This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa File: a8cd111d-bddb-47e0-af43-fc5a8d930376.roa (raw, json) Hash identifier: jC7uIQqDmsX0jMsNXA6uS9DsPAamCXBuDFxxUy3g49s= Subject key identifier: 3F:4D:CC:03:84:7D:45:F3:E2:C3:C7:49:DA:5B:26:9D:71:CE:A6:85 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5C94AE48A87287C05CD76524A448A0378BC73FE3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa Signing time: Sat 15 Nov 2025 06:00:54 +0000 ROA not before: Sat 15 Nov 2025 06:00:54 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:94:ae:48:a8:72:87:c0:5c:d7:65:24:a4:48:a0:37:8b:c7:3f:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:54 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=4ee1c2e687bcd1ff08ff3d95eb0add82ec9125cb4322c718db42f67819637199, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c3:2c:e8:51:c4:97:82:ec:6e:0c:30:55:d3: fd:52:38:65:82:75:e8:8d:bd:e1:cd:34:66:fd:7d: 1b:0b:5f:37:d2:eb:ce:e1:30:54:18:63:a9:7e:66: ae:72:26:8e:de:af:8d:7a:b4:f3:a0:1f:4b:0a:71: a3:dd:10:08:a2:b8:67:ae:5b:a7:53:1b:07:2b:ab: 81:5e:4f:70:98:4d:63:d9:1d:73:c4:e4:00:7e:15: d5:17:e6:33:8f:c8:a8:e0:f4:36:79:24:7e:7b:f3: e8:ac:ec:aa:44:11:ec:30:2c:f9:d3:72:58:18:9e: f2:f4:c2:1d:59:4e:f2:4e:c1:89:c4:cb:06:fb:3b: 2f:a3:33:76:d4:59:d6:c1:e4:01:b0:68:fe:d0:97: 2e:1f:3b:54:5f:00:81:ed:fd:5b:20:cb:08:86:08: 1c:89:ee:0f:de:1c:12:40:78:34:14:a1:cf:f4:ba: 41:68:3c:c3:67:b0:7c:4e:8c:68:97:ba:f5:79:47: 83:d4:dc:29:69:6d:85:b4:d4:40:c8:2f:ea:7e:72: 4d:b6:17:f0:8c:63:9a:86:bd:56:e9:92:ee:73:f1: 5b:ea:78:bd:08:33:3e:9f:73:d5:14:a9:a8:50:2b: 3f:bc:49:e6:eb:69:35:3e:f2:be:e7:f7:6b:f4:4f: 18:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:4D:CC:03:84:7D:45:F3:E2:C3:C7:49:DA:5B:26:9D:71:CE:A6:85 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:1000::/40 Signature Algorithm: sha256WithRSAEncryption 34:ed:f3:5b:50:a8:60:72:bf:5a:25:96:61:a9:0e:41:9a:8e: 16:cc:ff:a3:c6:33:2a:a7:16:f9:e6:74:56:df:8e:2d:11:70: a9:6d:35:0c:69:5f:dd:85:aa:66:59:03:d7:96:02:06:c2:be: 2b:d9:8a:d2:99:b8:19:9b:99:78:2f:60:66:83:f8:0d:11:dc: 7a:e9:4c:e4:cf:16:47:fd:ed:81:3b:1d:c6:76:95:ea:f8:2e: f9:94:dc:3e:52:7f:b3:e3:79:c5:98:c6:4d:85:24:e8:72:d0: 9f:02:98:e2:00:f5:cb:07:3a:3a:be:0a:9f:ff:7c:ad:2b:3f: 58:99:01:b1:f6:71:17:ea:b3:26:d3:8f:14:f5:12:ca:10:7a: a6:39:31:3d:97:fe:78:59:54:6d:cc:75:55:3f:03:cd:77:43: b6:9f:55:8d:48:2b:09:3b:c4:a2:33:b0:85:e8:c0:eb:c4:ac: 34:e1:95:dd:5b:f6:b7:c8:32:5d:19:3e:82:0c:bc:d6:4c:d4: 20:ad:b7:b6:61:16:4a:1d:92:42:95:59:62:13:ab:56:69:66: 41:1d:6f:02:f7:ca:e3:48:77:56:15:38:0a:57:f3:2c:27:ef: 24:9c:a0:b1:90:7c:a4:98:d0:1f:7d:93:e8:3b:32:7e:c4:db: 76:e9:21:c7 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXJSuSKhyh8Bc12UkpEigN4vHP+MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwNTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDRlZTFjMmU2ODdiY2QxZmYwOGZmM2Q5NWViMGFkZDgyZWM5MTI1Y2I0MzIy YzcxOGRiNDJmNjc4MTk2MzcxOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMbDLOhRxJeC7G4MMFXT/VI4ZYJ16I294c00Zv19GwtfN9LrzuEwVBhjqX5m rnImjt6vjXq086AfSwpxo90QCKK4Z65bp1MbByurgV5PcJhNY9kdc8TkAH4V1Rfm M4/IqOD0Nnkkfnvz6KzsqkQR7DAs+dNyWBie8vTCHVlO8k7BicTLBvs7L6MzdtRZ 1sHkAbBo/tCXLh87VF8Age39WyDLCIYIHInuD94cEkB4NBShz/S6QWg8w2ewfE6M aJe69XlHg9TcKWlthbTUQMgv6n5yTbYX8Ixjmoa9VumS7nPxW+p4vQgzPp9z1RSp qFArP7xJ5utpNT7yvuf3a/RPGD8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/TcwD hH1F8+LDx0naWyadcc6mhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YThjZDExMWQtYmRkYi00N2UwLWFmNDMtZmM1YThkOTMwMzc2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEQ MA0GCSqGSIb3DQEBCwUAA4IBAQA07fNbUKhgcr9aJZZhqQ5Bmo4WzP+jxjMqpxb5 5nRW344tEXCpbTUMaV/dhapmWQPXlgIGwr4r2YrSmbgZm5l4L2Bmg/gNEdx66Uzk zxZH/e2BOx3GdpXq+C75lNw+Un+z43nFmMZNhSToctCfApjiAPXLBzo6vgqf/3yt Kz9YmQGx9nEX6rMm048U9RLKEHqmOTE9l/54WVRtzHVVPwPNd0O2n1WNSCsJO8Si M7CF6MDrxKw04ZXdW/a3yDJdGT6CDLzWTNQgrbe2YRZKHZJClVliE6tWaWZBHW8C 98rjSHdWFTgKV/MsJ+8knKCxkHykmNAffZPoOzJ+xNt26SHH -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:46 2025 by rpki-client