This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa File: bed4158d-91b8-4ba5-81d9-75a65b550b92.roa (raw, json) Hash identifier: GWwUjNhr6Sv2gfYe7EbfORb2t56LJr2T8hQaecV5qeg= Subject key identifier: 47:0E:55:78:DB:9D:7D:E5:DC:BF:5C:AA:D4:76:8A:34:3E:56:D3:5D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5FBA09A82716553D4F871F794F0E564F2079F269 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa Signing time: Sat 15 Nov 2025 05:20:42 +0000 ROA not before: Sat 15 Nov 2025 05:20:42 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:ba:09:a8:27:16:55:3d:4f:87:1f:79:4f:0e:56:4f:20:79:f2:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:42 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5c39acb97229031a1cb59b931ecbc9eca0258eb617c4e2cf199e7e15080cbb23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:dc:d2:f9:10:b3:70:3e:ee:3b:41:d7:f9:71: c2:f9:9e:45:b7:f4:61:ff:d0:52:d1:65:ff:62:30: 7e:d5:68:8f:d1:c8:2c:ef:12:76:1a:93:de:3c:f3: f5:ac:e0:a6:ca:a9:77:f7:74:a2:a3:b5:f2:dd:06: a0:50:51:3e:e1:16:39:c4:1b:51:a4:f9:2e:33:8c: da:56:59:1e:94:28:41:75:23:3c:40:72:b0:f7:71: ac:a8:5e:17:e0:18:42:38:5a:3e:e7:1f:e8:52:f0: e8:c0:98:08:51:f4:7c:54:0c:37:ae:55:86:ef:73: f7:9d:de:bc:f3:98:43:d8:13:97:be:b3:15:6a:b8: 97:36:c1:d3:d2:6b:93:4e:d0:6d:40:38:c0:4b:d8: be:d5:5c:d6:c6:f4:f0:53:e3:18:17:9d:1e:ac:b3: 37:96:1e:f1:2d:3b:6d:b8:90:2b:f2:22:77:58:d8: e0:5e:df:76:38:e0:d5:44:3e:26:b2:2d:ca:7c:28: cd:a9:b9:58:c2:fb:7d:54:74:44:74:ad:d6:a1:65: 3d:15:b5:e5:53:ee:4e:6f:4a:26:ef:7a:39:05:98: ad:32:eb:26:f8:07:35:3a:32:da:64:a0:4b:37:60: 76:f1:2a:6e:cc:60:c5:8c:70:65:09:de:e4:09:d1: 50:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:0E:55:78:DB:9D:7D:E5:DC:BF:5C:AA:D4:76:8A:34:3E:56:D3:5D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bed4158d-91b8-4ba5-81d9-75a65b550b92.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 84:70:ae:0a:50:63:3b:af:18:22:84:21:3d:ce:73:65:a2:06: 57:e4:dd:b6:47:79:a1:b3:4a:38:7e:79:76:c4:b4:b8:d0:97: 76:45:a2:07:b9:32:d7:89:f8:bf:ef:41:02:5b:3f:12:46:31: 18:f0:9b:c4:15:46:d9:33:a3:e0:4c:15:26:db:93:3b:9e:56: 32:e6:7d:04:9a:77:12:5f:4d:58:08:56:1c:c1:1f:f5:ba:1b: 0a:bc:59:7d:95:ac:0c:fe:e5:e4:52:be:e5:5c:c7:36:8e:62: a5:56:46:a7:48:c3:27:c7:61:1e:79:34:2b:11:5b:95:44:a9: bd:4a:02:c7:db:a3:cd:c5:94:fc:c6:40:76:26:1f:4b:8a:70: ab:e2:2d:37:d6:27:ef:b5:db:7f:36:df:38:c1:8e:ea:2f:89: 6f:6d:db:6c:4f:13:d8:33:54:f4:e4:bc:6c:c8:d9:88:83:16: ca:a2:6d:45:f8:66:c0:13:e2:2b:54:bf:09:f9:fe:8e:c9:b3: a7:3a:4b:ce:28:44:f0:fe:07:e3:52:ac:0f:2f:9f:86:64:37: 9c:ed:b4:48:c5:b7:ff:78:79:aa:2e:fc:7f:3b:09:8f:6a:7e: 00:9c:33:36:4d:22:94:ff:73:21:45:48:26:34:e3:82:eb:8b: ce:c8:bf:8f -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUX7oJqCcWVT1Phx95Tw5WTyB58mkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwNDJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVjMzlhY2I5NzIyOTAzMWExY2I1OWI5MzFlY2JjOWVjYTAyNThlYjYxN2M0 ZTJjZjE5OWU3ZTE1MDgwY2JiMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALvc0vkQs3A+7jtB1/lxwvmeRbf0Yf/QUtFl/2IwftVoj9HILO8SdhqT3jzz 9azgpsqpd/d0oqO18t0GoFBRPuEWOcQbUaT5LjOM2lZZHpQoQXUjPEBysPdxrKhe F+AYQjhaPucf6FLw6MCYCFH0fFQMN65Vhu9z953evPOYQ9gTl76zFWq4lzbB09Jr k07QbUA4wEvYvtVc1sb08FPjGBedHqyzN5Ye8S07bbiQK/Iid1jY4F7fdjjg1UQ+ JrItynwozam5WML7fVR0RHSt1qFlPRW15VPuTm9KJu96OQWYrTLrJvgHNToy2mSg SzdgdvEqbsxgxYxwZQne5AnRUN8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRHDlV4 25195dy/XKrUdoo0PlbTXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmVkNDE1OGQtOTFiOC00YmE1LTgxZDktNzVhNjViNTUwYjkyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg wDANBgkqhkiG9w0BAQsFAAOCAQEAhHCuClBjO68YIoQhPc5zZaIGV+Tdtkd5obNK OH55dsS0uNCXdkWiB7ky14n4v+9BAls/EkYxGPCbxBVG2TOj4EwVJtuTO55WMuZ9 BJp3El9NWAhWHMEf9bobCrxZfZWsDP7l5FK+5VzHNo5ipVZGp0jDJ8dhHnk0KxFb lUSpvUoCx9ujzcWU/MZAdiYfS4pwq+ItN9Yn77XbfzbfOMGO6i+Jb23bbE8T2DNU 9OS8bMjZiIMWyqJtRfhmwBPiK1S/Cfn+jsmzpzpLzihE8P4H41KsDy+fhmQ3nO20 SMW3/3h5qi78fzsJj2p+AJwzNk0ilP9zIUVIJjTjguuLzsi/jw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:39 2025 by rpki-client