This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json) Hash identifier: vwxGsOMBEY/xLvLqic5nWN3SAja8Iy6a+6Y9WK0iMy0= Subject key identifier: 45:63:EF:6D:B4:A4:AE:62:93:4F:B0:3D:34:2E:35:39:EC:2D:8D:D3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 269DFA4EDD35413E99AF905D5591E6B5F85CC0EB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa Signing time: Sat 15 Nov 2025 06:20:52 +0000 ROA not before: Sat 15 Nov 2025 06:20:52 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:9d:fa:4e:dd:35:41:3e:99:af:90:5d:55:91:e6:b5:f8:5c:c0:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:52 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b9fa89fa885cd791474fcb73af336b40b390cb322a3f960261d10a277e7b100b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6b:74:52:82:85:b8:7c:45:68:14:37:ed:17: b3:e9:65:9e:a5:4a:93:58:54:cf:92:8f:04:7a:3c: 37:aa:2c:a3:39:56:15:06:b6:05:a2:62:87:a4:31: 9a:05:b6:24:91:b7:1c:f4:e5:32:57:5b:f7:6a:8b: 78:f2:8a:22:e1:7c:b9:0b:b5:6f:47:48:db:62:b6: d7:29:a9:15:fd:d8:cc:aa:03:ca:29:ec:4a:80:76: 59:3b:11:8c:a6:ca:d8:0e:33:f4:0c:09:f9:08:7e: 9d:84:2b:93:32:a5:b0:ef:86:45:15:7e:12:19:e1: 85:47:9a:95:2f:15:a8:cb:74:55:22:92:f9:ab:bc: b3:d4:50:60:db:ab:87:32:a2:41:f9:a6:51:8d:58: f2:d3:c5:b6:f9:8f:39:5f:39:36:c0:50:e8:dc:ad: ae:78:b2:fe:e1:0d:76:d9:28:f7:1e:eb:62:15:7b: 11:c0:28:22:e0:ea:ca:14:a5:71:cb:32:89:87:b8: 95:3e:65:a5:1a:f9:5f:be:40:f6:0b:ac:88:7d:d4: d1:94:a1:d9:6c:29:43:f0:99:a8:4e:86:a2:36:8b: ff:cf:ee:13:fa:54:2c:f2:5e:84:61:d0:60:41:17: c7:e6:68:f1:1a:45:77:9f:30:9b:cc:b2:45:06:ac: 86:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:63:EF:6D:B4:A4:AE:62:93:4F:B0:3D:34:2E:35:39:EC:2D:8D:D3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:1000::/40 Signature Algorithm: sha256WithRSAEncryption 39:01:8f:88:8f:88:92:aa:e8:af:d8:00:e4:99:45:c4:52:6f: ac:08:47:71:6e:6c:14:fe:b3:b4:a1:a0:99:ee:56:df:7c:45: 4c:4a:2a:9c:cd:5c:44:fa:db:c2:79:b8:5d:0f:ca:cb:13:59: dc:cc:5a:9f:52:a2:45:54:53:bd:a0:b0:1b:9a:99:ba:f0:ed: f1:b5:5b:fd:bc:29:d2:19:f0:94:88:b3:a1:ce:b6:44:a4:ba: a9:7d:a3:63:62:db:59:84:a4:93:9f:d4:c3:95:db:d4:e7:40: c1:59:6c:a4:92:10:60:bc:fe:7e:ca:3c:7a:a8:5d:88:d4:83: c7:bd:50:b4:46:66:b0:80:c3:fe:cb:79:d4:e6:13:60:29:a2: 53:88:36:4c:f5:72:e7:f7:10:23:2b:36:50:ba:ad:b9:ee:ba: fe:29:14:04:de:75:12:67:c7:d4:a3:62:e5:42:e6:e1:28:c1: c9:3e:7a:c6:fd:9f:1f:a9:45:bf:78:2c:66:d9:3b:ef:71:1d: 1d:8a:0a:a4:35:cf:46:4a:28:c2:7a:e0:c3:a4:9d:14:28:ea: ae:80:b8:ed:de:c5:41:b4:14:de:60:fd:6c:b5:e5:ee:88:74: 44:05:1c:07:10:87:5c:36:67:a2:fd:53:85:48:1d:ca:32:30: f7:72:08:bc -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUJp36Tt01QT6Zr5BdVZHmtfhcwOswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwNTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGI5ZmE4OWZhODg1Y2Q3OTE0NzRmY2I3M2FmMzM2YjQwYjM5MGNiMzIyYTNm OTYwMjYxZDEwYTI3N2U3YjEwMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1rdFKChbh8RWgUN+0Xs+llnqVKk1hUz5KPBHo8N6osozlWFQa2BaJih6Qx mgW2JJG3HPTlMldb92qLePKKIuF8uQu1b0dI22K21ympFf3YzKoDyinsSoB2WTsR jKbK2A4z9AwJ+Qh+nYQrkzKlsO+GRRV+EhnhhUealS8VqMt0VSKS+au8s9RQYNur hzKiQfmmUY1Y8tPFtvmPOV85NsBQ6Nytrniy/uENdtko9x7rYhV7EcAoIuDqyhSl ccsyiYe4lT5lpRr5X75A9gusiH3U0ZSh2WwpQ/CZqE6GojaL/8/uE/pULPJehGHQ YEEXx+Zo8RpFd58wm8yyRQashlsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRFY+9t tKSuYpNPsD00LjU57C2N0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ MA0GCSqGSIb3DQEBCwUAA4IBAQA5AY+Ij4iSquiv2ADkmUXEUm+sCEdxbmwU/rO0 oaCZ7lbffEVMSiqczVxE+tvCebhdD8rLE1nczFqfUqJFVFO9oLAbmpm68O3xtVv9 vCnSGfCUiLOhzrZEpLqpfaNjYttZhKSTn9TDldvU50DBWWykkhBgvP5+yjx6qF2I 1IPHvVC0RmawgMP+y3nU5hNgKaJTiDZM9XLn9xAjKzZQuq257rr+KRQE3nUSZ8fU o2LlQubhKMHJPnrG/Z8fqUW/eCxm2TvvcR0digqkNc9GSijCeuDDpJ0UKOqugLjt 3sVBtBTeYP1steXuiHREBRwHEIdcNmei/VOFSB3KMjD3cgi8 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:53 2025 by rpki-client