This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa File: aa679cd8-5924-43d7-8928-c65bc2ec3659.roa (raw, json) Hash identifier: nmWxUuBUAV7j3Zidm9HhVNc/qAN+bWwuvavem0XzfC8= Subject key identifier: 5A:F9:E0:DE:82:35:DE:7B:F1:7B:AF:77:0D:07:FE:C7:6E:E9:00:47 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 26AA7AE321B8E97860855D136046A24747DA4C55 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa Signing time: Sat 15 Nov 2025 06:10:10 +0000 ROA not before: Sat 15 Nov 2025 06:10:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d078:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:aa:7a:e3:21:b8:e9:78:60:85:5d:13:60:46:a2:47:47:da:4c:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=15e7cd254a953a8623c25734bce1ada493f78fc11c4eaaadef64a66376440188, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:4a:2c:ba:0a:78:4c:6f:7a:47:c9:d3:3c:75: 0e:27:5d:11:50:c1:3d:2d:2c:4e:29:b9:18:a1:2d: 86:44:36:ec:f2:2e:6a:d0:7e:80:fe:b3:92:c2:21: c1:70:2e:4d:0e:af:50:f3:75:50:95:db:00:be:70: 29:cc:a8:b1:d4:2c:d7:00:71:db:d0:91:2a:ef:51: f6:01:07:ea:e0:95:b3:7e:86:4e:2d:c7:49:5e:b9: 21:22:be:bc:b8:40:ab:dd:26:63:4a:90:ac:67:41: 17:f0:d0:b5:ea:f7:da:62:a1:f2:92:23:4e:72:f0: 09:a7:8b:30:ef:79:5a:93:e2:85:93:ad:dc:39:86: 46:b5:c5:65:a2:f0:ce:99:7b:ac:fa:25:b2:8b:e2: 22:4f:a6:e5:7d:24:16:41:28:d1:ce:24:20:6f:93: f2:c9:20:de:b8:4e:1b:eb:2d:b6:87:06:cb:c3:be: 89:b8:38:9e:ef:0b:6d:45:ab:e7:9e:a5:0d:58:91: 62:54:5b:11:ea:8f:9e:0c:0b:d8:26:30:b7:05:86: 6a:14:86:2b:9b:de:4f:b0:68:a7:87:e0:88:67:5f: 83:80:b9:53:1f:42:07:2f:f5:b3:7e:1c:0a:35:3e: 3c:03:bc:a1:c8:5e:7b:37:9d:25:ba:82:7c:05:33: 5c:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:F9:E0:DE:82:35:DE:7B:F1:7B:AF:77:0D:07:FE:C7:6E:E9:00:47 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aa679cd8-5924-43d7-8928-c65bc2ec3659.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d078:c000::/40 Signature Algorithm: sha256WithRSAEncryption 24:f4:17:19:bb:eb:10:41:97:ea:8b:ae:8d:75:c6:72:9e:9a: c4:40:54:64:f1:ca:a1:44:00:f3:f8:8a:9d:55:db:a8:47:cf: 17:8b:79:cb:9c:90:e6:f7:3b:71:10:0d:0b:e4:85:0a:bf:c7: 4c:2a:7d:9d:ed:02:fd:6c:d8:4d:9a:03:69:e4:3b:06:fd:73: f9:c9:4f:6c:b6:6b:d1:57:2f:9a:e4:fb:09:45:df:dc:c1:9f: 9d:cd:5f:26:c5:72:86:71:f7:77:6e:13:12:50:68:4b:77:5d: e7:e2:8f:42:41:4d:03:f0:67:46:20:7b:5f:93:25:08:e1:ca: 44:b1:04:77:2a:87:c1:0b:db:40:c1:9f:b8:b2:f1:a2:15:72: 89:f3:b6:1f:d3:a2:55:3c:4d:79:0d:9a:7f:47:fd:11:99:d8: df:cd:e8:4a:34:7d:50:39:53:de:f0:98:83:75:e7:0e:53:5b: 84:f0:65:df:b0:03:be:3e:d5:99:e1:29:49:a8:bb:88:a0:64: c5:18:e8:5b:8b:e3:3a:d3:c3:6a:35:08:59:1e:2f:89:50:22: 85:b9:e3:fc:7a:29:58:9a:70:11:80:33:40:7e:93:fe:49:0e: 1a:af:44:c2:73:f5:47:df:0e:8a:5b:dc:ca:29:63:71:00:c2: fe:f5:dd:6c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUJqp64yG46XhghV0TYEaiR0faTFUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDE1ZTdjZDI1NGE5NTNhODYyM2MyNTczNGJjZTFhZGE0OTNmNzhmYzExYzRl YWFhZGVmNjRhNjYzNzY0NDAxODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMRKLLoKeExvekfJ0zx1DiddEVDBPS0sTim5GKEthkQ27PIuatB+gP6zksIh wXAuTQ6vUPN1UJXbAL5wKcyosdQs1wBx29CRKu9R9gEH6uCVs36GTi3HSV65ISK+ vLhAq90mY0qQrGdBF/DQter32mKh8pIjTnLwCaeLMO95WpPihZOt3DmGRrXFZaLw zpl7rPolsoviIk+m5X0kFkEo0c4kIG+T8skg3rhOG+sttocGy8O+ibg4nu8LbUWr 556lDViRYlRbEeqPngwL2CYwtwWGahSGK5veT7Bop4fgiGdfg4C5Ux9CBy/1s34c CjU+PAO8ocheezedJbqCfAUzXGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRa+eDe gjXee/F7r3cNB/7HbukARzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWE2NzljZDgtNTkyNC00M2Q3LTg5MjgtYzY1YmMyZWMzNjU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HjA MA0GCSqGSIb3DQEBCwUAA4IBAQAk9BcZu+sQQZfqi66NdcZynprEQFRk8cqhRADz +IqdVduoR88Xi3nLnJDm9ztxEA0L5IUKv8dMKn2d7QL9bNhNmgNp5DsG/XP5yU9s tmvRVy+a5PsJRd/cwZ+dzV8mxXKGcfd3bhMSUGhLd13n4o9CQU0D8GdGIHtfkyUI 4cpEsQR3KofBC9tAwZ+4svGiFXKJ87Yf06JVPE15DZp/R/0RmdjfzehKNH1QOVPe 8JiDdecOU1uE8GXfsAO+PtWZ4SlJqLuIoGTFGOhbi+M608NqNQhZHi+JUCKFueP8 eilYmnARgDNAfpP+SQ4ar0TCc/VH3w6KW9zKKWNxAML+9d1s -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:16 2025 by rpki-client