This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json) Hash identifier: 2wwSem0iwQCxGIz6RwaOv1CWEOHJS2Y5wGGXk3om7No= Subject key identifier: 42:4A:F5:A3:34:91:75:35:4B:A5:91:A4:55:A7:1A:9E:7C:D3:6A:C9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 687517B91B9B612AF90EBD963EB00F56E78E8019 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa Signing time: Sat 15 Nov 2025 05:50:36 +0000 ROA not before: Sat 15 Nov 2025 05:50:36 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:75:17:b9:1b:9b:61:2a:f9:0e:bd:96:3e:b0:0f:56:e7:8e:80:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:36 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=28074e6c11f74f0a0f463676198bdd6b8f137ef059762557abc3f1d39735b796, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:7f:8e:3f:e5:52:be:b1:0c:e3:ed:db:ce:5b: 6a:1a:58:b4:3e:40:07:fb:93:a1:53:76:e2:70:55: ba:71:97:f4:ba:2d:f0:a1:bd:5f:ab:05:76:13:af: 22:88:5f:13:fc:3a:7a:66:e7:09:9c:f0:6f:cf:b6: 5b:88:6f:e4:61:d2:f2:b4:5e:d4:8a:04:73:8c:20: 7f:cb:81:5e:c2:87:6a:41:d7:fc:0f:03:4c:f9:41: 08:b2:fb:8d:c2:56:71:96:0f:77:ae:04:72:9d:a7: 91:84:0e:bf:45:97:5c:1f:e4:c8:79:cf:2a:bc:4c: be:b2:30:1a:87:51:e4:08:bb:81:53:40:6e:15:eb: 35:9e:e7:93:94:41:a5:47:a7:e2:3a:4c:05:34:ef: b4:cf:48:f3:9b:8a:e3:ae:f0:aa:8c:15:a7:e3:88: 44:28:e6:f3:0e:6e:91:2c:00:8e:50:89:5c:3b:e1: d4:02:4c:91:d1:36:e0:a9:51:b1:6c:44:d6:5c:35: 38:1b:fb:d4:86:b3:81:db:7b:8d:84:27:dd:22:af: cb:ad:3b:dd:b0:73:a1:dc:16:87:c1:06:20:ce:10: 8b:b5:26:43:77:e3:7c:d2:7e:5e:d6:4b:64:e2:49: d7:9a:87:b5:66:14:3f:cf:dd:e8:ba:a7:38:23:95: 6f:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:4A:F5:A3:34:91:75:35:4B:A5:91:A4:55:A7:1A:9E:7C:D3:6A:C9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:a080::/48 Signature Algorithm: sha256WithRSAEncryption 0d:a9:26:71:eb:99:f8:fe:8a:a8:d6:14:8a:59:e5:84:03:79: db:32:ac:aa:ce:21:56:c1:b2:ba:a3:37:b6:5d:ab:e5:b4:94: 21:4e:7a:2d:8d:41:51:ee:56:ee:9c:35:16:b1:c4:66:38:b1: a5:85:90:90:d3:9b:d1:65:43:0a:ae:e2:0e:08:33:fb:2a:8b: fc:4d:22:0e:12:69:9b:0c:c0:9a:07:aa:56:a2:00:9a:a6:96: 80:14:c6:28:b1:9b:4a:5c:d2:2a:8d:6c:f0:1a:bf:11:e0:99: 12:85:82:d2:af:99:77:0f:a7:1a:81:42:40:2b:93:68:a3:1a: df:4c:f3:97:3d:31:74:d4:86:8f:d2:a8:df:bf:a8:a1:5c:e2: ac:00:bd:3b:98:87:db:19:19:e1:30:b0:77:fb:02:f5:84:1c: 72:39:96:16:fc:eb:f7:c3:95:fa:06:f3:3e:51:17:98:28:a7: 80:5e:95:3d:50:dc:9c:bd:e4:b0:4c:95:ac:e8:5a:42:bc:4c: 57:2d:63:14:05:cb:63:53:f2:cc:64:9d:5a:85:7a:ed:48:74: b2:cd:c3:6d:68:3d:4d:c2:c9:cd:26:7c:c2:3b:20:94:a9:28: 0b:09:40:73:0b:db:d8:57:46:72:30:b1:f0:45:c0:33:27:2a: 43:55:fc:77 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUaHUXuRubYSr5Dr2WPrAPVueOgBkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDI4MDc0ZTZjMTFmNzRmMGEwZjQ2MzY3NjE5OGJkZDZiOGYxMzdlZjA1OTc2 MjU1N2FiYzNmMWQzOTczNWI3OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJ/jj/lUr6xDOPt285bahpYtD5AB/uToVN24nBVunGX9Lot8KG9X6sFdhOv IohfE/w6embnCZzwb8+2W4hv5GHS8rRe1IoEc4wgf8uBXsKHakHX/A8DTPlBCLL7 jcJWcZYPd64Ecp2nkYQOv0WXXB/kyHnPKrxMvrIwGodR5Ai7gVNAbhXrNZ7nk5RB pUen4jpMBTTvtM9I85uK467wqowVp+OIRCjm8w5ukSwAjlCJXDvh1AJMkdE24KlR sWxE1lw1OBv71Iazgdt7jYQn3SKvy6073bBzodwWh8EGIM4Qi7UmQ3fjfNJ+XtZL ZOJJ15qHtWYUP8/d6LqnOCOVb5ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCSvWj NJF1NUulkaRVpxqefNNqyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg gDANBgkqhkiG9w0BAQsFAAOCAQEADakmceuZ+P6KqNYUilnlhAN52zKsqs4hVsGy uqM3tl2r5bSUIU56LY1BUe5W7pw1FrHEZjixpYWQkNOb0WVDCq7iDggz+yqL/E0i DhJpmwzAmgeqVqIAmqaWgBTGKLGbSlzSKo1s8Bq/EeCZEoWC0q+Zdw+nGoFCQCuT aKMa30zzlz0xdNSGj9Ko37+ooVzirAC9O5iH2xkZ4TCwd/sC9YQccjmWFvzr98OV +gbzPlEXmCingF6VPVDcnL3ksEyVrOhaQrxMVy1jFAXLY1PyzGSdWoV67Uh0ss3D bWg9TcLJzSZ8wjsglKkoCwlAcwvb2FdGcjCx8EXAMycqQ1X8dw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:46 2025 by rpki-client