This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json) Hash identifier: wczzAnEqm7MzG4tU8DU4i3wK+MokQLDRE7VB0gKPgDs= Subject key identifier: 03:39:BA:62:70:98:3D:9C:4F:13:28:8C:54:4D:FC:3E:B6:2D:EC:71 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4013404C85AFA82834E7919EA8DA17708B00ABDB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa Signing time: Sat 15 Nov 2025 05:51:07 +0000 ROA not before: Sat 15 Nov 2025 05:51:07 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d016:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:13:40:4c:85:af:a8:28:34:e7:91:9e:a8:da:17:70:8b:00:ab:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:51:07 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=2e14a09770dc51e508a5f080c1fa972f32086994534ed158b89cef28ed048c5e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:e6:a1:c7:8b:a7:99:a9:82:45:63:54:78:1a: a8:28:dd:8f:39:c0:b2:cf:19:b0:de:77:9a:7e:c0: aa:c6:32:81:58:68:3b:9f:07:f7:de:f4:d7:1b:df: 53:12:03:72:17:f7:17:ea:ee:a2:03:5b:32:de:dc: 45:ee:e7:50:2b:35:04:48:4f:0f:72:e1:5f:ea:82: fd:e4:10:0a:9c:8a:29:2a:5c:05:4b:49:1b:ae:ef: ef:c5:79:cc:44:b4:e0:46:70:a5:1e:d1:1e:7f:ce: 1d:45:cc:51:9b:9a:2b:4c:ac:5d:b7:3e:45:14:ae: d4:e5:b4:fe:fe:7e:35:ed:80:6f:05:12:f6:a3:19: 96:5d:ec:4a:aa:8a:17:d7:c8:d3:ac:1e:18:a6:9e: 8d:59:ac:da:97:4d:27:04:61:65:9e:be:3d:bb:c2: b8:b8:d9:b2:96:bf:72:03:ea:3b:93:7c:52:64:8a: 98:b4:5a:25:c5:83:ab:fa:26:67:13:a8:32:05:5d: 27:2f:af:52:88:6d:c7:fd:9f:f8:6a:8e:c9:f7:80: ea:df:27:a5:f7:0a:ee:6f:dd:4d:c9:17:0d:db:89: d6:35:e1:e8:af:b9:04:d3:71:37:07:31:d0:c9:aa: e0:2f:6a:34:15:79:ef:23:18:20:44:e8:40:3c:2d: e8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:39:BA:62:70:98:3D:9C:4F:13:28:8C:54:4D:FC:3E:B6:2D:EC:71 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d016:400::/38 Signature Algorithm: sha256WithRSAEncryption 68:a3:ff:92:5a:e3:2b:cc:4e:ee:7e:c9:13:50:4b:e1:12:8e: b6:d5:9e:04:0d:be:66:4e:08:7b:e7:f7:e9:08:d2:0f:f8:0f: f3:38:79:9d:91:8c:20:ec:fc:5f:9d:c1:06:26:d9:be:45:2b: 9b:b6:3f:8e:01:65:36:31:93:93:b7:26:78:05:88:68:d6:20: 95:33:50:a5:35:f0:41:79:77:50:23:9b:8c:32:55:65:66:e6: 5b:88:9d:d9:56:be:fb:78:e6:71:82:ff:e5:41:9e:d4:f5:31: 92:38:39:b1:4d:fc:3b:93:9f:64:5c:d9:8d:6a:3e:39:30:d5: 65:95:16:46:c4:60:48:6d:48:45:cf:9c:3f:04:28:75:d7:49: a7:7b:68:2b:a2:5b:4b:9c:7b:59:52:3d:84:b4:d6:79:78:c5: 1b:f2:8c:76:35:0c:a9:b0:5d:67:39:69:27:cc:e0:aa:0b:75: 8a:f3:f5:9c:c7:3a:b2:72:dc:cd:f3:fb:01:6d:26:1d:08:61: 46:dd:03:fa:73:24:2e:9e:b6:6d:48:43:bb:7e:c5:d7:31:c6: 17:db:07:ed:71:90:bc:99:97:1b:2c:ad:f4:0c:05:7f:cc:e2: 7c:3f:1d:c2:af:25:b0:d8:f8:11:d5:d3:e1:a9:53:52:cd:8a: 41:39:3a:5f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUQBNATIWvqCg055GeqNoXcIsAq9swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUxMDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDJlMTRhMDk3NzBkYzUxZTUwOGE1ZjA4MGMxZmE5NzJmMzIwODY5OTQ1MzRl ZDE1OGI4OWNlZjI4ZWQwNDhjNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIjmoceLp5mpgkVjVHgaqCjdjznAss8ZsN53mn7AqsYygVhoO58H99701xvf UxIDchf3F+ruogNbMt7cRe7nUCs1BEhPD3LhX+qC/eQQCpyKKSpcBUtJG67v78V5 zES04EZwpR7RHn/OHUXMUZuaK0ysXbc+RRSu1OW0/v5+Ne2AbwUS9qMZll3sSqqK F9fI06weGKaejVms2pdNJwRhZZ6+PbvCuLjZspa/cgPqO5N8UmSKmLRaJcWDq/om ZxOoMgVdJy+vUohtx/2f+GqOyfeA6t8npfcK7m/dTckXDduJ1jXh6K+5BNNxNwcx 0Mmq4C9qNBV57yMYIEToQDwt6O0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDObpi cJg9nE8TKIxUTfw+ti3scTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE MA0GCSqGSIb3DQEBCwUAA4IBAQBoo/+SWuMrzE7ufskTUEvhEo621Z4EDb5mTgh7 5/fpCNIP+A/zOHmdkYwg7PxfncEGJtm+RSubtj+OAWU2MZOTtyZ4BYho1iCVM1Cl NfBBeXdQI5uMMlVlZuZbiJ3ZVr77eOZxgv/lQZ7U9TGSODmxTfw7k59kXNmNaj45 MNVllRZGxGBIbUhFz5w/BCh110mne2groltLnHtZUj2EtNZ5eMUb8ox2NQypsF1n OWknzOCqC3WK8/WcxzqyctzN8/sBbSYdCGFG3QP6cyQunrZtSEO7fsXXMcYX2wft cZC8mZcbLK30DAV/zOJ8Px3CryWw2PgR1dPhqVNSzYpBOTpf -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:39 2025 by rpki-client