This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc5d1e04-86cf-43aa-989a-a5801b5a73db.roa File: bc5d1e04-86cf-43aa-989a-a5801b5a73db.roa (raw, json) Hash identifier: V/6Qpy/KWayQUErxQXc2LerpFpkXqMu6neAVyZLP1w4= Subject key identifier: 7D:46:6B:7C:CB:44:9D:65:A4:53:7A:74:FA:93:13:B1:F6:72:61:F9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6500DE873216A6F0D09046BEBAC43ED351E4F51E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc5d1e04-86cf-43aa-989a-a5801b5a73db.roa Signing time: Sun 23 Nov 2025 01:30:17 +0000 ROA not before: Sun 23 Nov 2025 01:30:17 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:00:de:87:32:16:a6:f0:d0:90:46:be:ba:c4:3e:d3:51:e4:f5:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:17 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=9c2ee7cc34430fb8225c3982e76dc5d38710a48f76562d8370d5132c3f3600a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:c3:31:eb:00:cf:ad:de:a6:e1:6b:cb:8f:1b: e1:dd:30:29:78:1c:91:26:84:7a:67:94:b1:36:35: 22:f2:10:a0:f7:04:0c:b8:b0:a4:0d:6a:dc:48:4e: be:08:a2:a6:e8:5b:d4:35:19:55:1c:f6:e4:5d:93: 8f:7f:23:0b:81:56:24:0e:1b:47:44:c1:ce:8d:f1: 42:4a:e0:5b:37:1b:f0:10:0a:40:38:da:3d:7b:05: 03:4e:e5:d6:13:64:91:2d:bd:10:f4:c3:e3:c3:90: 1f:e7:3f:55:7c:ec:38:ed:3d:5c:30:40:d1:3a:c8: 46:34:3f:fe:c5:75:12:7a:83:4e:6f:bf:cf:c6:81: d6:20:2b:8b:63:ea:e6:14:33:3c:e4:54:9e:22:fd: e7:1c:e3:56:8d:43:6a:cb:11:dc:14:07:81:ab:7f: 68:74:da:bd:ed:49:fd:90:c2:ce:8b:cc:b4:d2:56: 5b:bd:f0:38:a1:af:26:b3:2c:5b:68:f8:97:ac:87: 40:68:a9:65:e1:bd:63:a7:cd:e5:a9:12:b2:ba:f2: b3:cd:66:d8:09:5d:c0:58:55:48:bf:57:c3:a4:09: af:b3:ab:3c:a4:32:28:77:c0:8b:01:ee:25:a3:1e: 72:22:92:05:5c:9f:e9:5f:3b:ec:5d:e2:88:4d:66: 16:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:46:6B:7C:CB:44:9D:65:A4:53:7A:74:FA:93:13:B1:F6:72:61:F9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc5d1e04-86cf-43aa-989a-a5801b5a73db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:1040::/48 Signature Algorithm: sha256WithRSAEncryption 5c:48:da:79:ac:63:92:2f:b2:d8:3f:0d:a7:38:a3:2c:2a:a4: b6:e4:f1:00:d9:4b:94:5e:4a:80:72:65:e0:14:87:b9:f4:27: f3:b5:a2:cd:68:4d:01:df:2e:46:82:00:da:17:1c:25:a1:84: 88:4b:ff:c0:34:65:26:4f:19:49:63:36:21:7d:f1:82:fa:ac: 30:8a:db:03:0b:ca:86:bb:bb:06:ce:0c:a2:27:a3:59:9e:d3: df:d8:9a:08:6c:21:13:70:4b:6a:8c:bc:8c:3b:6e:51:c4:97: 32:a8:ee:f7:31:22:c2:21:e9:b0:17:71:6a:35:63:3e:31:08: 1b:86:b2:c9:9c:48:fa:7e:c7:4e:ed:75:ac:61:52:80:b8:26: 75:0b:0d:35:b0:40:57:89:27:c8:cb:46:78:ea:b9:0c:29:54: bc:04:d1:7c:96:d7:02:36:93:e6:e5:b5:32:44:f0:bb:df:c5: 8e:66:ba:db:ed:c5:84:80:be:53:1c:4c:54:8d:43:67:6e:01: b5:92:02:e7:71:7e:50:4f:2e:16:ea:39:03:75:0f:c4:f6:5c: 97:94:e3:23:37:0b:74:bd:c1:53:d4:b7:d6:70:21:f2:eb:b8: 54:95:96:a6:f9:17:21:f4:f9:98:04:3f:fe:f3:46:69:a4:b4: 80:b5:40:4f -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUZQDehzIWpvDQkEa+usQ+01Hk9R4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMTdaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDljMmVlN2NjMzQ0MzBmYjgyMjVjMzk4MmU3NmRjNWQzODcxMGE0OGY3NjU2 MmQ4MzcwZDUxMzJjM2YzNjAwYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJjDMesAz63epuFry48b4d0wKXgckSaEemeUsTY1IvIQoPcEDLiwpA1q3EhO vgiipuhb1DUZVRz25F2Tj38jC4FWJA4bR0TBzo3xQkrgWzcb8BAKQDjaPXsFA07l 1hNkkS29EPTD48OQH+c/VXzsOO09XDBA0TrIRjQ//sV1EnqDTm+/z8aB1iAri2Pq 5hQzPORUniL95xzjVo1DassR3BQHgat/aHTave1J/ZDCzovMtNJWW73wOKGvJrMs W2j4l6yHQGipZeG9Y6fN5akSsrrys81m2AldwFhVSL9Xw6QJr7OrPKQyKHfAiwHu JaMeciKSBVyf6V877F3iiE1mFi0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR9Rmt8 y0SdZaRTenT6kxOx9nJh+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmM1ZDFlMDQtODZjZi00M2FhLTk4OWEtYTU4MDFiNWE3M2RiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoQ QDANBgkqhkiG9w0BAQsFAAOCAQEAXEjaeaxjki+y2D8NpzijLCqktuTxANlLlF5K gHJl4BSHufQn87WizWhNAd8uRoIA2hccJaGEiEv/wDRlJk8ZSWM2IX3xgvqsMIrb AwvKhru7Bs4MoiejWZ7T39iaCGwhE3BLaoy8jDtuUcSXMqju9zEiwiHpsBdxajVj PjEIG4ayyZxI+n7HTu11rGFSgLgmdQsNNbBAV4knyMtGeOq5DClUvATRfJbXAjaT 5uW1MkTwu9/Fjma62+3FhIC+UxxMVI1DZ24BtZIC53F+UE8uFuo5A3UPxPZcl5Tj IzcLdL3BU9S31nAh8uu4VJWWpvkXIfT5mAQ//vNGaaS0gLVATw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:00 2025 by rpki-client