This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa File: d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa (raw, json) Hash identifier: Qzk7PghJ17KdFc22+Nbwmj/VlYw6bkxmcIR2xc3xgxc= Subject key identifier: 7A:36:CF:0D:E7:3B:37:E9:AD:66:07:87:9B:4E:7D:23:67:AE:2D:CC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 725C7B5E3B1E2489CD7891783BB9E3631E814EA9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa Signing time: Tue 18 Nov 2025 00:40:09 +0000 ROA not before: Tue 18 Nov 2025 00:40:09 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01f::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:5c:7b:5e:3b:1e:24:89:cd:78:91:78:3b:b9:e3:63:1e:81:4e:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:40:09 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=7bdd0ca2dcb133d334b18a0c82a42f3311c20d844b65ecbb0b709ea0afadbfce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ff:da:f8:22:38:7f:64:bb:0b:02:ca:ea:08: 37:11:80:7d:af:c5:ec:67:91:e5:be:7f:a4:a7:a3: 11:e2:b9:41:c8:fe:bf:0d:d3:a4:5f:28:7e:94:ff: 12:5f:3e:3a:13:4e:96:99:82:de:16:d3:91:60:a3: 3c:03:1a:96:cf:26:d4:b9:20:bb:20:0d:bd:ee:1e: 3b:dc:6b:0e:b2:e2:ce:0c:6a:a5:10:73:1e:34:1c: 5f:d0:3c:ec:32:a2:4c:42:58:c0:0a:25:65:76:d7: 72:39:50:2d:e2:76:7f:88:3a:6e:8c:58:04:48:ab: 1f:26:69:f4:75:9b:39:dc:57:b4:7c:e9:32:ce:fc: 82:fc:e2:38:6f:28:89:80:b0:71:bb:3a:20:9f:95: d5:de:df:b5:ab:2a:7c:3c:bc:d4:44:4b:78:64:66: d5:2f:3c:03:f6:1f:44:71:3f:c7:0f:27:b4:66:bc: 96:c3:a8:f7:b4:f1:6f:cd:99:36:64:b3:59:d4:a5: 48:9d:20:e6:d7:1c:8f:5a:2d:f1:29:ae:7d:95:15: 31:c9:d8:b7:15:e5:72:08:fd:35:17:5b:11:45:d8: bf:aa:d6:be:03:7a:5f:ef:b5:38:d4:f7:35:7e:be: e9:37:b7:84:a0:44:2c:e5:81:e0:43:30:69:ed:04: 66:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:36:CF:0D:E7:3B:37:E9:AD:66:07:87:9B:4E:7D:23:67:AE:2D:CC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01f::/37 Signature Algorithm: sha256WithRSAEncryption a4:bf:44:96:07:2c:33:32:ad:df:47:3a:e0:d6:ab:ca:61:0e: dd:7b:f9:d4:47:b1:4d:b4:6d:08:c2:d7:c9:c4:16:cc:00:3c: 3c:46:ed:59:4e:c8:99:43:7b:39:e7:8b:fb:f8:23:3d:96:96: c3:5a:54:88:0d:c6:62:d7:7e:de:15:1a:38:0c:00:89:f0:75: d8:f3:e3:79:53:21:01:5b:b4:b6:dd:b3:09:41:15:a9:38:54: 2e:4e:46:1b:04:35:87:90:6f:18:1f:b1:77:60:2a:05:fe:c3: bb:c1:49:a2:70:53:8e:0f:81:aa:a3:55:2e:88:ea:1a:92:6a: bf:9f:ff:92:8d:86:5c:9f:76:fc:8d:d7:bb:87:fd:13:49:e6: 59:0b:4e:7c:2a:ad:e8:f9:ac:5d:12:56:f2:0d:0c:d8:ce:f9: 51:2a:2c:4e:46:2a:e7:19:bd:c3:94:75:11:b2:99:ea:3a:3f: b5:53:27:57:86:4d:9e:8d:1e:52:07:74:8d:d7:5e:6e:a9:fa: 61:c7:2a:bc:7b:f7:40:f9:63:2d:9c:6b:ff:a6:25:11:4e:0d: d0:d8:95:fe:f1:93:e1:ea:68:52:2d:e2:73:8f:45:64:64:a0: 57:7b:a7:33:f3:87:76:52:45:68:17:5e:13:31:22:3a:a8:ef: 79:d2:fa:01 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUclx7XjseJInNeJF4O7njYx6BTqkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDQwMDlaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDdiZGQwY2EyZGNiMTMzZDMzNGIxOGEwYzgyYTQyZjMzMTFjMjBkODQ0YjY1 ZWNiYjBiNzA5ZWEwYWZhZGJmY2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKT/2vgiOH9kuwsCyuoINxGAfa/F7GeR5b5/pKejEeK5Qcj+vw3TpF8ofpT/ El8+OhNOlpmC3hbTkWCjPAMals8m1LkguyANve4eO9xrDrLizgxqpRBzHjQcX9A8 7DKiTEJYwAolZXbXcjlQLeJ2f4g6boxYBEirHyZp9HWbOdxXtHzpMs78gvziOG8o iYCwcbs6IJ+V1d7ftasqfDy81ERLeGRm1S88A/YfRHE/xw8ntGa8lsOo97Txb82Z NmSzWdSlSJ0g5tccj1ot8SmufZUVMcnYtxXlcgj9NRdbEUXYv6rWvgN6X++1ONT3 NX6+6Te3hKBELOWB4EMwae0EZmMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6Ns8N 5zs36a1mB4ebTn0jZ64tzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDJlNWNkMTEtZTMzYi00MDgwLTkxZDUtZjU1MGYxZDdhMGI1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8A MA0GCSqGSIb3DQEBCwUAA4IBAQCkv0SWBywzMq3fRzrg1qvKYQ7de/nUR7FNtG0I wtfJxBbMADw8Ru1ZTsiZQ3s554v7+CM9lpbDWlSIDcZi137eFRo4DACJ8HXY8+N5 UyEBW7S23bMJQRWpOFQuTkYbBDWHkG8YH7F3YCoF/sO7wUmicFOOD4Gqo1UuiOoa kmq/n/+SjYZcn3b8jde7h/0TSeZZC058Kq3o+axdElbyDQzYzvlRKixORirnGb3D lHURspnqOj+1UydXhk2ejR5SB3SN115uqfphxyq8e/dA+WMtnGv/piURTg3Q2JX+ 8ZPh6mhSLeJzj0VkZKBXe6cz84d2UkVoF14TMSI6qO950voB -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:52 2025 by rpki-client