This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa File: acaa599d-041d-4181-81eb-d1fa213089e1.roa (raw, json) Hash identifier: Eb84Zy+FWaTItxTNok0MfrBXXUqFuRvubqSBaztp7ns= Subject key identifier: 2A:41:17:16:5D:7C:FF:28:07:3D:2A:66:03:23:0C:A4:A8:9C:9F:29 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 79AA7290CC68BB4F1A9CDE6170D340C53CE6FC02 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa Signing time: Tue 25 Nov 2025 20:00:43 +0000 ROA not before: Tue 25 Nov 2025 20:00:43 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:2080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:aa:72:90:cc:68:bb:4f:1a:9c:de:61:70:d3:40:c5:3c:e6:fc:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:00:43 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=7ddb7c6f06c1a57e071a32e8a06189391641d0a302de203f334f5d3f512ad59c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:06:48:99:14:c2:60:3e:af:78:4e:e2:f4:f0: 64:94:51:6c:cb:13:ab:03:65:06:06:37:f6:86:37: 97:16:c2:ae:3a:de:31:6d:73:f1:9b:19:9a:03:2a: 8a:c6:d6:1f:a5:52:c6:d7:23:5c:cf:49:23:22:ae: 7e:ec:77:fa:c5:3f:44:de:53:0c:f2:4c:bb:05:52: 5f:8e:15:9e:6f:32:20:43:e2:e9:e9:61:26:e4:35: 52:6f:d0:41:97:d5:3b:d3:1b:7e:51:51:d2:4d:60: 75:88:da:19:b0:8b:14:a3:17:5a:0a:b4:59:87:07: 56:9b:b2:4d:64:40:94:e9:6a:bd:3c:76:57:14:05: 97:76:1c:ff:37:ec:40:ea:63:9c:86:29:ce:ca:46: 15:8d:a7:e7:8a:e0:0b:84:d8:d2:5e:85:cc:8c:a7: b8:7a:50:f6:95:8f:fd:88:62:4c:be:b0:a1:64:6a: 8e:99:8b:c9:26:2c:08:19:f6:9c:9f:16:52:48:90: b4:86:fb:fa:65:bb:96:d3:90:ad:03:b6:ca:c3:87: 16:3c:d8:0a:11:a6:b1:8f:31:1d:87:03:36:74:90: c2:f0:31:87:01:2f:e3:bd:21:98:db:6f:01:bf:95: 85:84:6b:36:ea:65:61:36:79:46:56:06:d7:ad:1a: 0c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:41:17:16:5D:7C:FF:28:07:3D:2A:66:03:23:0C:A4:A8:9C:9F:29 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:2080::/46 Signature Algorithm: sha256WithRSAEncryption 79:84:29:a4:dc:14:25:20:cb:ae:c3:ac:4c:81:eb:c6:a7:57: d3:d3:9d:4b:35:2d:00:fb:9f:53:86:da:f1:ef:ea:1f:15:a7: 16:90:89:b9:cf:f4:64:6a:b3:41:6a:0d:b5:ab:d3:ea:3d:62: c6:61:c2:d0:e6:66:5d:89:db:d4:d9:7d:f6:41:70:ba:9b:fe: e2:31:cb:1d:da:be:5d:37:c8:59:81:38:53:66:0f:2c:0e:b8: 2e:b7:ae:1c:0c:06:31:5d:be:72:86:29:d2:32:15:d7:cb:d5: ef:0a:db:b3:47:c2:f9:09:13:f8:c4:af:47:b1:fc:7c:b3:04: 1f:a7:5c:96:1c:da:70:dc:c6:8b:7e:28:c8:6e:0b:8c:cb:e7: 4c:63:ee:58:ad:2e:43:7f:4c:3d:9b:3b:7c:69:7e:b8:7c:13: f1:58:12:28:98:82:15:41:f2:43:63:59:74:19:05:f5:7a:5d: 4e:d6:18:a6:c1:91:b9:ce:5b:b5:e1:dc:a8:fc:14:4a:d6:55: 37:3f:f4:fc:c3:e1:f5:b2:84:5b:98:e3:1f:e3:f9:1d:af:2a: a4:14:38:95:37:f9:74:4c:86:ce:e9:68:be:1a:9a:62:e8:f9: 09:82:93:4b:4e:7d:4d:df:e4:f5:f8:48:f9:99:8c:f5:4d:00: c1:23:ae:2d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUeapykMxou08anN5hcNNAxTzm/AIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAwNDNaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDdkZGI3YzZmMDZjMWE1N2UwNzFhMzJlOGEwNjE4OTM5MTY0MWQwYTMwMmRl MjAzZjMzNGY1ZDNmNTEyYWQ1OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkGSJkUwmA+r3hO4vTwZJRRbMsTqwNlBgY39oY3lxbCrjreMW1z8ZsZmgMq isbWH6VSxtcjXM9JIyKufux3+sU/RN5TDPJMuwVSX44Vnm8yIEPi6elhJuQ1Um/Q QZfVO9MbflFR0k1gdYjaGbCLFKMXWgq0WYcHVpuyTWRAlOlqvTx2VxQFl3Yc/zfs QOpjnIYpzspGFY2n54rgC4TY0l6FzIynuHpQ9pWP/YhiTL6woWRqjpmLySYsCBn2 nJ8WUkiQtIb7+mW7ltOQrQO2ysOHFjzYChGmsY8xHYcDNnSQwvAxhwEv470hmNtv Ab+VhYRrNuplYTZ5RlYG160aDCMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQqQRcW XXz/KAc9KmYDIwykqJyfKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWNhYTU5OWQtMDQxZC00MTgxLTgxZWItZDFmYTIxMzA4OWUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg gDANBgkqhkiG9w0BAQsFAAOCAQEAeYQppNwUJSDLrsOsTIHrxqdX09OdSzUtAPuf U4ba8e/qHxWnFpCJuc/0ZGqzQWoNtavT6j1ixmHC0OZmXYnb1Nl99kFwupv+4jHL Hdq+XTfIWYE4U2YPLA64LreuHAwGMV2+coYp0jIV18vV7wrbs0fC+QkT+MSvR7H8 fLMEH6dclhzacNzGi34oyG4LjMvnTGPuWK0uQ39MPZs7fGl+uHwT8VgSKJiCFUHy Q2NZdBkF9XpdTtYYpsGRuc5bteHcqPwUStZVNz/0/MPh9bKEW5jjH+P5Ha8qpBQ4 lTf5dEyGzulovhqaYuj5CYKTS059Td/k9fhI+ZmM9U0AwSOuLQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:05 2025 by rpki-client