This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json) Hash identifier: CaH++UZi1iYlXPFvKYyq1AKW23H4/gICfBEkcWxpHbY= Subject key identifier: 49:BE:56:C7:29:CD:A7:80:24:35:22:67:D9:70:BB:72:3A:AA:C3:1A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 652AB15D9434460BB902E869682497CBB5457DB4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa Signing time: Sat 15 Nov 2025 06:20:35 +0000 ROA not before: Sat 15 Nov 2025 06:20:35 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:2a:b1:5d:94:34:46:0b:b9:02:e8:69:68:24:97:cb:b5:45:7d:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:35 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=fd21d52b653f9c19cc71de5de11f99c97c2b26878d8c19dc61cc2be254b6f9d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:76:4e:3d:b1:74:c2:85:5f:c7:bf:d8:a1:47: 1b:36:8b:6a:06:4e:ed:03:a7:06:57:91:ea:80:cc: d5:00:cd:49:a6:2c:b3:34:db:0c:a7:f9:08:4e:d4: 6b:ce:1b:2b:b5:de:8f:73:f8:47:30:61:e7:a3:5e: 37:eb:35:b0:9a:2d:18:0b:4c:b8:ca:ff:24:76:09: 16:b4:d2:88:e3:fc:3a:39:c6:d5:d6:5a:37:4b:a6: 41:0e:7b:a1:d6:e5:5c:13:98:92:2f:5c:5d:3e:ae: 30:b4:9b:85:d3:a2:f7:21:71:f2:d3:d1:bf:15:a7: cd:25:85:6a:1e:85:01:b2:bd:9b:55:f1:48:06:aa: 69:c2:3a:0e:55:6a:07:11:87:c2:63:e4:77:c3:2d: 1c:b7:a2:13:60:f3:24:f5:22:7b:1c:9e:74:60:93: 89:9c:d4:da:e0:c0:1c:42:2c:b5:6d:82:2e:31:06: 83:ba:ef:5f:f9:62:23:de:db:6e:90:1b:2c:ff:00: a6:05:c9:7c:b7:07:2e:96:7d:e8:02:3d:6b:cc:ea: 1b:af:7d:4f:5f:45:fb:37:cb:1d:8e:3f:d5:8d:2c: b6:5a:79:c4:e5:a0:d9:17:3c:a1:7e:47:7f:b0:83: 58:23:9a:da:ff:9a:39:67:03:b2:73:d4:e0:cf:85: 24:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:BE:56:C7:29:CD:A7:80:24:35:22:67:D9:70:BB:72:3A:AA:C3:1A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:e000::/40 Signature Algorithm: sha256WithRSAEncryption 27:2b:37:7c:cf:e7:a6:84:60:a3:b2:9d:3d:96:9e:4c:fd:49: 47:34:c4:3d:bd:47:82:57:a7:bc:37:89:82:d8:72:3d:37:fb: 91:49:4f:fc:d6:a7:17:5f:f7:09:06:05:35:c0:ed:e2:5b:f6: 84:5f:d1:8e:10:8e:0f:7f:cd:63:d8:ee:f7:18:71:8b:b7:5e: c2:27:d5:ca:ef:87:ba:e5:95:79:e3:b3:7e:97:88:74:9b:8a: 90:fd:af:8b:bc:7b:39:70:08:1a:e9:b4:13:a5:e7:1f:44:10: 1b:d8:3a:9a:0d:10:66:af:42:28:44:06:bc:12:d1:7f:a2:d1: 6f:4b:14:91:94:5b:d6:fc:ef:e1:11:e3:d6:ce:35:2d:94:78: 76:5f:b3:19:0b:7b:c5:ba:10:ce:e6:ca:86:f6:fb:6d:bd:39: e0:55:39:9e:e1:3c:98:b9:df:6b:53:6d:3b:69:95:b4:4f:45: 62:f5:5f:18:2d:f5:44:8d:46:a8:b5:50:ad:1f:7e:6c:09:80: 99:28:cd:6d:4e:9a:b6:3e:33:fd:86:5c:33:a9:93:38:d6:b6: f1:99:c1:99:28:00:f6:14:79:5e:16:cc:e5:07:78:ec:af:96: ec:ac:d4:34:74:b5:18:01:b6:ff:5a:27:6a:3f:34:f4:6a:f7: 2a:60:dd:73 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZSqxXZQ0Rgu5AuhpaCSXy7VFfbQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMzVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGZkMjFkNTJiNjUzZjljMTljYzcxZGU1ZGUxMWY5OWM5N2MyYjI2ODc4ZDhj MTlkYzYxY2MyYmUyNTRiNmY5ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJp2Tj2xdMKFX8e/2KFHGzaLagZO7QOnBleR6oDM1QDNSaYsszTbDKf5CE7U a84bK7Xej3P4RzBh56NeN+s1sJotGAtMuMr/JHYJFrTSiOP8OjnG1dZaN0umQQ57 odblXBOYki9cXT6uMLSbhdOi9yFx8tPRvxWnzSWFah6FAbK9m1XxSAaqacI6DlVq BxGHwmPkd8MtHLeiE2DzJPUiexyedGCTiZzU2uDAHEIstW2CLjEGg7rvX/liI97b bpAbLP8ApgXJfLcHLpZ96AI9a8zqG699T19F+zfLHY4/1Y0stlp5xOWg2Rc8oX5H f7CDWCOa2v+aOWcDsnPU4M+FJIECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJvlbH Kc2ngCQ1ImfZcLtyOqrDGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg MA0GCSqGSIb3DQEBCwUAA4IBAQAnKzd8z+emhGCjsp09lp5M/UlHNMQ9vUeCV6e8 N4mC2HI9N/uRSU/81qcXX/cJBgU1wO3iW/aEX9GOEI4Pf81j2O73GHGLt17CJ9XK 74e65ZV547N+l4h0m4qQ/a+LvHs5cAga6bQTpecfRBAb2DqaDRBmr0IoRAa8EtF/ otFvSxSRlFvW/O/hEePWzjUtlHh2X7MZC3vFuhDO5sqG9vttvTngVTme4TyYud9r U207aZW0T0Vi9V8YLfVEjUaotVCtH35sCYCZKM1tTpq2PjP9hlwzqZM41rbxmcGZ KAD2FHleFszlB3jsr5bsrNQ0dLUYAbb/WidqPzT0avcqYN1z -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:01 2025 by rpki-client