This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa File: c46a0827-1052-46e2-ad52-4a27d9a65f24.roa (raw, json) Hash identifier: NCN/NXLFVf7P8Sd0UrvNzVlNfJVsItCzkSAtgcoCUzw= Subject key identifier: 82:64:14:8C:D1:E3:2F:09:23:F3:F0:AD:0A:95:B3:A7:C5:E1:D1:D7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5E9D6F049C8F398AC554D62A4F50F96237A525D2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa Signing time: Wed 10 Dec 2025 05:41:18 +0000 ROA not before: Wed 10 Dec 2025 05:41:18 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:9d:6f:04:9c:8f:39:8a:c5:54:d6:2a:4f:50:f9:62:37:a5:25:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:18 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ed54abf3f694a9d6799eee818953238cfbdf4bf06668b5b44c00d72b9263a2a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:61:86:fa:d0:32:85:cd:7e:ba:cb:5d:c0:16: 3c:a9:c0:de:6b:fc:03:54:43:01:85:96:42:39:14: 83:58:6a:22:18:f2:e3:97:59:7d:94:0b:65:fc:19: b8:f7:dd:4c:fb:d5:21:00:7b:ee:b1:32:ef:80:a1: da:b9:f1:18:55:c2:fd:63:ff:1d:09:ae:c4:44:d9: 6c:48:1c:26:14:70:d3:4f:8a:f5:cb:92:e1:5a:2b: 29:14:0c:0b:eb:11:01:60:15:03:14:09:88:2f:57: a3:17:bc:71:5e:e6:2c:bd:43:91:ec:91:4c:6e:5f: 2b:d6:b4:8f:38:7b:f1:84:ba:48:ba:a2:ca:1c:fc: 64:ab:34:9c:61:fd:50:ad:ea:52:72:f4:3f:93:ba: d9:12:ca:87:72:51:e6:c6:f2:d1:b9:5e:fe:e8:c2: 00:fa:d7:6a:10:7f:ab:aa:c5:7a:b2:d4:93:64:9a: 4e:af:c0:e9:12:ec:2c:7e:8a:21:93:53:99:46:13: 8d:d8:65:f8:9a:07:8c:04:05:f3:62:e8:53:26:4b: 4f:c7:f9:f1:0c:1f:d3:c6:cf:94:e6:8f:b2:cd:26: 8b:90:4a:fd:49:96:35:6d:d5:a9:fd:8c:4a:2a:15: 43:f9:7d:45:ec:e1:c1:af:dc:be:d1:07:ea:7e:5d: 12:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:64:14:8C:D1:E3:2F:09:23:F3:F0:AD:0A:95:B3:A7:C5:E1:D1:D7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014::/36 Signature Algorithm: sha256WithRSAEncryption 66:c6:36:54:ec:6d:82:57:f0:1c:b2:bb:15:89:cd:0e:24:4a: 44:a5:2f:2d:ab:64:fb:3b:14:ff:7e:97:76:ed:e4:91:dd:8b: 5c:5a:7f:b4:0f:be:17:7d:0e:27:82:60:21:94:22:26:e6:a4: 17:3c:83:de:b7:23:8f:6e:44:2b:86:c1:a9:30:e1:74:6e:69: 88:b7:4f:2c:44:ca:9a:4f:39:a3:5c:cd:a9:88:e5:da:e5:ba: 18:dc:a8:28:08:61:ba:ba:89:78:ed:a0:19:7b:ba:4d:a9:60: dd:13:44:4c:48:13:cf:61:b1:ea:fb:c8:d3:c3:23:07:eb:19: d1:4c:0d:4c:b4:41:5a:e1:78:cc:57:4a:17:78:1c:db:f1:ec: 48:76:1f:b3:7b:0b:fe:c7:d0:01:80:97:ad:a6:48:4b:8f:c0: be:4e:7b:37:3c:c8:4f:eb:e9:04:34:42:89:ba:98:ba:10:53: ff:d1:c3:b7:34:c4:d2:72:e9:ac:8e:ad:95:8b:ae:69:7c:12: f0:43:78:ae:77:3a:75:29:2b:5b:58:cf:aa:7b:fa:c8:f0:9c: 19:38:ac:94:a8:04:a9:3f:d1:50:fc:5b:82:4d:ed:2a:b9:77: 3d:1b:5a:f8:3d:5e:2f:e2:c7:f2:21:93:36:1c:37:c7:98:9b: 4f:d2:1b:ef -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXp1vBJyPOYrFVNYqT1D5YjelJdIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMThaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVkNTRhYmYzZjY5NGE5ZDY3OTllZWU4MTg5NTMyMzhjZmJkZjRiZjA2NjY4 YjViNDRjMDBkNzJiOTI2M2EyYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFhhvrQMoXNfrrLXcAWPKnA3mv8A1RDAYWWQjkUg1hqIhjy45dZfZQLZfwZ uPfdTPvVIQB77rEy74Ch2rnxGFXC/WP/HQmuxETZbEgcJhRw00+K9cuS4VorKRQM C+sRAWAVAxQJiC9Xoxe8cV7mLL1DkeyRTG5fK9a0jzh78YS6SLqiyhz8ZKs0nGH9 UK3qUnL0P5O62RLKh3JR5sby0ble/ujCAPrXahB/q6rFerLUk2SaTq/A6RLsLH6K IZNTmUYTjdhl+JoHjAQF82LoUyZLT8f58Qwf08bPlOaPss0mi5BK/UmWNW3Vqf2M SioVQ/l9Rezhwa/cvtEH6n5dElcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCZBSM 0eMvCSPz8K0KlbOnxeHR1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzQ2YTA4MjctMTA1Mi00NmUyLWFkNTItNGEyN2Q5YTY1ZjI0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BQA MA0GCSqGSIb3DQEBCwUAA4IBAQBmxjZU7G2CV/AcsrsVic0OJEpEpS8tq2T7OxT/ fpd27eSR3YtcWn+0D74XfQ4ngmAhlCIm5qQXPIPetyOPbkQrhsGpMOF0bmmIt08s RMqaTzmjXM2piOXa5boY3KgoCGG6uol47aAZe7pNqWDdE0RMSBPPYbHq+8jTwyMH 6xnRTA1MtEFa4XjMV0oXeBzb8exIdh+zewv+x9ABgJetpkhLj8C+Tns3PMhP6+kE NEKJupi6EFP/0cO3NMTScumsjq2Vi65pfBLwQ3iudzp1KStbWM+qe/rI8JwZOKyU qASpP9FQ/FuCTe0quXc9G1r4PV4v4sfyIZM2HDfHmJtP0hvv -----END CERTIFICATE-----Generated at Mon Dec 15 15:35:42 2025 by rpki-client