This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa File: c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa (raw, json) Hash identifier: dlP01dxwlpO4z4TM2TvAO2Y4aRG3hP+R2FD/3aqqZGw= Subject key identifier: 8C:05:C1:24:92:8A:B4:A4:4C:F7:FB:76:06:C0:20:48:88:6D:7A:F1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4B3DE7A37645B262FFB5D5172FCB559CC8A55CC6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa Signing time: Sat 15 Nov 2025 06:00:32 +0000 ROA not before: Sat 15 Nov 2025 06:00:32 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:3d:e7:a3:76:45:b2:62:ff:b5:d5:17:2f:cb:55:9c:c8:a5:5c:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:32 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b56f00da8bcd077236f97ba569a9a93af7c24ad9b3c9efb96c3ad6c7ba69a0e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:88:b1:fb:01:e6:76:8b:f1:1d:69:4d:ec:24: a7:86:d5:4e:fd:58:53:76:7d:3a:61:1f:f7:fd:35: 6c:eb:5d:3d:a3:b0:d9:e6:92:3e:e0:76:fa:8f:48: bd:42:6d:b8:77:d2:28:80:d2:d2:4a:f4:07:f5:3c: 01:be:83:e1:35:fe:ea:75:26:e0:de:52:90:26:58: c4:9a:ff:49:8a:f7:ed:65:0e:1b:02:e3:1c:9c:c0: f1:10:41:9a:f2:b0:51:0d:94:48:a4:ca:14:23:a3: f1:8c:04:33:14:79:b5:6e:fe:80:99:bc:ef:eb:0a: c6:35:e9:79:00:a6:56:bd:23:34:9a:a9:b9:f4:54: 97:ac:a9:63:44:d8:85:85:4d:e5:5c:e9:d0:9d:38: eb:8a:13:bd:3d:ad:21:d0:7a:14:e7:70:b7:f7:88: 07:a0:5f:22:10:25:59:4c:f0:2a:f0:64:87:b4:4d: c0:45:ad:64:33:20:06:6b:17:29:e4:1b:15:24:d6: f1:2e:16:d4:98:30:c7:b5:09:69:a8:fa:25:60:ab: 02:7e:c4:5e:a3:50:ef:51:fc:36:f9:a9:05:e7:7c: 7f:33:35:cb:24:9d:3b:c3:0a:d3:56:3d:d6:d0:0b: aa:61:e9:fe:31:b4:73:ef:c3:ce:0e:e2:d0:17:77: c1:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:05:C1:24:92:8A:B4:A4:4C:F7:FB:76:06:C0:20:48:88:6D:7A:F1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 2d:3c:aa:7c:b4:50:44:7f:4e:2b:1c:ef:fe:ae:8a:f6:27:4f: a4:60:57:27:62:e0:09:e5:f1:85:aa:ce:b4:52:80:2f:75:2d: 0f:64:b6:b5:af:12:f6:fe:46:e5:4f:8b:7f:c6:ea:b7:80:b6: 8d:bd:a0:d5:68:2f:d8:e2:3f:7d:af:f0:5a:36:77:4d:55:fa: 6b:1d:8e:8c:36:70:cb:01:42:91:fd:27:70:9d:db:13:14:cf: cf:ec:5f:3e:2c:77:a1:b6:28:14:f8:58:f3:f6:64:35:4d:4f: a6:0f:fc:7d:ec:a1:1d:5e:fe:7e:d2:7a:e3:8b:69:cf:2f:55: 09:19:a7:32:51:f3:02:2a:77:06:fc:90:76:83:29:57:da:ce: a1:60:d3:97:68:36:b7:04:64:65:da:6a:81:cc:2d:89:84:3b: ff:4d:28:05:86:e5:a4:cf:3e:10:6c:6e:25:bf:68:92:ad:9a: 0f:49:f4:ff:45:17:43:12:04:b1:b4:2f:79:61:25:9d:53:93: 29:32:58:10:27:33:de:71:33:a7:91:a6:f7:13:3c:75:ba:34: 98:7e:4b:84:85:4c:12:e1:7e:88:07:29:27:bc:5f:b4:79:38: da:1c:fb:a8:8c:d7:2f:9e:53:5a:81:fd:6a:53:85:17:36:f3: ba:c1:73:d2 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUSz3no3ZFsmL/tdUXL8tVnMilXMYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGI1NmYwMGRhOGJjZDA3NzIzNmY5N2JhNTY5YTlhOTNhZjdjMjRhZDliM2M5 ZWZiOTZjM2FkNmM3YmE2OWEwZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6IsfsB5naL8R1pTewkp4bVTv1YU3Z9OmEf9/01bOtdPaOw2eaSPuB2+o9I vUJtuHfSKIDS0kr0B/U8Ab6D4TX+6nUm4N5SkCZYxJr/SYr37WUOGwLjHJzA8RBB mvKwUQ2USKTKFCOj8YwEMxR5tW7+gJm87+sKxjXpeQCmVr0jNJqpufRUl6ypY0TY hYVN5Vzp0J0464oTvT2tIdB6FOdwt/eIB6BfIhAlWUzwKvBkh7RNwEWtZDMgBmsX KeQbFSTW8S4W1Jgwx7UJaaj6JWCrAn7EXqNQ71H8NvmpBed8fzM1yySdO8MK01Y9 1tALqmHp/jG0c+/Dzg7i0Bd3wdECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMBcEk koq0pEz3+3YGwCBIiG168TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzkxYWI4ZTctODM3MC00OGVkLTllMjUtMGRjMjYwYmExOTZiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg wDANBgkqhkiG9w0BAQsFAAOCAQEALTyqfLRQRH9OKxzv/q6K9idPpGBXJ2LgCeXx harOtFKAL3UtD2S2ta8S9v5G5U+Lf8bqt4C2jb2g1Wgv2OI/fa/wWjZ3TVX6ax2O jDZwywFCkf0ncJ3bExTPz+xfPix3obYoFPhY8/ZkNU1Ppg/8feyhHV7+ftJ644tp zy9VCRmnMlHzAip3BvyQdoMpV9rOoWDTl2g2twRkZdpqgcwtiYQ7/00oBYblpM8+ EGxuJb9okq2aD0n0/0UXQxIEsbQveWElnVOTKTJYECcz3nEzp5Gm9xM8dbo0mH5L hIVMEuF+iAcpJ7xftHk42hz7qIzXL55TWoH9alOFFzbzusFz0g== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:09 2025 by rpki-client