This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa File: ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa (raw, json) Hash identifier: r1FQyi9Ma2QpnAD6QRUXaS6eqt+wwMYpSp1YdpqiC30= Subject key identifier: 89:61:BE:81:C2:B2:C6:B5:D1:29:4A:47:C6:E8:80:1B:C5:40:A8:F5 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2335FCA34E65AE3E08F2E7349E6627A95F8935D1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa Signing time: Sat 29 Nov 2025 03:10:04 +0000 ROA not before: Sat 29 Nov 2025 03:10:04 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 46.51.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:35:fc:a3:4e:65:ae:3e:08:f2:e7:34:9e:66:27:a9:5f:89:35:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:04 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=9c0e79bda9c9e3e8e73755fba5df2098cc73b0f7cedaf0a813e477cd32f19723, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:aa:35:53:c3:96:ef:33:c2:f7:80:f0:50:43: 5b:6a:b8:aa:f2:6c:66:5f:ee:ea:44:ba:df:83:0a: f9:bd:ef:c4:d3:6c:f1:4c:8b:05:89:0e:06:69:6a: 76:5a:3a:2d:51:a2:0c:b7:19:38:55:a5:fd:9e:f2: 6d:c1:a4:d8:62:81:2e:35:31:0d:d1:a5:7b:e8:df: 82:d8:ed:0a:c3:ad:c0:f2:68:82:71:d1:4c:59:2d: ea:6c:b0:5b:46:6e:ea:e1:63:38:d6:63:5d:e2:6a: d1:e5:c6:52:24:53:42:20:86:d0:71:01:79:21:d6: 30:df:e0:78:c3:37:8a:b3:d0:53:60:af:83:7f:c9: 2d:a7:4e:68:0f:ad:a1:44:81:09:30:09:d6:fb:64: 20:c7:ef:8f:26:86:47:51:b4:83:91:2e:e0:29:f3: 9e:56:3f:bc:59:db:c1:4b:c8:ac:77:e5:df:77:b1: 5e:ca:e4:3b:7e:dd:8b:a2:0f:a0:58:72:9f:fc:4c: 64:9e:e6:78:e5:46:07:01:e6:6d:35:d4:5d:37:e4: 2b:7b:01:0f:2b:3f:12:8c:f8:37:f0:22:54:b2:dc: a4:f7:8b:cc:88:f6:37:2b:9f:96:87:e9:eb:dd:c7: c5:e7:a5:07:96:26:a0:d8:5d:85:83:17:96:a7:81: 9f:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:61:BE:81:C2:B2:C6:B5:D1:29:4A:47:C6:E8:80:1B:C5:40:A8:F5 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad1fa1a4-44d6-4a4e-82c4-f32d315830db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.51.208.0/22 Signature Algorithm: sha256WithRSAEncryption 8f:d0:8a:c5:b6:64:59:64:97:e6:27:6a:ff:b1:a5:fd:c2:00: c1:2a:d8:99:89:7f:25:b5:ca:d3:36:cc:c2:a4:8a:4a:2c:ce: 66:2f:8e:08:50:78:e2:39:60:f1:08:68:bd:b2:60:00:8c:7d: b0:22:b6:e2:e9:68:71:80:4b:9e:9a:f0:83:e1:a9:ee:2d:9d: b3:c0:39:e9:5b:17:4e:59:93:c3:e5:85:47:30:2b:5d:26:d5: ed:e4:7d:3d:93:9b:67:1e:62:dc:83:a4:29:4a:9a:21:9a:16: 1b:0e:0f:5e:8c:a0:7b:7a:2d:85:e4:84:54:9a:a5:17:2c:83: 48:4b:7b:5a:69:d5:29:ac:dd:87:f1:ed:ef:1f:ae:5f:68:16: 51:23:8b:9a:4a:53:49:ec:67:57:1a:47:cc:ab:0b:42:ec:29: 08:85:3f:91:93:89:9d:c6:87:66:91:63:c3:a2:c6:8b:ce:83: 46:f7:ba:49:82:76:ce:41:61:e5:be:5c:1e:fc:c0:bd:b2:21: b8:a1:da:b8:1c:b2:5a:f9:31:e6:51:3c:9c:87:2b:4d:2a:6d: c7:cf:4a:f4:a8:a1:52:92:dc:29:31:b8:b5:7b:a9:4e:2a:bf: 44:49:91:3b:95:7f:24:60:e2:96:b4:5d:29:9b:16:e8:86:45: 63:c0:53:e0 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUIzX8o05lrj4I8uc0nmYnqV+JNdEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwMDRaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDljMGU3OWJkYTljOWUzZThlNzM3NTVmYmE1ZGYyMDk4Y2M3M2IwZjdjZWRh ZjBhODEzZTQ3N2NkMzJmMTk3MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMCqNVPDlu8zwveA8FBDW2q4qvJsZl/u6kS634MK+b3vxNNs8UyLBYkOBmlq dlo6LVGiDLcZOFWl/Z7ybcGk2GKBLjUxDdGle+jfgtjtCsOtwPJognHRTFkt6myw W0Zu6uFjONZjXeJq0eXGUiRTQiCG0HEBeSHWMN/geMM3irPQU2Cvg3/JLadOaA+t oUSBCTAJ1vtkIMfvjyaGR1G0g5Eu4CnznlY/vFnbwUvIrHfl33exXsrkO37di6IP oFhyn/xMZJ7meOVGBwHmbTXUXTfkK3sBDys/Eoz4N/AiVLLcpPeLzIj2Nyuflofp 693HxeelB5YmoNhdhYMXlqeBn5UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSJYb6B wrLGtdEpSkfG6IAbxUCo9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWQxZmExYTQtNDRkNi00YTRlLTgyYzQtZjMyZDMxNTgzMGRiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN BgkqhkiG9w0BAQsFAAOCAQEAj9CKxbZkWWSX5idq/7Gl/cIAwSrYmYl/JbXK0zbM wqSKSizOZi+OCFB44jlg8QhovbJgAIx9sCK24ulocYBLnprwg+Gp7i2ds8A56VsX TlmTw+WFRzArXSbV7eR9PZObZx5i3IOkKUqaIZoWGw4PXoyge3otheSEVJqlFyyD SEt7WmnVKazdh/Ht7x+uX2gWUSOLmkpTSexnVxpHzKsLQuwpCIU/kZOJncaHZpFj w6LGi86DRve6SYJ2zkFh5b5cHvzAvbIhuKHauByyWvkx5lE8nIcrTSptx89K9Kih UpLcKTG4tXupTiq/REmRO5V/JGDilrRdKZsW6IZFY8BT4A== -----END CERTIFICATE-----Generated at Sat Dec 6 17:35:26 2025 by rpki-client