This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa File: ad363c67-ff83-46aa-9474-de02e382946b.roa (raw, json) Hash identifier: Wmu5RdG5YfNRaDrCs3AZGdP+wPVtJp4tKH+XGVk0TDA= Subject key identifier: DE:93:83:50:C0:47:1C:FF:AF:45:B9:FD:81:8D:BC:CD:0C:DF:C4:45 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 02E7C1CC4729890BF93B3B70AA8EBFD6A759FD34 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa Signing time: Sat 15 Nov 2025 05:50:11 +0000 ROA not before: Sat 15 Nov 2025 05:50:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:e7:c1:cc:47:29:89:0b:f9:3b:3b:70:aa:8e:bf:d6:a7:59:fd:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=52d268f86113e4259acca9c2cbd3e0a50835b2149c54b3a0b357f884612a04e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:14:00:91:87:31:76:fd:20:df:b9:77:86:98: db:6b:bc:40:d0:5c:6e:ff:7a:a7:0d:0b:52:8c:e0: 21:9d:10:f7:8e:75:58:8d:0a:7f:1c:cb:fc:98:51: 9f:3a:1d:45:b2:db:3f:10:44:76:fe:0a:83:44:f0: 74:44:9d:7c:6a:7c:11:47:dc:b3:64:b5:88:7e:9c: 1f:05:35:a5:6d:6e:65:9a:04:a5:c5:60:3f:56:ea: 65:9f:7d:43:ad:fe:0c:f4:58:a2:06:27:e8:2d:06: cc:f9:c5:58:ab:95:0c:d7:0f:06:02:4a:f2:2e:e6: 5c:97:31:51:18:3b:e6:d7:3e:be:94:11:a4:68:92: b5:d3:82:5f:0e:b2:bc:48:55:95:f0:14:55:25:d9: fe:86:2e:79:06:08:fb:97:d5:01:a3:7e:6b:97:04: 5f:39:5d:03:98:89:3f:25:10:bf:fa:0b:fb:7f:dc: 7c:99:0d:b1:6e:7a:4e:3a:40:96:23:b1:8e:67:29: e8:51:50:e7:0f:0b:8a:32:7f:dd:2a:ce:0d:f1:74: c5:c5:2c:f5:2b:8f:6d:ea:e9:ac:6c:5f:35:b3:7a: 26:6b:34:9a:95:e6:18:37:77:63:05:30:62:bd:9a: f0:3c:82:a4:8e:07:39:66:47:9e:02:35:aa:13:d6: e3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:93:83:50:C0:47:1C:FF:AF:45:B9:FD:81:8D:BC:CD:0C:DF:C4:45 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad363c67-ff83-46aa-9474-de02e382946b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:b000::/40 Signature Algorithm: sha256WithRSAEncryption 8a:70:06:96:fd:de:7f:30:e7:f6:d2:45:3a:18:6d:5e:6b:e5: 6a:31:ec:07:47:20:aa:93:91:1b:9e:2d:a7:fd:ff:e2:55:f7: 77:0f:1a:9b:3a:a3:b6:5f:f3:9c:6b:2e:15:ff:8f:65:ce:c9: dd:a3:21:9e:f1:b1:db:0a:cc:55:dc:c6:f5:d3:e9:98:bd:99: 78:e6:0a:7e:27:77:50:85:92:7c:10:18:1d:eb:45:87:36:1a: e5:5b:7a:e6:e9:9b:2c:41:ea:41:37:0f:6a:8b:2a:90:99:87: 35:2c:fa:4a:68:10:22:61:8f:b9:bb:fa:6c:66:ad:5a:6d:8f: 41:44:f8:e3:5f:f5:d6:e5:60:99:8b:6c:1b:fe:db:1b:1c:fe: ef:72:38:d0:bd:bf:9b:aa:f7:1c:ee:79:ac:05:20:95:04:07: 3f:4a:07:90:91:10:ed:f8:c3:99:f2:cb:8c:ba:3e:da:f1:90: 26:f5:db:23:68:6e:2d:cb:7e:ab:50:5d:1a:2f:1f:9a:cf:80: 8a:04:45:c1:04:de:d2:1e:de:36:8e:42:d9:8a:8e:3e:66:f9: 1f:cc:d4:0e:ee:f0:c9:c1:3a:a5:63:40:d7:99:49:50:1f:e1: 7d:8c:3a:0f:35:bb:a1:27:1c:57:e9:28:51:c1:94:1a:2e:78: c8:f3:f0:32 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAufBzEcpiQv5Oztwqo6/1qdZ/TQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDUyZDI2OGY4NjExM2U0MjU5YWNjYTljMmNiZDNlMGE1MDgzNWIyMTQ5YzU0 YjNhMGIzNTdmODg0NjEyYTA0ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsUAJGHMXb9IN+5d4aY22u8QNBcbv96pw0LUozgIZ0Q9451WI0KfxzL/JhR nzodRbLbPxBEdv4Kg0TwdESdfGp8EUfcs2S1iH6cHwU1pW1uZZoEpcVgP1bqZZ99 Q63+DPRYogYn6C0GzPnFWKuVDNcPBgJK8i7mXJcxURg75tc+vpQRpGiStdOCXw6y vEhVlfAUVSXZ/oYueQYI+5fVAaN+a5cEXzldA5iJPyUQv/oL+3/cfJkNsW56TjpA liOxjmcp6FFQ5w8LijJ/3SrODfF0xcUs9SuPberprGxfNbN6Jms0mpXmGDd3YwUw Yr2a8DyCpI4HOWZHngI1qhPW480CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTek4NQ wEcc/69Fuf2BjbzNDN/ERTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWQzNjNjNjctZmY4My00NmFhLTk0NzQtZGUwMmUzODI5NDZiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGw MA0GCSqGSIb3DQEBCwUAA4IBAQCKcAaW/d5/MOf20kU6GG1ea+VqMewHRyCqk5Eb ni2n/f/iVfd3DxqbOqO2X/Ocay4V/49lzsndoyGe8bHbCsxV3Mb10+mYvZl45gp+ J3dQhZJ8EBgd60WHNhrlW3rm6ZssQepBNw9qiyqQmYc1LPpKaBAiYY+5u/psZq1a bY9BRPjjX/XW5WCZi2wb/tsbHP7vcjjQvb+bqvcc7nmsBSCVBAc/SgeQkRDt+MOZ 8suMuj7a8ZAm9dsjaG4ty36rUF0aLx+az4CKBEXBBN7SHt42jkLZio4+ZvkfzNQO 7vDJwTqlY0DXmUlQH+F9jDoPNbuhJxxX6ShRwZQaLnjI8/Ay -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:30 2025 by rpki-client