This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be43dd39-558d-4a44-9ced-00461f1d4c42.roa File: be43dd39-558d-4a44-9ced-00461f1d4c42.roa (raw, json) Hash identifier: VoVGpLsED2PJ3XF6TXdUCK4QDJdShVdb+myZx3QbNzc= Subject key identifier: A9:46:3C:75:41:54:5D:1C:BF:39:F3:57:86:51:CD:E4:DF:63:66:7E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 23C0D8FB998850B9E0127336E5725E71B094C3A2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be43dd39-558d-4a44-9ced-00461f1d4c42.roa Signing time: Sun 23 Nov 2025 01:30:52 +0000 ROA not before: Sun 23 Nov 2025 01:30:52 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:c0:d8:fb:99:88:50:b9:e0:12:73:36:e5:72:5e:71:b0:94:c3:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:52 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=b03629bdb61836ad5714fdba973395562c641442588f408601e05e5957c431a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:68:95:bd:86:c8:51:a3:6e:47:7a:9a:87:3f: a4:90:c9:3b:08:aa:1f:1f:0c:a5:44:6e:3d:64:2e: 62:39:4f:f6:da:db:91:0f:2f:83:2f:bd:ea:bc:41: c3:21:30:29:06:e5:62:e4:69:7c:e4:34:26:b6:92: ba:0e:ef:48:f6:24:85:6d:b3:d0:20:d0:3d:91:25: 9f:c2:a4:81:b7:02:1c:0b:92:e2:4d:da:89:01:97: 25:39:02:b4:0c:47:4b:33:c1:6a:10:04:bb:e5:3d: e9:76:a8:0c:b3:6d:fd:f5:c9:4d:2f:66:b3:09:6a: 1d:e4:51:2a:ef:de:ca:a3:d4:be:c2:12:57:22:71: 89:05:fd:13:62:8c:a2:a1:83:b6:0e:75:c9:8f:82: f7:d0:e2:92:df:fc:8e:43:d3:94:86:9d:d4:e7:11: a5:e1:24:5c:96:a8:7f:9a:27:ad:f9:9c:0a:8c:73: d5:b1:c4:b3:9c:53:93:f6:46:47:b4:43:e8:ac:cb: 53:16:22:03:d4:4e:9b:80:ba:bc:1c:3b:1f:99:5d: 04:a9:be:eb:3e:73:b1:23:1c:ec:54:df:39:bd:c7: c9:6e:14:46:86:d2:73:b1:72:3e:97:49:4e:65:04: 05:a7:79:1a:a3:0d:af:47:7b:2d:ed:35:9a:f6:c3: 7f:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:46:3C:75:41:54:5D:1C:BF:39:F3:57:86:51:CD:E4:DF:63:66:7E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be43dd39-558d-4a44-9ced-00461f1d4c42.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:2000::/40 Signature Algorithm: sha256WithRSAEncryption c2:5b:95:c5:c9:13:d0:95:d5:64:3a:bd:8c:ee:19:92:75:f1: 41:9f:10:89:d1:0e:68:fc:4d:d2:ff:a9:19:d9:20:18:b7:57: 84:fd:40:7c:df:02:87:76:cd:61:52:f8:0f:06:f8:f8:70:b6: 3a:67:4c:7b:d1:bb:e5:fd:f9:8c:92:bf:0b:5a:ef:88:2c:3f: 93:6a:11:2b:9d:05:a2:df:b7:d6:65:b8:da:2d:11:4b:87:41: 8d:c1:94:05:84:18:99:0d:3c:8a:b1:af:54:10:b7:d4:45:76: 8a:34:06:20:91:e6:96:5d:c3:20:ca:66:fd:77:d0:aa:eb:f0: 2f:75:8a:2b:91:83:b4:cd:74:4d:6e:19:a4:94:c7:c2:14:c1: 50:ea:67:87:5a:57:c9:7f:a5:f3:02:e2:ac:4e:5e:36:47:f4: 4d:11:f9:57:e7:b1:d2:01:0f:4a:00:1a:dd:bc:14:2f:53:12: 98:73:ab:d6:b6:2d:7a:96:bb:72:8b:aa:ba:79:41:6a:29:61: 04:30:e4:90:41:6b:55:3a:23:4a:0b:7f:69:04:5e:2b:9e:b0: ab:ca:90:57:03:64:85:ee:b2:35:b6:0e:90:51:86:7e:43:d0: 86:ac:f0:fc:e2:01:a8:07:5c:37:a1:19:c3:0d:60:94:da:dc: 4f:28:eb:0c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUI8DY+5mIULngEnM25XJecbCUw6IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwNTJaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGIwMzYyOWJkYjYxODM2YWQ1NzE0ZmRiYTk3MzM5NTU2MmM2NDE0NDI1ODhm NDA4NjAxZTA1ZTU5NTdjNDMxYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJxolb2GyFGjbkd6moc/pJDJOwiqHx8MpURuPWQuYjlP9trbkQ8vgy+96rxB wyEwKQblYuRpfOQ0JraSug7vSPYkhW2z0CDQPZEln8KkgbcCHAuS4k3aiQGXJTkC tAxHSzPBahAEu+U96XaoDLNt/fXJTS9mswlqHeRRKu/eyqPUvsISVyJxiQX9E2KM oqGDtg51yY+C99Dikt/8jkPTlIad1OcRpeEkXJaof5onrfmcCoxz1bHEs5xTk/ZG R7RD6KzLUxYiA9ROm4C6vBw7H5ldBKm+6z5zsSMc7FTfOb3HyW4URobSc7FyPpdJ TmUEBad5GqMNr0d7Le01mvbDfzECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpRjx1 QVRdHL8581eGUc3k32NmfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmU0M2RkMzktNTU4ZC00YTQ0LTljZWQtMDA0NjFmMWQ0YzQyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gog MA0GCSqGSIb3DQEBCwUAA4IBAQDCW5XFyRPQldVkOr2M7hmSdfFBnxCJ0Q5o/E3S /6kZ2SAYt1eE/UB83wKHds1hUvgPBvj4cLY6Z0x70bvl/fmMkr8LWu+ILD+TahEr nQWi37fWZbjaLRFLh0GNwZQFhBiZDTyKsa9UELfURXaKNAYgkeaWXcMgymb9d9Cq 6/AvdYorkYO0zXRNbhmklMfCFMFQ6meHWlfJf6XzAuKsTl42R/RNEflX57HSAQ9K ABrdvBQvUxKYc6vWti16lrtyi6q6eUFqKWEEMOSQQWtVOiNKC39pBF4rnrCrypBX A2SF7rI1tg6QUYZ+Q9CGrPD84gGoB1w3oRnDDWCU2txPKOsM -----END CERTIFICATE-----Generated at Sat Dec 6 20:50:50 2025 by rpki-client