This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json) Hash identifier: MUlrZsVG2aUDXLbqKeVoGs61BA3KTJoyTc0TKR4REsQ= Subject key identifier: DB:B0:78:26:7B:39:F2:84:8E:1B:D1:71:75:BB:FF:A4:3A:38:55:84 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0C7FC6F24D78F8FE996863C867D22DB5DE56809E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa Signing time: Sat 15 Nov 2025 06:21:12 +0000 ROA not before: Sat 15 Nov 2025 06:21:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:7f:c6:f2:4d:78:f8:fe:99:68:63:c8:67:d2:2d:b5:de:56:80:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:21:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=094a61209e07c6ce8a1a0ca1f09a0721bead390f9be423566866921ac253fb0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e6:fa:a3:c0:ce:42:5e:4a:d2:5c:a6:5b:31: d7:0e:37:bf:34:b1:4c:f4:af:d5:78:3b:3a:8e:0d: a0:db:59:80:19:a3:de:57:fe:2f:89:1b:bc:e7:90: 22:f4:4e:0c:70:a0:30:b9:d0:cb:f8:2a:70:bf:9b: 60:19:59:88:11:3d:d2:67:70:36:2d:fc:9f:6b:95: 15:a4:09:39:c1:56:d0:ba:98:ba:67:f6:14:d7:29: 33:6f:fd:96:ee:cd:5b:14:d2:a0:36:89:19:a1:39: d9:d9:c7:f0:60:83:cd:42:33:ec:4c:d4:6f:65:23: 8d:5d:8e:33:35:29:80:a9:f1:9c:3b:ac:77:fa:01: 9f:02:45:3e:76:34:e9:ed:e0:38:12:df:07:a9:5c: 06:a8:9a:a8:d6:19:9d:08:49:d0:20:10:ba:48:4a: 34:a7:37:72:06:fe:49:ad:ca:c6:cc:c0:22:4e:17: ed:34:58:1d:ce:86:84:68:1a:2e:b7:93:50:2c:0d: 14:e1:59:c2:22:c2:35:16:74:03:92:79:e6:3f:bc: 3c:fd:59:b8:1d:05:20:85:99:87:dd:98:f9:ca:73: f0:5b:fe:14:9d:31:18:0e:64:46:05:35:e3:0f:77: f7:95:9c:a7:1f:e0:79:4d:56:c0:cb:30:db:04:ac: 55:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:B0:78:26:7B:39:F2:84:8E:1B:D1:71:75:BB:FF:A4:3A:38:55:84 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:5000::/40 Signature Algorithm: sha256WithRSAEncryption 37:99:ea:e4:d0:db:74:42:6b:ed:34:c9:88:4d:f5:ab:bb:4d: a4:33:eb:50:67:f3:77:af:44:81:77:38:37:7a:40:4c:fa:76: a0:08:c3:91:d0:87:3d:a1:25:4f:21:01:f3:74:47:b1:2b:e9: 38:d4:0c:24:f6:d3:91:27:62:3c:75:6b:a9:7b:4f:b0:48:87: 0f:7c:6b:aa:c9:1a:4f:58:b8:3a:e0:db:3b:58:af:b4:9c:f8: a4:29:b2:73:fe:c6:06:95:38:b5:c5:30:4a:3c:99:71:82:c0: 72:9c:af:f3:3c:80:b0:80:97:80:75:e2:8b:46:d7:51:8c:85: 8e:58:b3:27:52:94:68:6f:bc:5e:76:1a:1c:ee:73:d7:c2:21: 6f:ba:53:d1:7f:ad:ec:fd:79:63:02:fc:8e:95:b0:49:4a:66: ce:b1:32:53:66:e2:93:cd:f7:a1:ca:19:ed:2e:85:4b:0e:28: 5e:f4:5e:fa:05:61:e7:a2:02:27:d3:2b:77:ce:49:a2:61:23: fa:98:e2:a4:2a:d0:77:f1:fa:1e:6d:e7:1f:3c:81:c6:d6:3f: 58:c6:39:8a:ce:2f:23:a6:08:00:29:e6:31:9c:27:2f:3a:06: 20:a4:c8:bd:0d:b7:98:40:6a:c1:ca:ec:cf:8b:84:29:bc:74: 99:ad:2f:ec -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUDH/G8k14+P6ZaGPIZ9Ittd5WgJ4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIxMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA5NGE2MTIwOWUwN2M2Y2U4YTFhMGNhMWYwOWEwNzIxYmVhZDM5MGY5YmU0 MjM1NjY4NjY5MjFhYzI1M2ZiMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMDm+qPAzkJeStJcplsx1w43vzSxTPSv1Xg7Oo4NoNtZgBmj3lf+L4kbvOeQ IvRODHCgMLnQy/gqcL+bYBlZiBE90mdwNi38n2uVFaQJOcFW0LqYumf2FNcpM2/9 lu7NWxTSoDaJGaE52dnH8GCDzUIz7EzUb2UjjV2OMzUpgKnxnDusd/oBnwJFPnY0 6e3gOBLfB6lcBqiaqNYZnQhJ0CAQukhKNKc3cgb+Sa3KxszAIk4X7TRYHc6GhGga LreTUCwNFOFZwiLCNRZ0A5J55j+8PP1ZuB0FIIWZh92Y+cpz8Fv+FJ0xGA5kRgU1 4w9395Wcpx/geU1WwMsw2wSsVQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbsHgm eznyhI4b0XF1u/+kOjhVhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ MA0GCSqGSIb3DQEBCwUAA4IBAQA3merk0Nt0QmvtNMmITfWru02kM+tQZ/N3r0SB dzg3ekBM+nagCMOR0Ic9oSVPIQHzdEexK+k41Awk9tORJ2I8dWupe0+wSIcPfGuq yRpPWLg64Ns7WK+0nPikKbJz/sYGlTi1xTBKPJlxgsBynK/zPICwgJeAdeKLRtdR jIWOWLMnUpRob7xedhoc7nPXwiFvulPRf63s/XljAvyOlbBJSmbOsTJTZuKTzfeh yhntLoVLDihe9F76BWHnogIn0yt3zkmiYSP6mOKkKtB38foebecfPIHG1j9YxjmK zi8jpggAKeYxnCcvOgYgpMi9DbeYQGrByuzPi4QpvHSZrS/s -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:10 2025 by rpki-client