This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json) Hash identifier: EgquuUm8xUntOu+d3Kx7bF+atPXLyfHz1DdEROiHdjY= Subject key identifier: 3A:33:E5:1C:AA:41:AD:7B:41:F9:16:F4:43:F4:73:BB:90:DE:75:FC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5438D27CE03AA482556676D251FF98D1ECCC4A55 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa Signing time: Tue 02 Dec 2025 01:51:25 +0000 ROA not before: Tue 02 Dec 2025 01:51:25 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d030:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:38:d2:7c:e0:3a:a4:82:55:66:76:d2:51:ff:98:d1:ec:cc:4a:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:25 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=35dd604e81832ea7b38f425e015e199ee9a22a2a443612e35d43aa75c37e8ebe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a9:a6:6c:54:c1:9e:cd:6b:93:7c:79:6e:ba: 2e:fd:e5:80:df:d7:ff:9d:24:8f:e1:6f:62:85:4d: a4:f9:31:d0:25:41:ff:bb:84:43:29:88:54:1d:1d: a8:a2:a1:e4:71:4f:91:55:87:f0:48:8b:32:d2:e5: e4:cc:59:0a:94:c9:e1:0e:35:ba:9d:79:90:7a:a5: b6:a7:fc:de:bf:6b:6b:f0:8f:07:3c:87:75:b8:0a: 6a:5c:78:21:36:ac:89:df:13:48:17:e2:58:0d:88: 18:72:57:ce:87:42:e2:9d:0e:e5:f2:2b:39:b0:50: 05:1d:0a:0c:87:98:6b:b9:a3:2c:22:60:21:c9:05: e3:0c:ae:16:b0:65:95:43:53:ce:04:12:f4:99:ce: 82:f8:87:22:73:98:6e:70:c6:67:0e:89:01:e8:e5: a7:d7:4a:f3:04:50:c2:d0:ad:ce:8b:33:b0:1d:ff: 58:9b:6b:48:3c:1d:87:49:84:da:8d:db:7f:e6:d1: 16:e9:c4:0b:46:bb:36:d6:cc:02:73:1e:44:6f:cc: 8a:46:e3:50:c2:44:25:21:6e:c6:4a:f4:ba:ea:c7: d0:46:f2:76:47:64:02:1e:c3:9d:38:94:02:f8:54: 86:cc:71:9c:3b:79:74:26:9b:98:ba:dc:28:46:4a: e9:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:33:E5:1C:AA:41:AD:7B:41:F9:16:F4:43:F4:73:BB:90:DE:75:FC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d030:b000::/40 Signature Algorithm: sha256WithRSAEncryption 0c:a4:10:43:43:14:a5:4a:62:36:6e:c4:6d:85:06:ae:1e:74: e2:01:2e:c4:d8:47:f4:09:56:a0:63:20:ce:14:40:20:fa:0a: 39:64:da:ea:6e:63:38:f8:d5:09:a2:d2:ba:63:59:50:bf:fc: f9:69:cc:c7:63:b4:54:ab:4b:52:3b:9d:e4:d0:5f:0f:7e:44: 42:2f:00:c9:d0:8e:5a:fb:6a:13:68:f6:33:89:8a:57:cc:f6: d4:c5:3d:48:d5:1b:97:4c:31:f1:12:b5:36:c7:6c:8a:19:42: 08:c8:82:cf:66:a1:87:14:48:c0:38:14:37:21:66:68:18:09: 56:fc:e2:0a:b5:a9:09:00:24:a8:18:f4:88:35:55:df:4e:99: 63:f1:14:95:b9:87:d5:c4:f7:ec:d5:a5:d8:ca:70:14:4e:77: 81:cb:35:19:6f:e6:c1:8d:2a:de:46:ff:10:a9:e1:48:b1:c4: 09:5f:75:2c:ed:5a:03:91:24:95:74:99:57:ad:1a:c8:36:b1: 39:d7:d2:11:1b:e3:6c:1d:f8:3b:52:a9:42:8f:a8:92:3f:48: bc:13:67:fe:be:17:67:48:ff:f5:e3:6b:68:4e:e4:00:0d:6e: 89:0e:b8:71:8e:88:ba:ba:81:d7:4e:2e:3c:ed:f1:1a:e3:e4: d8:ca:a6:80 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVDjSfOA6pIJVZnbSUf+Y0ezMSlUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMjVaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDM1ZGQ2MDRlODE4MzJlYTdiMzhmNDI1ZTAxNWUxOTllZTlhMjJhMmE0NDM2 MTJlMzVkNDNhYTc1YzM3ZThlYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMeppmxUwZ7Na5N8eW66Lv3lgN/X/50kj+FvYoVNpPkx0CVB/7uEQymIVB0d qKKh5HFPkVWH8EiLMtLl5MxZCpTJ4Q41up15kHqltqf83r9ra/CPBzyHdbgKalx4 ITasid8TSBfiWA2IGHJXzodC4p0O5fIrObBQBR0KDIeYa7mjLCJgIckF4wyuFrBl lUNTzgQS9JnOgviHInOYbnDGZw6JAejlp9dK8wRQwtCtzoszsB3/WJtrSDwdh0mE 2o3bf+bRFunEC0a7NtbMAnMeRG/MikbjUMJEJSFuxkr0uurH0EbydkdkAh7DnTiU AvhUhsxxnDt5dCabmLrcKEZK6ZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6M+Uc qkGte0H5FvRD9HO7kN51/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw MA0GCSqGSIb3DQEBCwUAA4IBAQAMpBBDQxSlSmI2bsRthQauHnTiAS7E2Ef0CVag YyDOFEAg+go5ZNrqbmM4+NUJotK6Y1lQv/z5aczHY7RUq0tSO53k0F8PfkRCLwDJ 0I5a+2oTaPYziYpXzPbUxT1I1RuXTDHxErU2x2yKGUIIyILPZqGHFEjAOBQ3IWZo GAlW/OIKtakJACSoGPSINVXfTplj8RSVuYfVxPfs1aXYynAUTneByzUZb+bBjSre Rv8QqeFIscQJX3Us7VoDkSSVdJlXrRrINrE519IRG+NsHfg7UqlCj6iSP0i8E2f+ vhdnSP/142toTuQADW6JDrhxjoi6uoHXTi487fEa4+TYyqaA -----END CERTIFICATE-----Generated at Sat Dec 6 17:35:35 2025 by rpki-client