This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa File: a7031a07-12ba-45f8-a53b-6bd5b713c999.roa (raw, json) Hash identifier: fNsNxjIlKnVC3mPpio7W/ES2QBqGJMPkDBvRO7fci+o= Subject key identifier: 21:56:96:BF:95:E5:42:2E:70:E4:89:7E:9F:0B:83:A0:C9:75:29:59 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 640EB2F63BB45ABFA452CF5DC5B3FD68F3BE6D83 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa Signing time: Sat 15 Nov 2025 05:31:12 +0000 ROA not before: Sat 15 Nov 2025 05:31:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01a:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:0e:b2:f6:3b:b4:5a:bf:a4:52:cf:5d:c5:b3:fd:68:f3:be:6d:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:31:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=23d09153143f50d0e2c45600ea9d91317bcc8d3c6a91604552d6750c982a5d1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:8e:31:8a:6e:f1:1b:22:c7:d7:05:90:7f:13: dc:f4:e2:f6:02:46:3b:d9:b3:53:68:1a:d6:a7:b0: 8e:03:59:d3:82:33:bb:1e:3e:1e:e5:dd:e9:d4:fb: 24:2f:19:ba:34:70:7e:e6:ce:52:eb:d1:7b:bd:f2: 96:40:1f:70:5b:a4:bf:2c:0a:bd:bc:c8:2b:e5:fa: 74:31:d4:4c:bb:ad:36:64:57:22:ec:fe:cf:d1:b6: 04:29:96:2b:e7:33:0b:36:2f:1b:45:72:6d:00:19: 87:b6:e6:e2:ff:bb:1b:b7:c4:21:40:8c:e9:f7:9a: a9:87:6e:7e:f0:fd:65:33:5a:ed:5a:e1:a5:0b:e8: ad:e3:4b:4b:62:ef:4e:99:15:b5:14:03:a0:e3:19: ad:3c:93:9d:6e:8b:f9:a2:91:a6:9a:c2:9c:1b:06: 28:cf:06:1a:13:55:69:eb:73:be:cc:54:75:3a:52: 2a:3a:8d:54:04:1a:8b:27:0d:00:ec:56:65:ca:e5: 74:a1:f4:7c:b9:ce:82:46:be:81:84:db:31:85:59: 35:91:2e:8d:10:bd:ba:70:b3:7d:da:f0:e8:ea:89: 7c:e2:a3:fc:65:93:17:0e:b4:0d:b1:9b:ff:39:9b: d9:f0:43:0d:ea:c7:c0:89:cf:41:d1:ce:9d:97:80: d6:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:56:96:BF:95:E5:42:2E:70:E4:89:7E:9F:0B:83:A0:C9:75:29:59 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01a:400::/38 Signature Algorithm: sha256WithRSAEncryption 5a:d5:23:f4:83:cd:0b:da:42:6d:ee:d6:51:04:82:8f:fc:bf: 5f:a8:12:ee:e2:ff:0c:8a:a8:8b:ec:d5:81:5f:db:a5:a4:7d: b6:27:23:27:1d:7e:f9:9d:c0:23:79:95:0d:03:cb:f4:9f:6c: 9a:29:44:40:50:12:d8:e2:91:91:55:03:b1:99:d8:8f:c5:c8: 26:84:2e:14:40:1b:05:fc:79:31:27:87:17:23:6c:69:5c:54: 0d:62:71:01:fe:54:50:aa:b4:2b:0e:dd:3a:c3:a5:ff:58:9a: 61:31:28:6d:a1:7f:be:82:b3:0e:7a:97:58:2b:83:71:b2:9d: db:92:22:6f:5b:49:05:7e:dd:0a:b4:c2:fd:3c:25:94:7d:a9: 7c:3d:e3:d3:cd:1a:9b:d4:27:1c:24:ec:b0:a6:a6:5c:d9:47: f7:0c:6c:6b:98:ef:95:ab:ef:af:23:8e:8a:b9:88:2e:c0:39: 24:28:63:c8:48:4a:75:8f:18:b9:51:62:01:a8:42:7c:46:d5: 3d:ef:f2:a8:7d:28:43:fb:43:9c:99:47:df:a8:c7:4f:5e:b8: 16:43:3a:a6:fc:42:54:ef:56:fd:c4:a7:3e:9d:61:2d:eb:10: d2:a8:62:cd:20:e9:32:f7:9f:75:fc:b1:6e:af:47:92:2a:f1: 2e:df:d7:91 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZA6y9ju0Wr+kUs9dxbP9aPO+bYMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMxMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDIzZDA5MTUzMTQzZjUwZDBlMmM0NTYwMGVhOWQ5MTMxN2JjYzhkM2M2YTkx NjA0NTUyZDY3NTBjOTgyYTVkMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIqOMYpu8Rsix9cFkH8T3PTi9gJGO9mzU2ga1qewjgNZ04Izux4+HuXd6dT7 JC8ZujRwfubOUuvRe73ylkAfcFukvywKvbzIK+X6dDHUTLutNmRXIuz+z9G2BCmW K+czCzYvG0VybQAZh7bm4v+7G7fEIUCM6feaqYdufvD9ZTNa7VrhpQvoreNLS2Lv TpkVtRQDoOMZrTyTnW6L+aKRpprCnBsGKM8GGhNVaetzvsxUdTpSKjqNVAQaiycN AOxWZcrldKH0fLnOgka+gYTbMYVZNZEujRC9unCzfdrw6OqJfOKj/GWTFw60DbGb /zmb2fBDDerHwInPQdHOnZeA1tMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhVpa/ leVCLnDkiX6fC4OgyXUpWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTcwMzFhMDctMTJiYS00NWY4LWE1M2ItNmJkNWI3MTNjOTk5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoE MA0GCSqGSIb3DQEBCwUAA4IBAQBa1SP0g80L2kJt7tZRBIKP/L9fqBLu4v8MiqiL 7NWBX9ulpH22JyMnHX75ncAjeZUNA8v0n2yaKURAUBLY4pGRVQOxmdiPxcgmhC4U QBsF/HkxJ4cXI2xpXFQNYnEB/lRQqrQrDt06w6X/WJphMShtoX++grMOepdYK4Nx sp3bkiJvW0kFft0KtML9PCWUfal8PePTzRqb1CccJOywpqZc2Uf3DGxrmO+Vq++v I46KuYguwDkkKGPISEp1jxi5UWIBqEJ8RtU97/KofShD+0OcmUffqMdPXrgWQzqm /EJU71b9xKc+nWEt6xDSqGLNIOky9591/LFur0eSKvEu39eR -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:46 2025 by rpki-client