This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa File: b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa (raw, json) Hash identifier: 1PhClWq2hIVQXk9HsQlbl8kma9kK7xtKrCEhhF/lnSM= Subject key identifier: 19:C7:7E:F1:35:25:B6:4E:CD:4C:0C:6A:30:19:5A:45:D5:82:D8:57 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 202508670C24D87AF1E2AD5466CDE0633C529E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa Signing time: Sat 29 Nov 2025 03:00:22 +0000 ROA not before: Sat 29 Nov 2025 03:00:22 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:25:08:67:0c:24:d8:7a:f1:e2:ad:54:66:cd:e0:63:3c:52:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:22 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=a00463115cf8b0dd81e5a1064b357ca6029619dc68cad2da435e0a9a472407bb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e5:ca:db:b6:54:72:64:2d:05:8f:39:a9:a1: 45:55:18:b8:03:80:70:f6:a4:44:a6:6a:79:6d:7f: 75:52:74:0b:88:e3:61:d4:a6:21:57:de:71:59:02: c4:47:8b:23:c6:16:1f:75:2c:dd:ad:c6:34:e1:65: 47:18:87:ae:50:0e:98:dd:43:83:88:b7:54:8c:43: 18:ab:19:86:7c:2e:9e:77:c9:d9:9e:7e:47:57:62: ea:11:5f:b0:3b:c8:33:75:04:ba:f3:be:4f:8b:c0: 23:f2:13:52:da:64:ae:49:93:b3:6e:a3:fc:90:eb: cf:fa:74:45:58:ac:82:c5:e7:4f:ea:5d:a3:ef:18: c5:20:a4:27:70:04:93:f8:06:8c:79:5c:f1:21:3d: 68:bf:19:a4:b8:2f:93:06:a3:15:9e:0b:fc:c7:f4: 63:46:2f:a5:b7:51:2d:a2:72:a0:ae:69:89:ff:fd: f2:5c:4f:ce:02:2c:14:e1:3e:32:b1:f5:79:5e:71: 2f:ce:14:82:0e:da:2f:69:f3:5f:ae:7c:57:08:52: 9b:1c:fd:21:ca:d7:d0:f1:83:a6:b6:72:38:ea:53: 3b:1c:8e:34:aa:4d:78:6c:b1:c6:a3:1a:db:65:61: d9:3d:d1:f5:7c:46:6a:d7:c7:0b:0c:6b:6b:c7:ea: 97:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:C7:7E:F1:35:25:B6:4E:CD:4C:0C:6A:30:19:5A:45:D5:82:D8:57 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b89b3c5d-e121-4769-9f3e-0d4c4f0780db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:6000::/40 Signature Algorithm: sha256WithRSAEncryption c0:24:74:5e:88:4d:d4:3d:a5:f0:b0:95:c6:7f:3b:e8:de:26: 66:05:e8:c5:ac:38:ac:e9:3f:98:e3:86:0b:79:8a:36:26:8d: d9:fa:e7:4b:36:be:dc:f0:07:52:50:ae:f9:2a:68:cf:e3:9c: 1a:2d:2d:b1:2f:50:0a:31:a4:26:76:c0:0a:6e:e7:e9:fb:d4: 78:2b:0d:d5:ff:e7:de:7a:a0:47:57:59:14:4f:92:3e:06:2a: 5d:08:7a:da:5b:16:93:47:03:97:ac:e9:ba:38:b4:4b:0c:1b: 88:1c:9f:c0:8d:32:2b:96:a5:45:4d:6d:88:db:fb:61:d6:2b: 5d:e5:c4:d1:cf:52:de:ba:90:5b:8c:f9:60:1c:59:16:3e:ba: 9d:91:a5:ca:6b:a8:ac:89:9d:a0:3d:99:e9:69:fa:5e:2d:28: 06:f9:b5:57:a6:19:42:65:2f:dd:ec:f9:14:25:0d:5d:2c:cd: ac:63:05:c1:1a:4a:3a:f6:bf:01:d2:08:0e:f8:a5:6f:ef:66: 58:b3:b8:d1:ef:ed:90:39:a5:ad:6c:83:53:1c:65:1a:b4:50: 7b:ad:1e:17:ab:96:b3:c8:06:3d:88:a4:cf:90:9c:e7:49:a9: 0e:c2:ee:9c:39:e0:af:d0:d2:2c:dd:79:a7:49:59:f0:25:37: f8:39:08:03 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgITICUIZwwk2Hrx4q1UZs3gYzxSnjANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0 OTk3MGJjMB4XDTI1MTEyOTAzMDAyMloXDTI2MDIyNzIzNTk1OVowejFJMEcGA1UE BRNAYTAwNDYzMTE1Y2Y4YjBkZDgxZTVhMTA2NGIzNTdjYTYwMjk2MTlkYzY4Y2Fk MmRhNDM1ZTBhOWE0NzI0MDdiYjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3 LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzuXK27ZUcmQtBY85qaFFVRi4A4Bw9qREpmp5bX91UnQLiONh1KYhV95xWQLE R4sjxhYfdSzdrcY04WVHGIeuUA6Y3UODiLdUjEMYqxmGfC6ed8nZnn5HV2LqEV+w O8gzdQS6875Pi8Aj8hNS2mSuSZOzbqP8kOvP+nRFWKyCxedP6l2j7xjFIKQncAST +AaMeVzxIT1ovxmkuC+TBqMVngv8x/RjRi+lt1EtonKgrmmJ//3yXE/OAiwU4T4y sfV5XnEvzhSCDtovafNfrnxXCFKbHP0hytfQ8YOmtnI46lM7HI40qk14bLHGoxrb ZWHZPdH1fEZq18cLDGtrx+qX5wIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFBnHfvE1 JbZOzUwMajAZWkXVgthXMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8 MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9i ODliM2M1ZC1lMTIxLTQ3NjktOWYzZS0wZDRjNGYwNzgwZGIucm9hMIGIBgNVHR8E gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQWWAw DQYJKoZIhvcNAQELBQADggEBAMAkdF6ITdQ9pfCwlcZ/O+jeJmYF6MWsOKzpP5jj hgt5ijYmjdn650s2vtzwB1JQrvkqaM/jnBotLbEvUAoxpCZ2wApu5+n71HgrDdX/ 5956oEdXWRRPkj4GKl0IetpbFpNHA5es6bo4tEsMG4gcn8CNMiuWpUVNbYjb+2HW K13lxNHPUt66kFuM+WAcWRY+up2RpcprqKyJnaA9melp+l4tKAb5tVemGUJlL93s +RQlDV0szaxjBcEaSjr2vwHSCA74pW/vZlizuNHv7ZA5pa1sg1McZRq0UHutHher lrPIBj2IpM+QnOdJqQ7C7pw54K/Q0izdeadJWfAlN/g5CAM= -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:46 2025 by rpki-client