This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json) Hash identifier: DVEjpY0woGdBI67T05q1ro80g3j8fH+0xq+nkB4aYUk= Subject key identifier: C9:8F:BB:F9:95:A8:7D:1D:ED:8F:E4:67:03:81:75:7A:D0:B1:23:8A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7D995D855844FEE45D5C839B5A7BE1A5832480CB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa Signing time: Sat 15 Nov 2025 05:30:34 +0000 ROA not before: Sat 15 Nov 2025 05:30:34 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01c:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:99:5d:85:58:44:fe:e4:5d:5c:83:9b:5a:7b:e1:a5:83:24:80:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:34 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=0d3d5dbfb7e5f172d3a2297b4bebe301af484c7442b02a90375d91a3578a2499, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ad:0c:6b:07:0a:5e:46:5d:9a:84:72:23:36: 6c:59:94:46:cb:98:5d:9b:c8:6f:ba:52:7e:86:0c: e3:d2:34:dc:e9:f8:d1:de:ac:c1:0e:95:aa:85:f8: 89:af:82:9e:d4:e3:38:82:2c:d3:b9:da:f9:7e:12: b0:c4:64:e1:be:bd:5e:89:a6:7c:be:af:a8:2e:ec: e9:81:31:ea:e1:a5:01:99:31:9d:f5:ea:58:16:a7: 67:28:9c:10:73:15:d7:c9:56:30:1c:9e:03:af:ac: 51:a5:d6:58:77:9d:e5:c2:8c:47:ab:43:cd:92:72: c7:ec:7d:8a:99:9c:e5:99:6d:ef:c7:a4:5a:a9:fe: 47:cf:4d:35:c1:40:44:ff:b7:8c:fc:af:3a:fe:b3: 38:76:1f:6c:67:38:84:28:da:78:a7:45:86:8c:0d: 0c:c5:87:3f:d9:ad:3b:87:5d:1e:aa:2b:db:d6:7a: 21:87:40:82:e8:79:32:91:06:0d:73:38:69:93:35: c3:d2:e0:c1:f8:5f:41:9f:7c:f3:fc:3e:3c:88:4f: da:ac:71:67:0c:9e:e4:c5:76:ad:b2:d1:b3:a5:f3: 80:49:b0:f5:d5:db:7a:b9:63:37:ca:80:d2:50:df: 30:70:9f:3a:18:88:a5:39:51:7b:e8:44:2f:3a:32: cc:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:8F:BB:F9:95:A8:7D:1D:ED:8F:E4:67:03:81:75:7A:D0:B1:23:8A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01c:c00::/38 Signature Algorithm: sha256WithRSAEncryption b2:5e:e5:60:7d:ac:3a:a9:51:9b:fc:95:0a:04:41:15:d4:aa: 1d:94:95:86:0a:38:ec:2b:76:55:1c:23:27:03:6d:49:d5:d3: dc:b4:8c:ef:bd:d8:be:7a:e5:29:45:d7:2a:31:3f:ab:aa:9a: 4e:41:94:4e:94:dc:96:ea:c1:04:cb:dc:b4:d0:51:e8:08:91: 4e:2f:bd:c2:28:43:09:af:be:2c:0d:d4:64:58:d8:3c:d1:4d: 1a:2f:ad:58:2b:cc:38:b1:04:28:00:25:5f:09:b3:e8:6b:40: 95:c7:4b:9d:26:b2:46:4b:ab:8c:f5:81:a3:e2:02:a8:9b:d3: df:d5:0a:4e:7f:1d:f0:95:88:2c:10:b8:a0:4d:6e:57:27:c3: 3f:68:37:1e:e2:c3:42:e0:b8:fd:43:7d:b3:d0:32:f9:bb:4a: d5:09:d9:5f:63:ee:b0:51:28:a1:46:39:00:28:d8:53:45:8b: 0d:8c:51:27:da:52:93:72:e0:5e:8c:83:a5:b8:22:33:ee:d5: 45:7e:47:af:26:9b:01:fc:44:f3:e0:5c:5a:fc:69:85:15:19: 2c:e6:e2:31:b0:10:62:7d:2f:ab:47:b8:59:c7:49:f7:16:70: c2:e1:51:f6:e2:eb:0f:18:65:29:45:2c:9a:b9:83:55:20:b3: 32:3a:66:87 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfZldhVhE/uRdXIObWnvhpYMkgMswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwMzRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDBkM2Q1ZGJmYjdlNWYxNzJkM2EyMjk3YjRiZWJlMzAxYWY0ODRjNzQ0MmIw MmE5MDM3NWQ5MWEzNTc4YTI0OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALetDGsHCl5GXZqEciM2bFmURsuYXZvIb7pSfoYM49I03On40d6swQ6VqoX4 ia+CntTjOIIs07na+X4SsMRk4b69XommfL6vqC7s6YEx6uGlAZkxnfXqWBanZyic EHMV18lWMByeA6+sUaXWWHed5cKMR6tDzZJyx+x9ipmc5Zlt78ekWqn+R89NNcFA RP+3jPyvOv6zOHYfbGc4hCjaeKdFhowNDMWHP9mtO4ddHqor29Z6IYdAguh5MpEG DXM4aZM1w9LgwfhfQZ988/w+PIhP2qxxZwye5MV2rbLRs6XzgEmw9dXberljN8qA 0lDfMHCfOhiIpTlRe+hELzoyzCcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJj7v5 lah9He2P5GcDgXV60LEjijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM MA0GCSqGSIb3DQEBCwUAA4IBAQCyXuVgfaw6qVGb/JUKBEEV1KodlJWGCjjsK3ZV HCMnA21J1dPctIzvvdi+euUpRdcqMT+rqppOQZROlNyW6sEEy9y00FHoCJFOL73C KEMJr74sDdRkWNg80U0aL61YK8w4sQQoACVfCbPoa0CVx0udJrJGS6uM9YGj4gKo m9Pf1QpOfx3wlYgsELigTW5XJ8M/aDce4sNC4Lj9Q32z0DL5u0rVCdlfY+6wUSih RjkAKNhTRYsNjFEn2lKTcuBejIOluCIz7tVFfkevJpsB/ETz4Fxa/GmFFRks5uIx sBBifS+rR7hZx0n3FnDC4VH24usPGGUpRSyauYNVILMyOmaH -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:32 2025 by rpki-client