This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json) Hash identifier: oH+v6H8GxK4gQ/Sb1IvWWgmVmnEmYzmeG0UYp8L0aTA= Subject key identifier: BE:0F:99:1B:55:69:AA:FF:99:DC:67:F4:F5:E7:15:0A:22:82:D4:E2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2B29BF343F25553C5D62852A5B31C1B3899387CE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa Signing time: Tue 02 Dec 2025 01:51:08 +0000 ROA not before: Tue 02 Dec 2025 01:51:08 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d074:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:29:bf:34:3f:25:55:3c:5d:62:85:2a:5b:31:c1:b3:89:93:87:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:08 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=62fd8a59276fc1c71365e1994171f08de537b4c9ddeed1da1e121867ac360694, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:7b:c2:0f:36:61:82:c1:33:2e:9c:42:5a:7a: ba:01:d2:1f:4f:e3:8f:3b:b9:18:47:b4:06:24:a9: ec:17:d1:ba:96:1c:29:7b:0e:61:b4:70:0c:23:3b: e5:16:0f:e0:13:a0:90:ff:1a:1b:2a:96:e3:42:1e: 46:ba:20:a1:a0:76:bf:ff:30:1c:32:46:4d:be:ce: 73:dc:6a:35:60:c6:fb:3e:d2:90:25:ef:ab:06:89: 65:fb:a7:bc:0f:f7:78:b1:f1:03:19:09:31:cc:48: e7:e3:66:94:3c:4d:f9:4f:df:ee:a5:85:c7:c5:36: 29:81:65:7f:5c:1a:62:3c:d2:67:20:89:10:1e:b3: 19:c4:95:d2:0b:bf:4a:7b:6b:2b:c2:07:5b:a5:3a: 5b:f4:9b:6b:84:35:f6:e2:d2:d9:ef:de:9a:a3:16: d3:19:9c:69:d8:90:8e:52:e8:35:fe:40:94:c5:c8: 69:05:43:9f:07:0e:53:f0:1a:e3:76:ba:7c:3a:e8: 3c:da:a6:63:2c:7e:df:4e:ad:5f:4a:f4:4e:7b:07: d0:0f:e5:99:f6:a0:64:0e:e0:c6:5a:01:57:4b:a2: b2:a8:f3:0e:47:31:4d:ff:19:ca:e7:97:3a:48:00: 1e:17:20:bc:21:4c:86:75:12:1c:c5:62:67:23:95: ac:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:0F:99:1B:55:69:AA:FF:99:DC:67:F4:F5:E7:15:0A:22:82:D4:E2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d074:8000::/40 Signature Algorithm: sha256WithRSAEncryption 2e:1c:59:48:33:67:24:5b:a7:18:4e:ae:eb:4f:37:22:14:09: a8:94:df:a5:d7:39:cd:53:b1:0e:d9:d7:bc:0b:8f:92:e3:f3: 26:4e:59:b5:b9:11:f9:0e:00:33:ee:c8:52:ac:a1:63:39:58: 04:c3:58:2b:b4:82:e1:9b:28:73:e7:00:e4:95:6f:71:8f:86: d0:04:15:d5:08:3a:6b:d4:27:96:e2:55:a1:0a:73:d3:51:3a: 15:c1:e0:cd:4c:b0:9f:49:45:b2:87:13:34:b0:59:17:81:d9: 46:d0:c8:0f:95:aa:fa:97:55:7a:4e:e6:59:8f:0e:15:b4:8b: 69:d7:bf:c0:87:83:36:2c:7d:ea:27:fa:49:67:c1:ac:11:94: cb:bd:f5:67:26:62:ae:1c:9c:d3:ef:8c:10:bf:51:1d:65:26: 93:28:cc:0a:10:8f:85:78:7c:7e:5c:d1:83:d2:95:bb:91:c8: 14:5f:a2:82:08:89:67:cc:0f:13:b4:77:d6:ba:10:9a:d6:3b: 0b:20:91:05:e8:4c:b5:0b:9e:66:64:65:1d:08:66:5c:ac:92: c0:ed:1d:a6:f9:da:13:ef:23:78:46:cf:7d:3c:56:23:79:d3: b2:5c:6a:0b:9a:34:90:dd:0f:50:36:bb:bd:5f:ed:1d:f7:60: 84:ff:bb:50 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKym/ND8lVTxdYoUqWzHBs4mTh84wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMDhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDYyZmQ4YTU5Mjc2ZmMxYzcxMzY1ZTE5OTQxNzFmMDhkZTUzN2I0YzlkZGVl ZDFkYTFlMTIxODY3YWMzNjA2OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK17wg82YYLBMy6cQlp6ugHSH0/jjzu5GEe0BiSp7BfRupYcKXsOYbRwDCM7 5RYP4BOgkP8aGyqW40IeRrogoaB2v/8wHDJGTb7Oc9xqNWDG+z7SkCXvqwaJZfun vA/3eLHxAxkJMcxI5+NmlDxN+U/f7qWFx8U2KYFlf1waYjzSZyCJEB6zGcSV0gu/ SntrK8IHW6U6W/Sba4Q19uLS2e/emqMW0xmcadiQjlLoNf5AlMXIaQVDnwcOU/Aa 43a6fDroPNqmYyx+306tX0r0TnsH0A/lmfagZA7gxloBV0uisqjzDkcxTf8ZyueX OkgAHhcgvCFMhnUSHMViZyOVrHUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+D5kb VWmq/5ncZ/T15xUKIoLU4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA MA0GCSqGSIb3DQEBCwUAA4IBAQAuHFlIM2ckW6cYTq7rTzciFAmolN+l1znNU7EO 2de8C4+S4/MmTlm1uRH5DgAz7shSrKFjOVgEw1grtILhmyhz5wDklW9xj4bQBBXV CDpr1CeW4lWhCnPTUToVweDNTLCfSUWyhxM0sFkXgdlG0MgPlar6l1V6TuZZjw4V tItp17/Ah4M2LH3qJ/pJZ8GsEZTLvfVnJmKuHJzT74wQv1EdZSaTKMwKEI+FeHx+ XNGD0pW7kcgUX6KCCIlnzA8TtHfWuhCa1jsLIJEF6Ey1C55mZGUdCGZcrJLA7R2m +doT7yN4Rs99PFYjedOyXGoLmjSQ3Q9QNru9X+0d92CE/7tQ -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:51 2025 by rpki-client