This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json) Hash identifier: le2tCvpkD2rfF1Il6GtcEfHrKlDyn6zcVT9EtdTn3jU= Subject key identifier: DA:D7:34:F9:D8:27:96:B5:D5:27:F8:6C:17:F9:92:5E:FB:40:7C:79 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 107FDAEE5489E09267BEC93AD8C4CB4E9C941252 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa Signing time: Sat 15 Nov 2025 06:00:13 +0000 ROA not before: Sat 15 Nov 2025 06:00:13 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:7f:da:ee:54:89:e0:92:67:be:c9:3a:d8:c4:cb:4e:9c:94:12:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:13 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=cec2800c86ca4194ae668a849cb723e35a3ffad3edd9f2f6d51e04f7935d3230, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:31:54:21:af:0e:3d:05:82:eb:7e:d2:13:4a: 37:52:16:24:c9:50:47:bc:fe:7d:e1:c8:02:d4:b7: 15:21:6f:19:d0:dc:6e:3f:b9:ee:45:84:dc:fc:fa: 89:78:6c:56:82:92:db:49:3c:27:cc:b4:8b:97:26: fe:4d:dc:a8:12:71:e4:06:f4:4a:fe:7a:55:6c:07: 0a:a9:9b:95:98:4c:27:e3:ba:24:3d:37:c5:38:f6: 8a:b0:14:8d:c3:83:f5:e0:45:02:1a:5f:5b:a4:72: f5:83:1b:03:6b:77:c2:0d:ce:a5:f8:56:c3:aa:81: ee:de:b4:17:47:c1:6c:07:3c:7c:36:61:9e:eb:ec: f7:51:58:ac:87:93:be:2f:03:d7:9c:75:cb:7c:c3: 53:94:f9:af:02:e0:94:21:bb:7e:ad:9d:48:d1:af: 55:42:e2:f4:db:9c:11:bf:37:28:c4:86:7d:b6:d7: c4:f9:01:35:72:5d:ec:b2:2b:90:0e:24:d2:8c:da: 17:49:df:8e:d8:d6:32:fe:f6:55:92:a3:4d:72:3b: a1:b2:78:9c:e0:f1:13:06:8e:97:a8:91:bc:77:d8: c3:ff:c6:15:38:52:5a:e2:5c:52:5d:37:9b:ab:96: a0:0f:44:32:46:73:a6:81:45:b3:cc:8a:4c:49:16: ab:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:D7:34:F9:D8:27:96:B5:D5:27:F8:6C:17:F9:92:5E:FB:40:7C:79 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:4000::/40 Signature Algorithm: sha256WithRSAEncryption 55:22:c0:7d:dc:5f:a3:96:c4:d1:f3:f2:b6:7d:2d:54:10:4d: af:ca:cb:d6:7d:a7:99:11:2a:1c:bd:07:e4:e2:07:e4:0f:cd: fc:1f:37:dc:fc:f5:e7:92:15:4e:85:b0:f8:c5:ba:6e:99:d7: f9:16:59:21:b5:7c:d3:0b:c4:06:ee:12:6b:43:a8:67:7d:37: 54:c7:5a:48:b7:a0:d8:37:14:75:d8:6d:49:82:f6:e3:c3:85: 8f:7e:77:84:db:f8:e0:94:18:34:23:69:36:05:e1:5a:d3:70: d6:74:e2:4e:66:83:af:a4:61:fe:4e:bc:45:a4:63:39:36:e8: 88:a9:32:c0:94:c6:13:00:83:4a:11:03:bc:ca:3e:99:9b:9e: c0:a8:13:c3:d0:7b:96:54:52:88:97:b8:db:c4:07:49:2d:90: 5a:19:4a:7e:c4:d0:39:03:b1:f7:7c:b7:3c:af:c6:0f:27:5d: 1b:83:72:0f:50:61:88:74:4f:2d:6a:b5:f2:b0:d4:89:0d:88: 33:95:09:e7:84:9c:60:a8:a0:1a:2b:4b:7b:39:b0:5c:40:6c: c3:01:7d:94:8d:95:99:c0:e7:6a:0d:06:cf:53:5b:c1:a1:82: ae:57:5f:64:1f:ac:3a:c3:e3:a1:6a:82:4b:26:ac:9b:ed:fa: 15:fa:4f:c9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEH/a7lSJ4JJnvsk62MTLTpyUElIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMTNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGNlYzI4MDBjODZjYTQxOTRhZTY2OGE4NDljYjcyM2UzNWEzZmZhZDNlZGQ5 ZjJmNmQ1MWUwNGY3OTM1ZDMyMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPQxVCGvDj0Fgut+0hNKN1IWJMlQR7z+feHIAtS3FSFvGdDcbj+57kWE3Pz6 iXhsVoKS20k8J8y0i5cm/k3cqBJx5Ab0Sv56VWwHCqmblZhMJ+O6JD03xTj2irAU jcOD9eBFAhpfW6Ry9YMbA2t3wg3OpfhWw6qB7t60F0fBbAc8fDZhnuvs91FYrIeT vi8D15x1y3zDU5T5rwLglCG7fq2dSNGvVULi9NucEb83KMSGfbbXxPkBNXJd7LIr kA4k0ozaF0nfjtjWMv72VZKjTXI7obJ4nODxEwaOl6iRvHfYw//GFThSWuJcUl03 m6uWoA9EMkZzpoFFs8yKTEkWqysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTa1zT5 2CeWtdUn+GwX+ZJe+0B8eTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A MA0GCSqGSIb3DQEBCwUAA4IBAQBVIsB93F+jlsTR8/K2fS1UEE2vysvWfaeZESoc vQfk4gfkD838Hzfc/PXnkhVOhbD4xbpumdf5FlkhtXzTC8QG7hJrQ6hnfTdUx1pI t6DYNxR12G1Jgvbjw4WPfneE2/jglBg0I2k2BeFa03DWdOJOZoOvpGH+TrxFpGM5 NuiIqTLAlMYTAINKEQO8yj6Zm57AqBPD0HuWVFKIl7jbxAdJLZBaGUp+xNA5A7H3 fLc8r8YPJ10bg3IPUGGIdE8tarXysNSJDYgzlQnnhJxgqKAaK0t7ObBcQGzDAX2U jZWZwOdqDQbPU1vBoYKuV19kH6w6w+OhaoJLJqyb7foV+k/J -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:41 2025 by rpki-client