This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json) Hash identifier: ENDVUDCgsBMxjlwpVGEemnifNNOEPmzrks9UbX1hxa8= Subject key identifier: FD:BC:D9:82:D4:7D:20:B3:8C:A3:D8:A8:79:7E:90:A2:F2:AA:F9:42 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 66FB8F5444080234549A74612DB384F002F53831 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa Signing time: Wed 10 Dec 2025 06:20:47 +0000 ROA not before: Wed 10 Dec 2025 06:20:47 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:2080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:fb:8f:54:44:08:02:34:54:9a:74:61:2d:b3:84:f0:02:f5:38:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:47 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=45c085c13ecc7946efd6b6c3497f41b74323e8b128928591fc85e1ae9011b5ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6d:ec:ae:f4:c5:cf:e4:3a:73:46:23:d7:51: ee:98:cd:a7:32:17:20:82:9e:a9:30:5c:d1:51:5f: c6:7c:0c:a9:d2:cd:be:e5:53:01:9b:0a:0d:81:dc: 35:25:8f:e9:e3:6f:73:07:ac:24:39:7b:cf:02:44: 60:a3:f2:fd:6e:04:c2:6e:7f:69:77:60:71:f5:49: 71:f8:94:02:8c:9d:f9:b2:f0:00:24:2c:27:aa:63: dd:6f:1f:7c:8e:e4:21:65:5b:67:af:bc:31:d1:4f: a0:bc:0f:35:0a:58:2d:95:df:03:cd:5d:a6:25:18: 68:60:80:df:26:b3:1c:05:53:a8:f9:40:63:d1:f3: 34:d9:23:42:79:c3:d5:41:85:34:e5:35:32:8b:48: 13:34:db:94:a9:b7:bf:a8:cf:c7:77:48:a9:86:8f: d2:04:df:6c:52:47:8f:9f:a0:db:16:15:bc:e6:48: c5:40:1a:63:f8:f8:5c:7a:a9:0b:65:38:30:e9:ce: 29:dd:dc:cf:5b:40:bd:eb:2d:b0:6c:9e:39:72:da: 60:e4:f3:fc:26:f0:26:ec:1e:32:f7:4b:14:f1:5a: 86:42:9c:e3:7b:d6:04:74:41:36:f3:64:47:9a:f8: a7:36:3d:59:7c:64:84:81:50:67:86:b4:7d:cc:ff: b8:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:BC:D9:82:D4:7D:20:B3:8C:A3:D8:A8:79:7E:90:A2:F2:AA:F9:42 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:2080::/48 Signature Algorithm: sha256WithRSAEncryption 2c:e4:d3:5b:82:8c:47:d2:01:ea:99:c0:b0:31:24:53:89:87: 24:dd:46:b0:47:eb:b8:b5:ab:b5:7d:11:62:60:ee:39:9c:57: 44:bc:f3:b7:e3:42:bf:be:13:c5:cc:17:c5:15:d6:5a:47:09: d9:da:86:2c:de:af:68:0a:82:d5:3c:d2:16:0e:e0:f2:59:72: bf:27:2c:40:2f:45:db:d4:aa:c0:4c:9d:09:ae:46:14:96:ef: ad:f6:1e:28:3b:00:45:f5:91:d4:84:98:4f:3e:6b:34:13:8e: 74:de:64:a9:8d:00:02:27:99:af:35:99:de:a6:c4:28:9c:e3: 4d:f0:99:de:9a:0e:3f:d8:b0:d6:a1:f0:1d:89:f2:24:45:a9: 71:11:96:ad:3a:b9:76:7e:b4:29:0a:13:80:82:81:ed:04:ca: ba:f7:95:52:bc:ad:e3:a0:3a:8a:a2:e1:d2:b7:94:26:70:d4: 8a:2b:ca:88:b9:44:7d:e7:cd:27:f4:65:37:25:f3:3a:7e:4a: b0:42:a0:b5:0c:fc:c0:0d:c0:de:97:51:62:90:47:29:b3:41: 6a:8d:8b:47:fe:f3:df:2f:39:e0:8f:90:be:23:71:d2:76:2e: 11:5d:4a:54:b3:85:7d:2a:42:fb:15:bb:c3:5e:87:0e:df:df: dd:8e:ad:af -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUZvuPVEQIAjRUmnRhLbOE8AL1ODEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ1YzA4NWMxM2VjYzc5NDZlZmQ2YjZjMzQ5N2Y0MWI3NDMyM2U4YjEyODky ODU5MWZjODVlMWFlOTAxMWI1ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtt7K70xc/kOnNGI9dR7pjNpzIXIIKeqTBc0VFfxnwMqdLNvuVTAZsKDYHc NSWP6eNvcwesJDl7zwJEYKPy/W4Ewm5/aXdgcfVJcfiUAoyd+bLwACQsJ6pj3W8f fI7kIWVbZ6+8MdFPoLwPNQpYLZXfA81dpiUYaGCA3yazHAVTqPlAY9HzNNkjQnnD 1UGFNOU1MotIEzTblKm3v6jPx3dIqYaP0gTfbFJHj5+g2xYVvOZIxUAaY/j4XHqp C2U4MOnOKd3cz1tAvestsGyeOXLaYOTz/CbwJuweMvdLFPFahkKc43vWBHRBNvNk R5r4pzY9WXxkhIFQZ4a0fcz/uBUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT9vNmC 1H0gs4yj2Kh5fpCi8qr5QjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g gDANBgkqhkiG9w0BAQsFAAOCAQEALOTTW4KMR9IB6pnAsDEkU4mHJN1GsEfruLWr tX0RYmDuOZxXRLzzt+NCv74TxcwXxRXWWkcJ2dqGLN6vaAqC1TzSFg7g8llyvycs QC9F29SqwEydCa5GFJbvrfYeKDsARfWR1ISYTz5rNBOOdN5kqY0AAieZrzWZ3qbE KJzjTfCZ3poOP9iw1qHwHYnyJEWpcRGWrTq5dn60KQoTgIKB7QTKuveVUryt46A6 iqLh0reUJnDUiivKiLlEfefNJ/RlNyXzOn5KsEKgtQz8wA3A3pdRYpBHKbNBao2L R/7z3y854I+QviNx0nYuEV1KVLOFfSpC+xW7w16HDt/f3Y6trw== -----END CERTIFICATE-----Generated at Mon Dec 15 15:35:20 2025 by rpki-client