This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa File: cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa (raw, json) Hash identifier: 3A23+VvcMBFLcIYX0pgRS0gVY1YfDSnM7z8/E4iksYw= Subject key identifier: 72:FF:11:A3:6A:9F:10:D9:70:8C:0F:55:45:5D:5D:4F:E1:F6:90:93 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5E8B02180FC2ACD9B630C26250385EB8C6BBD7D5 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa Signing time: Sat 15 Nov 2025 06:20:58 +0000 ROA not before: Sat 15 Nov 2025 06:20:58 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d03a:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:8b:02:18:0f:c2:ac:d9:b6:30:c2:62:50:38:5e:b8:c6:bb:d7:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:58 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b54a1c8922124ad3e3e08e689018959bf5ab58213fcd7c26c98cb88f6ee6b4f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:0e:c9:f4:9d:db:eb:45:67:e9:e2:eb:f4:81: fa:1f:76:a2:80:69:63:98:ec:bf:fd:dd:e5:75:c2: fc:42:56:77:35:f5:34:a5:bc:f4:38:fa:62:e1:90: 5f:28:f3:26:06:af:0c:6e:3c:4a:68:24:e0:d9:ff: f5:3d:9d:91:67:a5:9b:ea:2d:75:2e:4d:5d:75:b0: 32:88:43:ea:c9:76:bb:56:91:e2:36:8c:ee:df:0c: 9e:91:fa:d4:e9:ea:70:1a:18:7e:96:bd:b1:0c:a3: d5:70:36:3f:8a:0a:93:63:6c:c2:3d:76:58:cd:9b: be:6a:25:ff:76:27:f4:97:1b:3a:04:fb:36:2c:d7: ad:a0:59:a4:af:cf:a1:22:25:9e:01:85:d3:9d:36: 6f:5d:74:d9:0f:ce:a8:44:4b:83:a3:01:77:99:86: dc:0a:7e:75:b0:55:9d:a7:f2:49:50:59:d7:01:f9: f5:52:45:72:88:69:01:7c:76:6a:77:9c:f6:c0:60: fe:8e:38:5d:ca:42:e9:c1:0c:d1:b9:53:1a:6b:f3: 8b:63:b3:e1:1b:2a:0e:21:f7:88:91:53:a0:d3:ef: 51:1d:c2:ff:6a:ff:47:25:26:85:f9:a9:cf:12:4e: 38:c0:2c:2d:d0:4f:b0:da:12:59:65:f3:bd:5f:90: bc:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:FF:11:A3:6A:9F:10:D9:70:8C:0F:55:45:5D:5D:4F:E1:F6:90:93 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d03a:c000::/40 Signature Algorithm: sha256WithRSAEncryption c1:d7:88:32:e8:1b:72:71:0d:44:92:e1:67:ea:1a:8d:f3:2d: 10:e3:3c:aa:df:09:c0:69:56:84:a1:72:47:53:11:56:c9:81: a3:23:70:cf:ad:87:b8:10:01:26:df:2c:b2:bc:b2:7b:d2:ee: 52:f8:8b:9c:04:ea:bc:71:9b:63:f2:52:39:87:4a:50:0c:63: 8e:f1:69:cd:ad:a1:ac:39:97:f2:fb:58:10:43:9f:2b:86:44: da:ba:12:2c:99:1d:bb:6c:a6:d2:31:eb:f3:99:32:05:04:92: c8:04:95:8f:52:b2:80:9d:e9:e5:3f:7f:0c:12:ef:f8:5b:66: b0:fa:4b:d5:21:3a:b6:4c:43:c4:ac:3e:d3:df:c9:70:06:6f: a7:6e:fc:06:29:9d:3b:06:66:0f:1f:83:e1:8f:2d:46:ed:35: d7:76:f9:24:8d:cc:05:e4:2b:a2:3c:f7:f7:48:58:f6:24:a3: b9:fb:d0:14:b3:a7:60:73:8b:d9:89:99:84:67:58:08:5f:62: 80:7a:ac:17:06:f7:46:bb:a2:8f:46:30:68:86:de:0f:03:1a: cc:b5:ba:7c:a9:ee:b7:b2:9e:31:ab:f6:45:82:cb:6e:ae:6a: 17:45:3e:1a:45:85:d2:b4:a1:34:df:88:79:53:7c:ed:69:76: 7b:31:7b:98 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXosCGA/CrNm2MMJiUDheuMa719UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwNThaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGI1NGExYzg5MjIxMjRhZDNlM2UwOGU2ODkwMTg5NTliZjVhYjU4MjEzZmNk N2MyNmM5OGNiODhmNmVlNmI0ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJcOyfSd2+tFZ+ni6/SB+h92ooBpY5jsv/3d5XXC/EJWdzX1NKW89Dj6YuGQ XyjzJgavDG48Smgk4Nn/9T2dkWelm+otdS5NXXWwMohD6sl2u1aR4jaM7t8MnpH6 1OnqcBoYfpa9sQyj1XA2P4oKk2Nswj12WM2bvmol/3Yn9JcbOgT7NizXraBZpK/P oSIlngGF0502b1102Q/OqERLg6MBd5mG3Ap+dbBVnafySVBZ1wH59VJFcohpAXx2 anec9sBg/o44XcpC6cEM0blTGmvzi2Oz4RsqDiH3iJFToNPvUR3C/2r/RyUmhfmp zxJOOMAsLdBPsNoSWWXzvV+QvCECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRy/xGj ap8Q2XCMD1VFXV1P4faQkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2I4ZjRmMzctZmVjZC00YmM2LThlZGMtODBiZTlmMmZiZWRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DrA MA0GCSqGSIb3DQEBCwUAA4IBAQDB14gy6BtycQ1EkuFn6hqN8y0Q4zyq3wnAaVaE oXJHUxFWyYGjI3DPrYe4EAEm3yyyvLJ70u5S+IucBOq8cZtj8lI5h0pQDGOO8WnN raGsOZfy+1gQQ58rhkTauhIsmR27bKbSMevzmTIFBJLIBJWPUrKAnenlP38MEu/4 W2aw+kvVITq2TEPErD7T38lwBm+nbvwGKZ07BmYPH4Phjy1G7TXXdvkkjcwF5Cui PPf3SFj2JKO5+9AUs6dgc4vZiZmEZ1gIX2KAeqwXBvdGu6KPRjBoht4PAxrMtbp8 qe63sp4xq/ZFgsturmoXRT4aRYXStKE034h5U3ztaXZ7MXuY -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:04 2025 by rpki-client