This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4811639-eec3-4653-a07b-9777ebef5f33.roa File: b4811639-eec3-4653-a07b-9777ebef5f33.roa (raw, json) Hash identifier: t9tY28iuEL5lnWiz+pp6KlvZgxMTiY+kEb8wRBBsWe8= Subject key identifier: F2:69:64:EA:EF:0A:AA:B0:01:A1:0B:98:F6:79:E3:6F:7F:E9:E8:1D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 16CD601A623A0655750D1DC96A91359C7072AA09 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4811639-eec3-4653-a07b-9777ebef5f33.roa Signing time: Sat 29 Nov 2025 03:00:37 +0000 ROA not before: Sat 29 Nov 2025 03:00:37 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d059:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:cd:60:1a:62:3a:06:55:75:0d:1d:c9:6a:91:35:9c:70:72:aa:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:37 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=5f4482d4cda0391b7d08dcc840ababb4b80e929429d0e55e952b2a0e237661d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:e4:07:19:c8:2f:ce:d6:d1:0e:d1:8c:c7:0e: 89:e3:c8:50:74:ae:f4:96:d9:33:78:96:50:66:e3: db:1b:12:4a:0e:61:46:6e:c8:70:9a:e4:e7:03:fe: b1:a3:95:69:8d:bd:9e:6d:0b:b5:be:5d:38:0e:61: 87:e4:c4:f8:c5:0e:f7:2a:ff:24:0e:af:6e:20:19: a8:ef:1c:d8:00:43:9d:c2:52:da:34:ad:33:d1:10: 3a:45:71:6f:fa:74:f2:65:85:da:5e:98:11:95:f6: c3:b9:b2:f3:c3:bf:0b:4c:b6:30:f8:97:55:4b:d6: 71:4b:27:85:56:7b:62:f0:8e:05:dc:51:88:48:b3: 95:17:59:82:76:61:28:ac:77:3a:1f:5d:91:b1:59: 12:6d:8b:b4:69:26:39:6f:1f:53:7b:2a:78:1a:d2: 5e:db:45:32:8d:59:af:0c:1e:d3:3c:24:91:d2:dc: 79:d4:1a:05:8d:bc:14:88:19:17:40:5c:05:cd:72: 5c:62:8a:07:01:40:89:3d:f8:f2:ad:21:a0:82:6e: 1e:7c:c2:62:a8:61:6d:3b:de:62:2b:fe:29:45:6d: a3:98:df:0d:90:28:97:bc:e9:f0:88:63:97:71:da: 7f:9e:16:02:c7:7b:43:a3:79:9f:2f:d2:d7:d2:0b: 5f:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:69:64:EA:EF:0A:AA:B0:01:A1:0B:98:F6:79:E3:6F:7F:E9:E8:1D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4811639-eec3-4653-a07b-9777ebef5f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:1000::/40 Signature Algorithm: sha256WithRSAEncryption 17:b7:39:18:47:99:47:6f:e6:b4:38:23:99:22:d2:04:4d:92: bc:87:b7:6c:90:db:ff:21:0c:5b:64:53:f5:c2:f0:08:f4:37: cd:48:32:08:ef:6e:db:76:00:ce:90:14:4c:38:bf:69:59:28: 8e:53:d3:01:9a:18:d9:68:aa:68:3b:c0:48:19:72:f6:41:da: 8f:6c:f3:95:e3:5f:49:b1:7f:1b:bf:05:2c:8d:f9:57:df:81: 17:98:2f:68:c8:34:56:89:8c:64:f1:23:8b:7d:ec:4c:e1:6b: 4d:fe:da:5f:8f:a9:7f:e9:14:51:c0:40:b5:0d:29:5c:de:22: 4d:a7:2c:ab:e9:84:9f:85:f6:2f:35:99:0d:c7:c7:5c:31:a8: 6c:b4:6b:f9:35:6c:d0:88:4d:35:99:ca:ea:fb:73:62:14:ef: 47:0b:fd:41:bf:27:b5:31:c4:9a:ff:2a:bd:53:86:c6:e7:bb: 3b:fa:27:ca:98:bd:c0:31:10:e5:55:10:9a:e6:1c:ac:40:ff: 78:c6:4f:96:12:ec:cd:c0:4c:2e:22:f9:4f:5a:c9:18:82:12: 7d:b2:7b:60:f9:82:52:86:55:c9:55:b9:1c:1b:f9:71:cd:61: 36:fb:cb:53:af:6c:2c:2a:77:32:17:12:f6:fd:b8:7b:f5:96: 9e:27:81:58 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFs1gGmI6BlV1DR3JapE1nHByqgkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMzdaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDVmNDQ4MmQ0Y2RhMDM5MWI3ZDA4ZGNjODQwYWJhYmI0YjgwZTkyOTQyOWQw ZTU1ZTk1MmIyYTBlMjM3NjYxZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANvkBxnIL87W0Q7RjMcOiePIUHSu9JbZM3iWUGbj2xsSSg5hRm7IcJrk5wP+ saOVaY29nm0Ltb5dOA5hh+TE+MUO9yr/JA6vbiAZqO8c2ABDncJS2jStM9EQOkVx b/p08mWF2l6YEZX2w7my88O/C0y2MPiXVUvWcUsnhVZ7YvCOBdxRiEizlRdZgnZh KKx3Oh9dkbFZEm2LtGkmOW8fU3sqeBrSXttFMo1Zrwwe0zwkkdLcedQaBY28FIgZ F0BcBc1yXGKKBwFAiT348q0hoIJuHnzCYqhhbTveYiv+KUVto5jfDZAol7zp8Ihj l3Haf54WAsd7Q6N5ny/S19ILX+kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyaWTq 7wqqsAGhC5j2eeNvf+noHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjQ4MTE2MzktZWVjMy00NjUzLWEwN2ItOTc3N2ViZWY1ZjMzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkQ MA0GCSqGSIb3DQEBCwUAA4IBAQAXtzkYR5lHb+a0OCOZItIETZK8h7dskNv/IQxb ZFP1wvAI9DfNSDII727bdgDOkBRMOL9pWSiOU9MBmhjZaKpoO8BIGXL2QdqPbPOV 419JsX8bvwUsjflX34EXmC9oyDRWiYxk8SOLfexM4WtN/tpfj6l/6RRRwEC1DSlc 3iJNpyyr6YSfhfYvNZkNx8dcMahstGv5NWzQiE01mcrq+3NiFO9HC/1Bvye1McSa /yq9U4bG57s7+ifKmL3AMRDlVRCa5hysQP94xk+WEuzNwEwuIvlPWskYghJ9sntg +YJShlXJVbkcG/lxzWE2+8tTr2wsKncyFxL2/bh79ZaeJ4FY -----END CERTIFICATE-----Generated at Sat Dec 6 17:35:04 2025 by rpki-client