This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json) Hash identifier: S01F7rldrwwvpjFhu/cEzIxD2cOQYyDFVzk+sQo3cr4= Subject key identifier: B5:86:A4:91:F7:52:91:6A:14:8D:78:1D:7F:9B:DB:5D:E0:C6:11:FE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1B978E989DA8D2F5D32211DA890376C27E98211C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa Signing time: Wed 10 Dec 2025 05:51:16 +0000 ROA not before: Wed 10 Dec 2025 05:51:16 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d016:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:97:8e:98:9d:a8:d2:f5:d3:22:11:da:89:03:76:c2:7e:98:21:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:51:16 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e09d04bbe7333b551172025c02a27128561950c8087ddcfad2e43ced431a4319, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:36:9a:12:d3:13:b7:f2:97:87:c7:e7:c8:a3: 6d:60:c4:f8:cf:97:6c:de:87:fc:0e:d2:92:59:ad: ef:dc:86:be:df:a4:5d:64:58:45:80:d4:0b:2e:ae: 23:d5:77:b4:85:85:fe:05:17:1f:70:14:19:7d:65: 9f:3f:93:29:db:a5:50:d9:a7:68:14:aa:41:14:b5: 47:f4:b1:11:a5:b0:ed:cf:98:0e:5b:c0:fb:16:5d: 96:e7:1c:0f:59:08:f1:5d:b5:1d:05:3f:d8:9c:05: d1:bd:71:21:d5:bc:86:35:a6:10:09:9e:be:e4:e7: d6:e9:e4:cd:06:8c:53:f7:ac:da:89:0f:91:c6:8e: 61:d4:84:cc:09:b8:b1:c0:f6:06:40:ea:60:32:e4: 28:2c:dd:a7:42:a4:9f:ff:8b:f3:45:3f:6d:a0:13: 5d:44:2f:e9:fe:01:2f:47:fd:18:fe:c3:55:4c:c9: 2f:99:f9:75:3f:fb:e3:36:b4:83:1f:4d:af:68:a6: 59:96:9d:dc:cf:8b:37:22:1f:19:e9:2e:63:c3:ba: fc:3a:0d:89:c4:fb:6d:af:c2:de:db:3c:fd:35:d0: 8f:f9:55:25:8d:32:b6:00:f3:55:3c:91:4f:ab:91: 39:ad:cb:3b:2c:e1:9e:e0:bf:c4:39:aa:22:0b:2b: 94:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:86:A4:91:F7:52:91:6A:14:8D:78:1D:7F:9B:DB:5D:E0:C6:11:FE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d016:400::/38 Signature Algorithm: sha256WithRSAEncryption 0a:9c:09:6f:64:9c:ee:c9:22:c0:1b:26:6b:e9:32:f4:57:4b: 50:1b:86:62:8a:1d:ef:ad:7a:4f:07:13:82:6f:3b:1b:b4:0e: 2f:1b:22:5f:02:67:22:b6:6d:5b:2a:a8:44:6f:d9:58:c4:17: fd:f2:32:3c:2f:b9:98:b4:16:a0:8e:ae:8e:92:22:51:64:df: 70:6a:0f:09:b7:03:25:5d:09:2a:4f:32:42:8b:e3:b7:10:5c: c1:02:6c:f4:ee:4e:f5:46:ef:f7:7e:ca:07:ff:98:7e:f0:39: 27:b1:99:6a:97:cf:7e:d4:04:17:66:6f:1f:e2:43:0d:87:84: 30:d9:b8:cf:81:cb:cc:e3:a8:a4:ae:df:e3:c5:38:a7:7f:d9: 16:85:5e:62:43:0b:94:00:29:87:cb:4c:5b:59:a2:78:1b:94: af:c7:8c:61:e6:23:80:40:af:8b:82:29:db:f1:92:c6:f7:4b: 97:c3:16:56:8d:72:79:b1:bc:85:87:19:12:31:7f:74:28:e7: 39:8a:06:78:87:90:85:2c:2a:c3:01:ce:c9:84:5e:b1:26:cc: d3:64:e1:40:65:1b:75:85:5e:a4:b9:8d:21:73:32:7f:9d:b1: c7:d4:37:c7:11:e1:1a:0e:fb:66:a3:ec:d5:a8:23:f2:5d:24: 5e:88:c3:39 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUG5eOmJ2o0vXTIhHaiQN2wn6YIRwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUxMTZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGUwOWQwNGJiZTczMzNiNTUxMTcyMDI1YzAyYTI3MTI4NTYxOTUwYzgwODdk ZGNmYWQyZTQzY2VkNDMxYTQzMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM02mhLTE7fyl4fH58ijbWDE+M+XbN6H/A7Sklmt79yGvt+kXWRYRYDUCy6u I9V3tIWF/gUXH3AUGX1lnz+TKdulUNmnaBSqQRS1R/SxEaWw7c+YDlvA+xZdlucc D1kI8V21HQU/2JwF0b1xIdW8hjWmEAmevuTn1unkzQaMU/es2okPkcaOYdSEzAm4 scD2BkDqYDLkKCzdp0Kkn/+L80U/baATXUQv6f4BL0f9GP7DVUzJL5n5dT/74za0 gx9Nr2imWZad3M+LNyIfGekuY8O6/DoNicT7ba/C3ts8/TXQj/lVJY0ytgDzVTyR T6uROa3LOyzhnuC/xDmqIgsrlJMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1hqSR 91KRahSNeB1/m9td4MYR/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE MA0GCSqGSIb3DQEBCwUAA4IBAQAKnAlvZJzuySLAGyZr6TL0V0tQG4Ziih3vrXpP BxOCbzsbtA4vGyJfAmcitm1bKqhEb9lYxBf98jI8L7mYtBagjq6OkiJRZN9wag8J twMlXQkqTzJCi+O3EFzBAmz07k71Ru/3fsoH/5h+8DknsZlql89+1AQXZm8f4kMN h4Qw2bjPgcvM46ikrt/jxTinf9kWhV5iQwuUACmHy0xbWaJ4G5Svx4xh5iOAQK+L ginb8ZLG90uXwxZWjXJ5sbyFhxkSMX90KOc5igZ4h5CFLCrDAc7JhF6xJszTZOFA ZRt1hV6kuY0hczJ/nbHH1DfHEeEaDvtmo+zVqCPyXSReiMM5 -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:32 2025 by rpki-client