This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa File: b8a24699-2493-4e45-8227-bd2ec32f88ab.roa (raw, json) Hash identifier: YbJWEPRXc1Ke+pmdtwzPTfUzoPiE8hi2CQujpAZF03c= Subject key identifier: 86:63:68:D5:59:45:F6:F2:F5:F7:FB:9A:50:70:04:75:1F:28:03:DD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 78B06AFDDE46327423852FDED8DA831FDE1B4661 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa Signing time: Sat 15 Nov 2025 06:30:16 +0000 ROA not before: Sat 15 Nov 2025 06:30:16 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:b0:6a:fd:de:46:32:74:23:85:2f:de:d8:da:83:1f:de:1b:46:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:16 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6ed25a475d3d9520564b3097d85be8e48733ae87f5259d313958bf0b9971b7ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:c2:9f:31:db:31:f5:21:30:27:00:0d:2a:b7: 94:15:a7:9a:8b:6d:0a:1f:a2:83:63:f7:24:a0:bd: 96:7c:53:79:98:26:9d:2a:09:e4:40:9c:f1:15:02: 58:12:39:3a:44:65:b7:18:9d:4b:7f:c9:f7:87:51: b0:fd:aa:11:23:3a:ca:56:82:b5:83:6e:0f:21:99: 6c:af:84:db:7f:e0:f8:45:a6:9b:a7:91:13:dc:0d: 88:0a:74:bc:65:46:fa:6e:2c:fa:17:eb:73:61:3e: 2e:f4:0d:5a:38:68:44:13:33:04:f9:64:d0:48:11: 60:8f:38:b0:e4:8a:9f:b1:1d:98:ae:de:59:19:a8: ed:18:24:90:96:9f:5d:6b:27:fb:86:7b:05:15:d0: 2d:1e:fe:22:1f:bd:99:89:ad:6b:68:93:d7:5a:54: c6:79:af:26:01:f7:ba:c2:29:37:40:9c:d2:e2:87: cc:6e:c5:68:24:8e:04:b7:ce:31:45:23:80:da:46: 59:c8:3c:a0:e5:c9:79:ad:ca:c3:e4:16:95:3d:29: 4e:02:53:bb:88:1b:be:46:b9:0d:bf:79:0f:da:19: e9:13:05:6a:4d:3f:30:2b:90:ea:fa:25:83:a3:f9: 13:a8:71:e1:ca:03:b5:de:c8:25:72:96:0d:94:87: e0:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:63:68:D5:59:45:F6:F2:F5:F7:FB:9A:50:70:04:75:1F:28:03:DD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:10c0::/48 Signature Algorithm: sha256WithRSAEncryption a7:cb:f9:09:cb:d6:7e:e1:4d:1b:44:78:fc:aa:42:44:52:04: 77:71:79:8c:b5:50:04:b5:d7:c1:cd:d4:0f:cf:ad:53:bb:7f: 89:b6:fa:43:a2:e6:3d:e8:cc:aa:83:26:81:46:be:de:de:88: c0:ba:5b:be:b8:6d:68:d7:21:11:b3:1e:e2:e5:19:d4:09:f9: 91:c8:e3:4b:07:84:dc:84:89:0f:16:f8:a4:3f:af:a1:ec:49: 5b:a4:09:55:25:4b:9e:0c:4b:0a:60:1e:62:bb:74:6f:f9:26: 8a:f2:96:3a:18:54:20:13:6b:a5:18:08:9c:ab:7f:34:73:d6: 29:a4:5c:e5:d9:c9:9a:5f:91:44:9e:88:7f:15:36:ea:85:40: 7d:a9:86:c8:b5:66:83:0a:3b:cf:35:3c:4d:1f:62:a9:1c:27: 35:f7:8d:71:27:4b:ca:ad:ba:01:4f:fc:13:b8:1e:aa:41:99: 22:9e:44:44:99:c2:6f:c2:f7:b3:dc:01:9a:36:ff:87:ec:30: b7:8a:e9:6b:f5:41:70:b0:10:c9:13:95:ab:d9:94:77:00:f8: 7b:d1:78:eb:0a:b7:14:dd:bd:6f:d8:82:0e:f6:44:a0:7d:eb: 5c:d4:99:ff:c7:21:a9:76:42:3b:5c:19:87:30:49:d6:3f:eb: 5e:46:88:26 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUeLBq/d5GMnQjhS/e2NqDH94bRmEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMTZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDZlZDI1YTQ3NWQzZDk1MjA1NjRiMzA5N2Q4NWJlOGU0ODczM2FlODdmNTI1 OWQzMTM5NThiZjBiOTk3MWI3Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/CnzHbMfUhMCcADSq3lBWnmottCh+ig2P3JKC9lnxTeZgmnSoJ5ECc8RUC WBI5OkRltxidS3/J94dRsP2qESM6ylaCtYNuDyGZbK+E23/g+EWmm6eRE9wNiAp0 vGVG+m4s+hfrc2E+LvQNWjhoRBMzBPlk0EgRYI84sOSKn7EdmK7eWRmo7RgkkJaf XWsn+4Z7BRXQLR7+Ih+9mYmta2iT11pUxnmvJgH3usIpN0Cc0uKHzG7FaCSOBLfO MUUjgNpGWcg8oOXJea3Kw+QWlT0pTgJTu4gbvka5Db95D9oZ6RMFak0/MCuQ6vol g6P5E6hx4coDtd7IJXKWDZSH4GMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSGY2jV WUX28vX3+5pQcAR1HygD3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjhhMjQ2OTktMjQ5My00ZTQ1LTgyMjctYmQyZWMzMmY4OGFiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q wDANBgkqhkiG9w0BAQsFAAOCAQEAp8v5CcvWfuFNG0R4/KpCRFIEd3F5jLVQBLXX wc3UD8+tU7t/ibb6Q6LmPejMqoMmgUa+3t6IwLpbvrhtaNchEbMe4uUZ1An5kcjj SweE3ISJDxb4pD+voexJW6QJVSVLngxLCmAeYrt0b/kmivKWOhhUIBNrpRgInKt/ NHPWKaRc5dnJml+RRJ6IfxU26oVAfamGyLVmgwo7zzU8TR9iqRwnNfeNcSdLyq26 AU/8E7geqkGZIp5ERJnCb8L3s9wBmjb/h+wwt4rpa/VBcLAQyROVq9mUdwD4e9F4 6wq3FN29b9iCDvZEoH3rXNSZ/8chqXZCO1wZhzBJ1j/rXkaIJg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:31 2025 by rpki-client