This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json) Hash identifier: XpToC24qAFmaPpexuwAPoHLAoq4/obTpzhHKs3HeH7Y= Subject key identifier: 8B:9B:84:5D:89:34:D2:8B:8F:98:91:53:02:3D:8F:69:C9:81:A8:39 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 49735B117F164D784ECD4B79F9B99C2B1B18ED0E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa Signing time: Sat 15 Nov 2025 06:10:10 +0000 ROA not before: Sat 15 Nov 2025 06:10:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01e::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:73:5b:11:7f:16:4d:78:4e:cd:4b:79:f9:b9:9c:2b:1b:18:ed:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=78bda10b7c9511b5efaa5b43c61dfbc7ac047f70c78a9afff4aed5c3a014d0ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:86:74:b3:60:3e:bc:bb:de:23:17:45:a9:c8: c5:f8:17:2e:ee:57:db:0a:25:ac:a5:95:d7:29:b5: ab:26:e2:e7:45:20:fc:c1:7a:02:2b:63:41:06:1a: 3c:32:ff:12:fc:b1:10:be:4c:46:8b:63:fa:8c:de: d2:cc:e1:ad:e3:d8:d9:e5:73:2f:9c:02:6a:67:5d: 53:07:e7:92:7a:2d:76:56:fd:00:02:4d:2a:46:51: e1:28:8d:e1:a9:45:f2:47:cb:24:6e:72:e2:d5:95: db:d9:d9:66:db:9c:e4:9f:02:fd:ca:47:67:a9:b3: 5d:04:be:6f:66:3a:40:32:ca:b5:d0:3c:5b:b9:5d: 4c:a2:11:12:91:02:66:35:44:aa:04:f2:eb:c3:1c: 18:83:f1:f1:65:c2:18:22:b9:e1:5f:d0:0c:11:8a: 3e:6a:33:91:f2:ec:3b:99:7e:62:d7:35:da:4d:71: 64:fe:a5:48:cc:b2:64:67:c9:51:4b:13:30:c7:5c: c1:4e:fc:ef:d9:78:a1:c0:20:ad:c6:7d:9a:f0:25: 90:5d:d0:a7:a6:52:28:97:bc:26:cb:56:9f:9e:66: 9f:b0:90:ad:d7:75:23:85:17:a5:ec:86:b8:19:6f: cc:fb:d6:52:03:52:19:1f:b9:83:be:ba:44:b8:dc: fc:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:9B:84:5D:89:34:D2:8B:8F:98:91:53:02:3D:8F:69:C9:81:A8:39 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01e::/38 Signature Algorithm: sha256WithRSAEncryption 76:1f:98:85:b4:85:4b:9b:f3:7e:6c:19:52:d3:d9:75:cc:19: a7:3a:64:72:13:8c:a6:ef:05:e2:61:a7:d9:1c:41:31:c3:96: 04:74:96:9f:4e:b2:da:91:a3:8c:1c:6d:cc:41:c1:47:80:a9: 80:d0:1b:b4:c7:c4:86:ad:f0:04:13:78:60:16:7b:c2:ba:98: 7b:c5:45:be:8f:39:0b:ff:f5:ef:17:00:36:cc:65:55:e0:54: 03:c4:0a:df:34:57:e4:d1:6d:a1:09:84:3e:a2:7d:40:4f:56: fd:e0:d0:42:38:75:d9:d9:73:c0:37:f8:de:df:7f:ad:7f:82: 8c:a7:e1:36:e5:ab:b1:d9:e7:62:2b:0d:c4:e4:20:3c:9d:f8: a6:3c:06:d4:53:28:e6:3a:e2:af:fc:74:c3:6e:38:71:61:57: d0:c5:a6:06:9b:e2:67:23:c5:8d:ba:05:bc:c6:1d:b4:10:8f: 93:19:3f:02:04:14:37:4f:b3:8c:01:9a:f4:f3:7a:ac:9b:ac: 31:1f:46:83:e2:00:3f:19:19:5d:3e:7d:49:9d:2d:ea:0a:97: 0c:78:ca:38:d3:79:37:b8:03:5a:bc:17:3c:66:66:1a:83:91: dc:44:c3:8b:a8:73:bd:69:64:e5:02:3f:06:2a:6b:da:c6:db: 9b:bf:86:4e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUSXNbEX8WTXhOzUt5+bmcKxsY7Q4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDc4YmRhMTBiN2M5NTExYjVlZmFhNWI0M2M2MWRmYmM3YWMwNDdmNzBjNzhh OWFmZmY0YWVkNWMzYTAxNGQwYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWGdLNgPry73iMXRanIxfgXLu5X2wolrKWV1ym1qybi50Ug/MF6AitjQQYa PDL/EvyxEL5MRotj+oze0szhrePY2eVzL5wCamddUwfnknotdlb9AAJNKkZR4SiN 4alF8kfLJG5y4tWV29nZZtuc5J8C/cpHZ6mzXQS+b2Y6QDLKtdA8W7ldTKIREpEC ZjVEqgTy68McGIPx8WXCGCK54V/QDBGKPmozkfLsO5l+Ytc12k1xZP6lSMyyZGfJ UUsTMMdcwU7879l4ocAgrcZ9mvAlkF3Qp6ZSKJe8JstWn55mn7CQrdd1I4UXpeyG uBlvzPvWUgNSGR+5g766RLjc/MECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLm4Rd iTTSi4+YkVMCPY9pyYGoOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A MA0GCSqGSIb3DQEBCwUAA4IBAQB2H5iFtIVLm/N+bBlS09l1zBmnOmRyE4ym7wXi YafZHEExw5YEdJafTrLakaOMHG3MQcFHgKmA0Bu0x8SGrfAEE3hgFnvCuph7xUW+ jzkL//XvFwA2zGVV4FQDxArfNFfk0W2hCYQ+on1AT1b94NBCOHXZ2XPAN/je33+t f4KMp+E25aux2ediKw3E5CA8nfimPAbUUyjmOuKv/HTDbjhxYVfQxaYGm+JnI8WN ugW8xh20EI+TGT8CBBQ3T7OMAZr083qsm6wxH0aD4gA/GRldPn1JnS3qCpcMeMo4 03k3uANavBc8ZmYag5HcRMOLqHO9aWTlAj8GKmvaxtubv4ZO -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:10 2025 by rpki-client