This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa File: c46a0827-1052-46e2-ad52-4a27d9a65f24.roa (raw, json) Hash identifier: sOEDAq/CUZ0VCmkxiAZMfO6F/8VF+QqBymAnTX9KCNI= Subject key identifier: 72:E7:F9:61:80:AF:83:B7:15:45:78:C2:60:0A:C6:7D:2C:7B:AC:16 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0FD351E9E7C5B0615CEF663EE33958DBC1EC5BB7 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa Signing time: Sat 15 Nov 2025 05:50:33 +0000 ROA not before: Sat 15 Nov 2025 05:50:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:d3:51:e9:e7:c5:b0:61:5c:ef:66:3e:e3:39:58:db:c1:ec:5b:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=bf53bc06ae1702f105f203ed90e304526887db663f013877b6020437c5c4426c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:4b:cb:cf:de:14:be:fb:69:07:0f:cc:6b:2f: 97:94:01:00:aa:84:0b:52:80:73:a9:eb:87:2d:ff: 31:80:46:2e:f3:17:45:43:b5:ae:10:8c:9e:79:b6: cc:83:5e:b4:9f:3d:c8:b1:1e:0d:63:c4:b4:3e:00: 1a:28:43:8e:d5:12:93:71:ff:aa:ef:ff:52:39:38: 91:f5:a9:9f:83:65:87:5c:6a:01:be:6a:af:35:26: 16:e7:d1:93:cf:9f:82:73:00:ba:3d:cf:09:b8:a2: 1d:ee:50:0a:05:8c:83:95:77:56:d4:bb:b6:4e:d9: 0b:1d:61:26:f7:73:6d:eb:22:c5:d3:1d:a9:4c:f3: 6d:f8:51:34:6e:7e:f3:b1:53:15:5b:e9:c8:91:4b: be:27:4d:5c:90:45:d3:98:03:63:61:c3:13:a3:33: 63:02:36:fe:1a:02:9f:da:45:7c:d3:0c:20:fb:7c: a1:a3:6c:9f:e8:f3:41:ef:21:e0:8e:a9:7e:2a:1c: 89:b5:fb:f3:f8:3a:8e:2b:93:a0:d6:09:8d:d0:b0: 7d:c2:bb:ef:f6:27:58:00:f5:f1:a0:da:f6:4e:c8: 0c:73:c9:ea:3e:76:f6:03:3e:db:30:ab:5e:9a:28: 2d:c3:1e:b1:e8:74:87:3b:fa:6c:9e:c5:62:5a:3c: 09:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:E7:F9:61:80:AF:83:B7:15:45:78:C2:60:0A:C6:7D:2C:7B:AC:16 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c46a0827-1052-46e2-ad52-4a27d9a65f24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014::/36 Signature Algorithm: sha256WithRSAEncryption 32:56:7e:a3:2f:13:4a:99:8d:25:c9:d1:29:1c:ed:cb:1a:a4: 64:3b:74:45:7e:a1:15:b1:e1:73:b6:cb:75:61:79:66:4c:84: 4d:81:34:14:32:ee:55:a2:6f:ca:44:2a:fe:c5:97:82:ef:b8: 77:4e:4c:37:a5:80:a6:51:90:7b:56:ca:da:d8:3f:59:d7:8f: 06:cc:c0:39:df:32:4c:fa:d1:01:1d:2a:f2:d0:f6:2b:91:53: b2:af:a2:3e:f1:10:a8:a9:42:06:f2:c0:63:9a:33:b8:98:f2: 9e:1b:79:b5:47:0d:d5:78:dc:61:0e:34:d1:3b:ce:ae:79:2d: f6:43:2a:ce:78:d9:a5:1d:2f:5d:7e:48:08:a0:2d:3c:0f:37: 29:75:62:02:c1:57:8c:9e:73:a2:47:f3:a7:e8:95:b1:3a:bb: 12:63:ae:4f:3f:9e:b8:4c:32:47:81:b8:74:8e:95:82:1e:1f: 7a:8e:14:d5:02:cc:98:7e:30:95:39:c6:ca:78:9c:88:c4:b2: f6:38:b1:e0:99:b2:aa:10:05:15:0f:c9:84:2e:d0:20:b0:28: a7:ad:9e:ae:d6:59:94:41:65:45:a6:b2:6f:8a:96:76:4c:be: 90:2a:36:e0:81:00:11:4a:8c:a4:0b:f3:b0:23:e5:57:7b:3e: bb:9a:8c:5c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUD9NR6efFsGFc72Y+4zlY28HsW7cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGJmNTNiYzA2YWUxNzAyZjEwNWYyMDNlZDkwZTMwNDUyNjg4N2RiNjYzZjAx Mzg3N2I2MDIwNDM3YzVjNDQyNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOxLy8/eFL77aQcPzGsvl5QBAKqEC1KAc6nrhy3/MYBGLvMXRUO1rhCMnnm2 zINetJ89yLEeDWPEtD4AGihDjtUSk3H/qu//Ujk4kfWpn4Nlh1xqAb5qrzUmFufR k8+fgnMAuj3PCbiiHe5QCgWMg5V3VtS7tk7ZCx1hJvdzbesixdMdqUzzbfhRNG5+ 87FTFVvpyJFLvidNXJBF05gDY2HDE6MzYwI2/hoCn9pFfNMMIPt8oaNsn+jzQe8h 4I6pfiocibX78/g6jiuToNYJjdCwfcK77/YnWAD18aDa9k7IDHPJ6j529gM+2zCr XpooLcMeseh0hzv6bJ7FYlo8CV0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRy5/lh gK+DtxVFeMJgCsZ9LHusFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzQ2YTA4MjctMTA1Mi00NmUyLWFkNTItNGEyN2Q5YTY1ZjI0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BQA MA0GCSqGSIb3DQEBCwUAA4IBAQAyVn6jLxNKmY0lydEpHO3LGqRkO3RFfqEVseFz tst1YXlmTIRNgTQUMu5Vom/KRCr+xZeC77h3Tkw3pYCmUZB7Vsra2D9Z148GzMA5 3zJM+tEBHSry0PYrkVOyr6I+8RCoqUIG8sBjmjO4mPKeG3m1Rw3VeNxhDjTRO86u eS32QyrOeNmlHS9dfkgIoC08DzcpdWICwVeMnnOiR/On6JWxOrsSY65PP564TDJH gbh0jpWCHh96jhTVAsyYfjCVOcbKeJyIxLL2OLHgmbKqEAUVD8mELtAgsCinrZ6u 1lmUQWVFprJvipZ2TL6QKjbggQARSoykC/OwI+VXez67moxc -----END CERTIFICATE-----Generated at Sat Dec 6 21:33:55 2025 by rpki-client