This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json) Hash identifier: aMs+gV5cpTtZ5g9gUdL2zhc0lj1GfZK5UWPbU/mxLkU= Subject key identifier: 26:DA:FF:00:20:66:0F:CE:27:D6:8C:FC:4E:E5:69:88:B8:4F:26:24 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 24BF238732D4F9ACAD78E84A8190C3AA05D61B32 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa Signing time: Wed 10 Dec 2025 06:10:58 +0000 ROA not before: Wed 10 Dec 2025 06:10:58 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:bf:23:87:32:d4:f9:ac:ad:78:e8:4a:81:90:c3:aa:05:d6:1b:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:58 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=199bc5ccb094e110fcbff113aef20f8577e53fcfaf42aee36479ee360c9582d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:bc:fc:2a:38:9d:d6:03:bf:28:64:86:0d:a6: 44:5e:a6:cc:50:15:22:c6:5d:91:5f:2c:fe:b3:da: bf:9a:eb:88:f3:a6:f6:6c:d8:fa:86:5a:14:b5:1c: a8:ce:42:cf:16:3d:8f:5c:eb:00:7a:dc:de:96:e7: 39:e2:2a:0b:55:37:56:cb:56:94:f3:96:76:3d:c0: 2b:b7:5a:7d:05:d0:a0:ca:e6:49:c9:7e:08:0a:4b: 41:d6:0e:b4:4f:7a:a0:a6:f9:c0:32:88:d6:5e:a8: 54:1e:93:38:ea:0e:75:22:0a:d9:71:0e:63:76:e0: 5f:3d:ba:61:b8:5d:ba:56:33:16:cc:88:b2:c6:f1: d1:b3:db:63:be:fe:b5:8e:9b:6e:59:d0:89:e0:5a: a4:a8:36:3f:7b:3b:94:12:4f:0e:c9:fb:46:ab:94: 9a:1a:40:37:03:cb:04:ba:d0:31:9d:5e:d4:f2:3b: 8e:84:4c:c8:c2:f9:79:bd:e4:47:a0:94:1f:0b:3d: 17:f9:71:fe:66:71:eb:0b:85:86:8a:3d:a8:45:7e: 6f:3b:af:5d:e2:2d:bd:c6:e5:89:46:f5:ac:01:e6: bc:7b:b7:c7:f1:5b:c8:1e:c6:9e:a3:8c:3f:19:33: fc:04:9c:37:ef:0a:d9:2f:69:17:3a:e1:6f:3f:6b: 7e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:DA:FF:00:20:66:0F:CE:27:D6:8C:FC:4E:E5:69:88:B8:4F:26:24 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:e000::/40 Signature Algorithm: sha256WithRSAEncryption 27:ab:48:43:17:9d:41:6a:01:0c:e1:23:66:7b:6c:de:9f:e1: 92:a6:a4:f1:00:19:71:08:3a:53:2a:60:4c:05:36:31:7d:50: d8:82:09:07:df:20:0e:90:d4:4b:b8:0c:8c:ad:9b:19:17:1a: da:ef:27:d5:5f:10:f4:01:a0:e9:05:87:4c:58:48:b2:ee:a9: 6b:3b:58:3f:b8:52:95:0c:9c:26:f9:ea:59:ca:3d:2b:81:a3: 8c:b7:ea:3d:19:86:be:9f:17:34:dd:ea:b4:ab:2c:19:43:3a: 80:c7:96:24:6b:e0:26:68:ca:be:d8:76:6d:b3:29:30:e1:b2: dc:2d:bc:b6:4c:5a:06:27:d5:9c:48:88:30:05:de:25:97:cf: 7c:63:3b:e4:61:59:05:c7:f8:d3:91:af:f3:cd:60:13:c5:23: f3:35:4c:84:9e:d8:ea:e7:d2:2d:20:fd:d2:72:c5:c0:dc:3f: cb:49:56:19:3f:4b:39:cd:2e:e5:86:bd:cb:a0:c2:3f:2f:d4: 3d:65:e9:37:60:c5:66:55:28:5d:38:31:be:2f:78:ab:7f:78: 59:f3:52:40:a5:05:fc:81:c0:ba:4b:fa:e6:d4:aa:82:29:ec: 4d:c8:0a:f2:c3:47:3f:b4:4e:87:80:db:6d:9e:12:71:72:43: 6a:d4:b7:e5 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUJL8jhzLU+ayteOhKgZDDqgXWGzIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwNThaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDE5OWJjNWNjYjA5NGUxMTBmY2JmZjExM2FlZjIwZjg1NzdlNTNmY2ZhZjQy YWVlMzY0NzllZTM2MGM5NTgyZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJi8/Co4ndYDvyhkhg2mRF6mzFAVIsZdkV8s/rPav5rriPOm9mzY+oZaFLUc qM5CzxY9j1zrAHrc3pbnOeIqC1U3VstWlPOWdj3AK7dafQXQoMrmScl+CApLQdYO tE96oKb5wDKI1l6oVB6TOOoOdSIK2XEOY3bgXz26YbhdulYzFsyIssbx0bPbY77+ tY6bblnQieBapKg2P3s7lBJPDsn7RquUmhpANwPLBLrQMZ1e1PI7joRMyML5eb3k R6CUHws9F/lx/mZx6wuFhoo9qEV+bzuvXeItvcbliUb1rAHmvHu3x/FbyB7GnqOM Pxkz/AScN+8K2S9pFzrhbz9rfosCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQm2v8A IGYPzifWjPxO5WmIuE8mJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg MA0GCSqGSIb3DQEBCwUAA4IBAQAnq0hDF51BagEM4SNme2zen+GSpqTxABlxCDpT KmBMBTYxfVDYggkH3yAOkNRLuAyMrZsZFxra7yfVXxD0AaDpBYdMWEiy7qlrO1g/ uFKVDJwm+epZyj0rgaOMt+o9GYa+nxc03eq0qywZQzqAx5Yka+AmaMq+2HZtsykw 4bLcLby2TFoGJ9WcSIgwBd4ll898YzvkYVkFx/jTka/zzWATxSPzNUyEntjq59It IP3ScsXA3D/LSVYZP0s5zS7lhr3LoMI/L9Q9Zek3YMVmVShdODG+L3irf3hZ81JA pQX8gcC6S/rm1KqCKexNyAryw0c/tE6HgNttnhJxckNq1Lfl -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:24 2025 by rpki-client