This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8f63940-d674-4d8d-868b-853d00b0d422.roa File: b8f63940-d674-4d8d-868b-853d00b0d422.roa (raw, json) Hash identifier: vq7mpuPpMQSdbuflAZrrEE5XbVNV+xRoyfNanKwlwgg= Subject key identifier: 95:4A:97:C9:FF:B6:03:DC:35:DC:10:A9:D9:C2:37:0B:6D:D1:DF:81 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2CE92E48798D6A9E618D46E9A72FDAE35F47D332 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8f63940-d674-4d8d-868b-853d00b0d422.roa Signing time: Sun 23 Nov 2025 01:30:31 +0000 ROA not before: Sun 23 Nov 2025 01:30:31 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:e9:2e:48:79:8d:6a:9e:61:8d:46:e9:a7:2f:da:e3:5f:47:d3:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:31 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=6b80af06237444dcf1e09b50c290fa3cf78121189f54d76430269d79fe4003e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:d9:3d:5d:b9:59:08:67:e2:bb:41:ee:08:96: 4f:d1:ad:0d:f3:a6:14:71:ff:7a:29:67:39:30:c6: 2e:a3:2e:27:fb:fd:64:ab:48:25:1a:cd:4a:1c:cf: b7:55:1a:9d:86:63:f1:bd:22:17:4d:f7:e1:01:ac: e7:83:46:92:58:ee:12:ab:39:3e:8e:e4:c4:34:19: cc:2d:59:c8:44:ac:dc:48:3f:ea:09:a5:67:20:4f: 67:57:58:b2:d3:6b:82:b8:08:98:36:35:25:56:34: d2:73:70:b8:40:7b:db:c9:b4:7a:8d:20:40:44:f1: c5:51:40:8c:82:fb:b0:f8:2f:3f:94:d7:d8:c2:3c: 9c:16:47:7b:28:34:44:39:05:f9:8c:18:88:26:a8: 3c:ad:35:ae:c0:c4:98:5a:02:5e:a9:63:b9:87:ac: 84:b0:7a:ce:bc:d8:70:96:f6:37:0e:c8:6c:6d:ab: 65:d8:a0:1e:a0:a5:f7:31:fa:48:45:57:9c:57:ff: dd:1b:8e:ce:fc:a6:de:83:96:a6:64:60:2d:a1:3a: c5:43:2d:64:64:84:71:b7:3e:20:2a:2c:60:dc:16: 71:14:4e:fe:1c:3e:d4:7c:8f:f7:3f:5c:b4:01:81: ba:3c:af:a1:91:e8:7a:a1:ab:77:df:2d:ea:25:4a: bb:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:4A:97:C9:FF:B6:03:DC:35:DC:10:A9:D9:C2:37:0B:6D:D1:DF:81 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8f63940-d674-4d8d-868b-853d00b0d422.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:a000::/40 Signature Algorithm: sha256WithRSAEncryption 7c:99:e3:01:e7:9f:aa:60:cc:1b:8c:db:e0:ab:d1:46:34:5a: 9e:c1:88:2a:7c:3b:b2:af:71:90:3f:35:be:2b:1e:26:ca:3e: 1f:ea:ed:36:c1:83:07:d8:0e:b7:5b:7f:c9:50:85:3f:9f:a9: e9:ba:a8:26:ba:a3:9b:44:5f:f8:70:7e:2d:53:78:fb:ff:bf: 6a:46:5f:15:58:67:d7:66:5a:85:3b:28:38:e3:1a:fa:e0:be: 4a:b8:4d:dd:21:66:be:cd:5d:b1:35:01:5c:42:42:11:11:27: 15:b7:f8:a4:f3:b9:42:3e:ac:4e:09:d3:3c:2e:e0:90:7a:0d: 9d:d9:83:9b:04:c6:63:e1:1e:84:c0:5f:15:1c:46:84:b1:d9: e1:50:6b:aa:39:e0:02:a3:24:cb:25:e4:ab:2d:f4:aa:f6:c5: 29:e2:32:df:33:bd:43:f1:e5:c8:c9:8c:78:e4:9b:d9:6b:05: 5a:03:7d:c8:09:fc:65:4b:9c:d6:6a:05:d7:df:09:72:6d:24: 32:1a:9a:6b:2c:32:9d:c0:47:f5:bf:5f:8b:af:ed:74:c8:1d: 69:d7:a5:cb:cd:d4:2d:11:a4:b9:eb:5c:e5:5b:3d:88:5d:7c: 4b:cb:23:74:c2:27:c4:fe:f1:54:90:23:ef:56:97:0c:b6:52: c9:f3:fd:a1 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIULOkuSHmNap5hjUbppy/a419H0zIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMzFaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDZiODBhZjA2MjM3NDQ0ZGNmMWUwOWI1MGMyOTBmYTNjZjc4MTIxMTg5ZjU0 ZDc2NDMwMjY5ZDc5ZmU0MDAzZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIzZPV25WQhn4rtB7giWT9GtDfOmFHH/eilnOTDGLqMuJ/v9ZKtIJRrNShzP t1UanYZj8b0iF0334QGs54NGkljuEqs5Po7kxDQZzC1ZyESs3Eg/6gmlZyBPZ1dY stNrgrgImDY1JVY00nNwuEB728m0eo0gQETxxVFAjIL7sPgvP5TX2MI8nBZHeyg0 RDkF+YwYiCaoPK01rsDEmFoCXqljuYeshLB6zrzYcJb2Nw7IbG2rZdigHqCl9zH6 SEVXnFf/3RuOzvym3oOWpmRgLaE6xUMtZGSEcbc+ICosYNwWcRRO/hw+1HyP9z9c tAGBujyvoZHoeqGrd98t6iVKu6kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVSpfJ /7YD3DXcEKnZwjcLbdHfgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjhmNjM5NDAtZDY3NC00ZDhkLTg2OGItODUzZDAwYjBkNDIyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gqg MA0GCSqGSIb3DQEBCwUAA4IBAQB8meMB55+qYMwbjNvgq9FGNFqewYgqfDuyr3GQ PzW+Kx4myj4f6u02wYMH2A63W3/JUIU/n6npuqgmuqObRF/4cH4tU3j7/79qRl8V WGfXZlqFOyg44xr64L5KuE3dIWa+zV2xNQFcQkIREScVt/ik87lCPqxOCdM8LuCQ eg2d2YObBMZj4R6EwF8VHEaEsdnhUGuqOeACoyTLJeSrLfSq9sUp4jLfM71D8eXI yYx45JvZawVaA33ICfxlS5zWagXX3wlybSQyGpprLDKdwEf1v1+Lr+10yB1p16XL zdQtEaS561zlWz2IXXxLyyN0wifE/vFUkCPvVpcMtlLJ8/2h -----END CERTIFICATE-----Generated at Sat Dec 6 21:46:58 2025 by rpki-client