This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa File: ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa (raw, json) Hash identifier: CMAVcdiv5GxwZemP5jtKbp4+MFlrbrzDC6mlxLxeXzM= Subject key identifier: 10:B7:A0:2B:A3:A4:1C:99:EC:1D:2D:C6:93:11:E4:55:57:1C:12:E0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 755A74AA712A3CE7156EFB9D333EE8607F226E82 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa Signing time: Sat 15 Nov 2025 05:40:45 +0000 ROA not before: Sat 15 Nov 2025 05:40:45 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:5a:74:aa:71:2a:3c:e7:15:6e:fb:9d:33:3e:e8:60:7f:22:6e:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:45 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=2f163b674b85d33a97c0b246ec07d79bc6e9dcd083c3e7f679808b71cdbe5bbf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:16:3b:a7:c5:b4:03:78:c8:ba:fa:c1:6f:b6: 09:8a:01:ed:25:a8:e4:d0:76:31:47:65:9d:c1:29: 03:5b:1a:75:7e:81:ad:2b:26:2b:af:5f:09:69:4c: cf:91:c8:dc:7f:e1:3a:23:aa:22:12:0d:41:05:94: c8:ff:e1:c1:57:27:b7:d4:d5:75:15:7f:28:e7:7f: bd:f2:62:9c:d0:03:91:3b:0a:bb:10:77:16:97:cd: c7:ee:6f:90:e2:b3:ca:ef:19:c1:ed:54:6e:42:0b: 67:69:e7:24:dd:88:32:70:62:52:5c:b4:51:85:16: ba:22:04:7b:b6:a5:f8:9b:53:e8:a8:77:76:26:73: f8:e1:2c:3b:f1:d2:8d:5e:83:e2:05:73:72:e9:d1: 08:9b:b5:83:5b:29:e7:da:75:c5:8f:9d:d7:a4:27: b8:05:4d:d9:9e:b2:c4:c8:79:3c:87:7d:e2:9f:fc: 0d:7d:90:63:eb:74:e8:e5:c1:28:00:24:98:6c:6d: 24:ae:d9:d0:23:09:03:47:d7:cd:bf:f7:ca:3d:80: 6a:57:65:0c:45:15:8f:9e:31:72:94:d9:a6:48:8c: e8:15:69:8e:72:e0:5e:a3:f0:84:5e:37:1f:e4:84: 88:56:10:c5:84:6d:12:4f:ec:15:22:d6:d8:6f:59: f5:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:B7:A0:2B:A3:A4:1C:99:EC:1D:2D:C6:93:11:E4:55:57:1C:12:E0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba2d5a01-fa17-4fb3-97e7-c21c6e89f9fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:1000::/40 Signature Algorithm: sha256WithRSAEncryption 0c:ba:a9:48:70:d1:a4:fc:0e:7e:1f:92:84:ca:42:3e:4f:5d: 7f:78:7e:de:f7:6f:37:90:c0:00:5d:8a:66:8a:c4:22:f9:5f: 93:ae:d5:fd:7d:23:53:e8:71:c4:0a:19:8f:97:25:6f:33:f7: f6:0e:6c:a8:85:05:38:91:2f:22:39:1b:82:60:f3:6b:88:64: f5:80:af:64:e6:4a:39:16:9c:05:f7:0f:18:d2:57:27:81:06: 59:82:58:1a:9b:3b:9a:87:5c:a8:49:4c:fb:38:c8:80:3f:e2: 59:50:36:6b:48:17:5f:8c:33:2d:39:9a:dd:0f:93:ae:87:81: e4:15:e9:f6:a5:cd:6a:61:aa:2d:e2:0a:73:29:88:42:92:fc: 10:7f:8d:22:d1:37:00:a6:c2:7a:7d:23:1b:2a:50:01:f5:86: 17:fd:a0:72:60:00:9c:46:4e:08:3e:40:f0:76:4b:c5:8a:af: 3d:2e:cf:42:f5:4e:ec:d3:21:a2:2c:eb:60:da:ed:b4:fe:f3: 04:85:cb:b8:cc:c5:05:cc:64:3b:55:0a:76:61:78:40:9f:f8: e0:4b:c4:38:5a:cb:b4:c0:06:7e:6e:4f:95:bb:9f:83:dd:03: 8d:d4:72:fe:54:2e:4b:70:b7:5f:ff:93:79:73:e2:d9:2b:a1: a3:d7:0a:f8 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdVp0qnEqPOcVbvudMz7oYH8iboIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwNDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDJmMTYzYjY3NGI4NWQzM2E5N2MwYjI0NmVjMDdkNzliYzZlOWRjZDA4M2Mz ZTdmNjc5ODA4YjcxY2RiZTViYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANMWO6fFtAN4yLr6wW+2CYoB7SWo5NB2MUdlncEpA1sadX6BrSsmK69fCWlM z5HI3H/hOiOqIhINQQWUyP/hwVcnt9TVdRV/KOd/vfJinNADkTsKuxB3FpfNx+5v kOKzyu8Zwe1UbkILZ2nnJN2IMnBiUly0UYUWuiIEe7al+JtT6Kh3diZz+OEsO/HS jV6D4gVzcunRCJu1g1sp59p1xY+d16QnuAVN2Z6yxMh5PId94p/8DX2QY+t06OXB KAAkmGxtJK7Z0CMJA0fXzb/3yj2AaldlDEUVj54xcpTZpkiM6BVpjnLgXqPwhF43 H+SEiFYQxYRtEk/sFSLW2G9Z9fMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQt6Ar o6QcmewdLcaTEeRVVxwS4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmEyZDVhMDEtZmExNy00ZmIzLTk3ZTctYzIxYzZlODlmOWZiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q MA0GCSqGSIb3DQEBCwUAA4IBAQAMuqlIcNGk/A5+H5KEykI+T11/eH7e9283kMAA XYpmisQi+V+TrtX9fSNT6HHEChmPlyVvM/f2DmyohQU4kS8iORuCYPNriGT1gK9k 5ko5FpwF9w8Y0lcngQZZglgamzuah1yoSUz7OMiAP+JZUDZrSBdfjDMtOZrdD5Ou h4HkFen2pc1qYaot4gpzKYhCkvwQf40i0TcApsJ6fSMbKlAB9YYX/aByYACcRk4I PkDwdkvFiq89Ls9C9U7s0yGiLOtg2u20/vMEhcu4zMUFzGQ7VQp2YXhAn/jgS8Q4 Wsu0wAZ+bk+Vu5+D3QON1HL+VC5LcLdf/5N5c+LZK6Gj1wr4 -----END CERTIFICATE-----Generated at Sat Dec 6 22:33:32 2025 by rpki-client