This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa File: afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa (raw, json) Hash identifier: 2U7Y8cs88UmL+9Na9PV320mtmpJyWCF/BIrOAPH9QIY= Subject key identifier: 01:D1:44:C4:40:D4:F7:B0:E5:60:F6:AA:7D:B2:F7:59:4D:6A:77:1A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 38AAF2893A35253CD85F9F685A79A5600C5EC3EE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa Signing time: Wed 12 Nov 2025 03:00:06 +0000 ROA not before: Wed 12 Nov 2025 03:00:06 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d035:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:aa:f2:89:3a:35:25:3c:d8:5f:9f:68:5a:79:a5:60:0c:5e:c3:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 12 03:00:06 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=7891cc1411dad2cb6cbd7d9a9d323a16bf3f9cd1f9af7c21335ae6b215aeac4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a4:a1:bb:e0:0b:31:9c:80:32:39:05:9c:dd: cf:c0:6a:d4:63:5c:7d:c4:07:23:5d:55:f6:33:c5: c3:e6:40:11:3d:4a:22:73:18:9d:8e:a2:24:ce:71: c7:bd:e3:dd:77:79:96:bd:7a:b8:56:29:d0:1a:9a: ad:69:a0:53:08:78:01:a1:a3:38:e6:a3:f7:af:98: b3:ab:ae:0d:cc:8b:5e:88:a8:3f:8c:cf:da:2d:33: fe:8c:99:fd:a7:64:45:dc:12:e1:94:ea:0f:cf:18: 9b:e9:66:ba:1b:f3:d4:92:e5:21:eb:28:58:01:fa: de:df:f0:1a:02:31:47:9b:14:c8:0b:87:76:1f:42: ac:bc:04:df:04:7c:42:d7:dc:7c:97:1c:59:d2:d5: 69:da:9d:43:f7:8d:d8:41:6d:a5:46:6b:4d:3e:54: ab:80:2e:07:69:6d:a1:9f:e6:54:7b:35:04:85:5e: 45:1d:7c:1a:55:a8:9d:02:7b:02:97:74:bc:8b:d4: 45:f7:1f:87:13:b5:8f:bf:c4:3c:98:af:97:9f:f0: 32:b5:c3:d1:95:b8:fd:7e:cf:08:05:c5:eb:13:d6: cd:66:92:89:11:8f:8f:fe:34:ed:42:60:01:1b:56: 4b:13:d8:58:45:2e:b9:d1:86:e9:36:e8:63:17:3d: 87:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:D1:44:C4:40:D4:F7:B0:E5:60:F6:AA:7D:B2:F7:59:4D:6A:77:1A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d035:9000::/40 Signature Algorithm: sha256WithRSAEncryption 62:d2:9e:0b:9c:2e:31:68:c1:d7:7f:3d:4e:ab:35:63:b6:51: 27:c5:e8:d6:a5:c2:8e:9b:71:92:89:10:d1:a3:d0:85:04:47: 86:46:0b:e2:e8:74:01:5c:c0:58:c2:8b:98:cf:a9:71:ee:6f: 05:be:3e:4e:6d:aa:23:be:3e:30:2e:4a:48:8a:5a:48:f5:6c: c1:b7:ef:81:0f:e1:ab:dc:31:c3:07:39:82:c4:3f:dc:0e:f1: be:2f:0a:eb:c7:db:2a:2f:a1:7f:24:67:6f:e8:a6:c6:f9:b3: a4:0e:fe:00:50:e0:44:d8:be:5a:d1:e7:85:25:11:32:4f:a1: ea:fe:5d:db:5d:19:2b:0e:ca:14:6f:ee:e9:9c:a2:e8:cc:36: a9:e1:ae:ec:0f:16:a8:47:4c:a2:69:02:31:28:58:f5:8b:e1: 5f:72:e9:69:0a:7f:0d:90:cb:41:51:57:25:c7:89:25:80:56: c4:f0:b4:bf:f2:a0:cf:bf:42:d0:c0:6c:d7:9c:33:a6:78:e2: 3a:06:92:38:de:93:4c:2e:80:2c:eb:d4:68:e5:75:b7:7c:d1: c8:a0:15:01:43:cb:03:a7:71:ca:67:94:d8:96:0c:66:20:9f: 56:0e:04:fe:f4:40:0b:de:86:9d:ca:88:c6:26:b2:dc:1e:a1: 55:96:2e:fd -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOKryiTo1JTzYX59oWnmlYAxew+4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTIwMzAwMDZaFw0yNTEyMTcyMzU5NTlaMHoxSTBHBgNV BAUTQDc4OTFjYzE0MTFkYWQyY2I2Y2JkN2Q5YTlkMzIzYTE2YmYzZjljZDFmOWFm N2MyMTMzNWFlNmIyMTVhZWFjNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWkobvgCzGcgDI5BZzdz8Bq1GNcfcQHI11V9jPFw+ZAET1KInMYnY6iJM5x x73j3Xd5lr16uFYp0BqarWmgUwh4AaGjOOaj96+Ys6uuDcyLXoioP4zP2i0z/oyZ /adkRdwS4ZTqD88Ym+lmuhvz1JLlIesoWAH63t/wGgIxR5sUyAuHdh9CrLwE3wR8 QtfcfJccWdLVadqdQ/eN2EFtpUZrTT5Uq4AuB2ltoZ/mVHs1BIVeRR18GlWonQJ7 Apd0vIvURfcfhxO1j7/EPJivl5/wMrXD0ZW4/X7PCAXF6xPWzWaSiRGPj/407UJg ARtWSxPYWEUuudGG6TboYxc9h+ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQB0UTE QNT3sOVg9qp9svdZTWp3GjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWZkMjNjMzctNGMyNC00OWFjLWJhZjYtMWMzYTlhMmQwNTEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWQ MA0GCSqGSIb3DQEBCwUAA4IBAQBi0p4LnC4xaMHXfz1OqzVjtlEnxejWpcKOm3GS iRDRo9CFBEeGRgvi6HQBXMBYwouYz6lx7m8Fvj5Obaojvj4wLkpIilpI9WzBt++B D+Gr3DHDBzmCxD/cDvG+Lwrrx9sqL6F/JGdv6KbG+bOkDv4AUOBE2L5a0eeFJREy T6Hq/l3bXRkrDsoUb+7pnKLozDap4a7sDxaoR0yiaQIxKFj1i+FfculpCn8NkMtB UVclx4klgFbE8LS/8qDPv0LQwGzXnDOmeOI6BpI43pNMLoAs69Ro5XW3fNHIoBUB Q8sDp3HKZ5TYlgxmIJ9WDgT+9EAL3oadyojGJrLcHqFVli79 -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:39 2025 by rpki-client