This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa File: c42c966b-1b62-4165-bbfb-62aaaca567ad.roa (raw, json) Hash identifier: X6BXGwb/rvOxpXyQRD6dmo5pNZ97Xo+OvaLDtooaHIQ= Subject key identifier: 32:67:0E:C6:78:E2:5A:CC:08:53:D4:23:43:63:7F:F9:76:8F:18:FC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6B381456A8933B6B7C64831C83B466D27C3FD36E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa Signing time: Sat 06 Dec 2025 04:00:32 +0000 ROA not before: Sat 06 Dec 2025 04:00:32 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d077::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:38:14:56:a8:93:3b:6b:7c:64:83:1c:83:b4:66:d2:7c:3f:d3:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 04:00:32 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=fe3b025edc35c97e3a9993e602eb7b488368e2d5a66d6805a2382f3008bc6028, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e6:be:cf:3f:cb:98:bc:7b:52:86:5f:d0:6a: e4:e5:40:bf:50:2a:88:af:f3:18:dd:76:fb:e9:7a: 9c:59:99:e5:71:8a:70:03:b4:ce:4a:03:5b:3e:45: ae:00:b3:ee:c1:99:64:e9:4b:19:5b:af:64:45:c1: 8a:4f:4b:47:88:c4:02:8b:3c:7f:b7:fb:53:c9:ef: 7b:e9:a9:73:6f:9c:dd:6b:3b:42:26:33:b3:31:22: 43:5f:f2:3d:da:66:32:ce:42:19:66:83:30:78:ec: 0c:c3:cc:a6:3f:db:c3:59:be:c4:d0:22:17:c4:15: aa:c2:d2:b4:4e:67:38:92:39:d1:e4:c1:27:16:11: 4a:b1:46:93:e8:2e:56:18:3d:8f:30:93:90:1c:ec: 63:ff:1a:3c:f2:26:c5:bc:e7:69:21:18:6c:d8:34: 2e:b3:49:f8:cd:f7:c7:de:f7:e3:71:26:81:07:bf: cc:4b:6d:89:e2:45:65:6f:ce:e3:ee:bf:07:1b:87: bc:69:2b:42:b8:ea:3f:f1:ad:4e:e5:c2:5f:94:c7: b7:ab:c3:9c:f2:e3:72:95:50:c4:be:5b:c6:d2:bb: 8b:5e:42:e9:5d:8a:1d:63:ce:3f:65:23:41:ce:08: 17:98:e2:84:1b:5f:b1:46:4c:b9:70:01:10:a2:f0: 0b:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:67:0E:C6:78:E2:5A:CC:08:53:D4:23:43:63:7F:F9:76:8F:18:FC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d077::/32 Signature Algorithm: sha256WithRSAEncryption a0:f0:be:de:9d:b3:94:0d:be:04:c1:a5:e5:f0:44:ba:15:af: 19:41:f4:c6:7b:23:da:00:17:4c:b3:77:7f:1a:cd:df:ee:f8: 8d:cb:1b:d6:a9:4b:22:14:1a:49:92:ab:93:83:ab:a0:c9:22: 19:30:9b:e4:bd:04:a2:86:9e:ac:26:29:5f:1b:85:1c:5c:0d: 47:29:cb:83:8c:37:0b:15:3b:9e:61:f5:8a:a8:67:2f:b2:9f: 7f:21:c2:d9:71:be:4b:4c:7c:33:50:37:a2:7f:09:47:3d:fd: 7b:13:64:1b:a2:a7:5e:77:57:4a:54:f4:c7:6b:30:e9:a0:71: 66:6b:48:9d:c6:e4:f1:c6:77:a3:b6:21:57:f3:d2:4d:f4:07: 80:c3:73:f1:c5:62:4d:a7:14:46:2b:f5:ad:43:a6:25:7e:98: be:db:32:14:8c:0f:c1:82:c8:53:83:3f:9a:f5:96:90:16:db: c2:74:67:2f:82:d5:45:e8:4a:19:92:c4:4a:0a:1f:ac:15:35: 34:e7:4a:e7:94:85:a1:bc:9e:4f:9e:a7:73:37:92:a2:2a:d3: 47:cf:18:e5:01:8f:f1:f0:f0:c5:a7:f1:38:40:f6:ee:de:ed: 65:a3:8f:c1:04:5d:2a:e2:90:29:0a:67:07:9f:c3:c0:ab:48: ed:73:0e:2e -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUazgUVqiTO2t8ZIMcg7Rm0nw/024wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwNDAwMzJaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQGZlM2IwMjVlZGMzNWM5N2UzYTk5OTNlNjAyZWI3YjQ4ODM2OGUyZDVhNjZk NjgwNWEyMzgyZjMwMDhiYzYwMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALTmvs8/y5i8e1KGX9Bq5OVAv1AqiK/zGN12++l6nFmZ5XGKcAO0zkoDWz5F rgCz7sGZZOlLGVuvZEXBik9LR4jEAos8f7f7U8nve+mpc2+c3Ws7QiYzszEiQ1/y PdpmMs5CGWaDMHjsDMPMpj/bw1m+xNAiF8QVqsLStE5nOJI50eTBJxYRSrFGk+gu Vhg9jzCTkBzsY/8aPPImxbznaSEYbNg0LrNJ+M33x97343EmgQe/zEttieJFZW/O 4+6/BxuHvGkrQrjqP/GtTuXCX5THt6vDnPLjcpVQxL5bxtK7i15C6V2KHWPOP2Uj Qc4IF5jihBtfsUZMuXABEKLwC9cCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQyZw7G eOJazAhT1CNDY3/5do8Y/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzQyYzk2NmItMWI2Mi00MTY1LWJiZmItNjJhYWFjYTU2N2FkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw DQYJKoZIhvcNAQELBQADggEBAKDwvt6ds5QNvgTBpeXwRLoVrxlB9MZ7I9oAF0yz d38azd/u+I3LG9apSyIUGkmSq5ODq6DJIhkwm+S9BKKGnqwmKV8bhRxcDUcpy4OM NwsVO55h9YqoZy+yn38hwtlxvktMfDNQN6J/CUc9/XsTZBuip153V0pU9MdrMOmg cWZrSJ3G5PHGd6O2IVfz0k30B4DDc/HFYk2nFEYr9a1DpiV+mL7bMhSMD8GCyFOD P5r1lpAW28J0Zy+C1UXoShmSxEoKH6wVNTTnSueUhaG8nk+ep3M3kqIq00fPGOUB j/Hw8MWn8ThA9u7e7WWjj8EEXSrikCkKZwefw8CrSO1zDi4= -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:32 2025 by rpki-client