64XW9nu/yKeS9LZLY/jqhJIxk y6fOzQj6YkKkmEMN5xRh96vMX7xMBgaP6XvB7hDFU3z0num7OSICZXUetJqUdVV4 l8+mOncxDp8HVRqzHptN0oSvV2bLrOcZQxS37E/WqX0zFyp1HuHl8NnvGO7TtgUs b2oZjgdgUrCS/WSkVWLgu8Iz8sMdP+N4V/MXdGt7/OXnVXAo0xY45dCd3pBgDHOI aGJQnf7Fpwma2Yl9uOXtyJYL+z0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQlmAzF UxgSEAB6+p9WUsBSWwzx7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTZkMTRkMDEtMWExYi00NDhlLWJiNGEtNzMyNzlhMDZjNTQwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ QDANBgkqhkiG9w0BAQsFAAOCAQEALnzKnOs1QOkQsAFNhTU+4p/gN3uB9I6Tz84p 5XoiioriuxYhV9/BoVXFdxIUdnZPhMYUrcYDue1YOb0PDorByvFaGbgdptzWLKdd McGQRuRB2pDNShjjZQZ7SkGRToVTz4OoaHbMNVkHTGXjqKPwb+ICDXmBpZJRbuGm qHeIHn42LiNZacfbxAV9hrKluj0fMmZUV1tEy0EW0SrkoQpU6UHmXITUJe16/hQU 8DyH/b/NK2PDYe4F+/BOOf0ERLgHfBDc+ov5KX/ASBighihUaN6my12O8Fskdps7 QFce6mU3dWC5w0tRRsp5WTF/Jika6E3ii4ZT2DCV/RAx1c60ZA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:02 2025 by rpki-client