This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa File: d6265269-370a-4e3b-983b-9bec3a5c535a.roa (raw, json) Hash identifier: 6xbn2XbHVQVTFnB6aqQQxG5haxyXj0rSxoudROULKoI= Subject key identifier: 5E:30:BF:F8:30:3E:32:3B:01:97:CB:0C:4D:58:46:41:9C:76:DA:4A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2CEF3D8BA36B6F3D1CE340172BB43DEB57DDEF71 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa Signing time: Tue 25 Nov 2025 20:01:01 +0000 ROA not before: Tue 25 Nov 2025 20:01:01 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:ef:3d:8b:a3:6b:6f:3d:1c:e3:40:17:2b:b4:3d:eb:57:dd:ef:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:01:01 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=0510a78c24aadb37e972dd2bff53cbf61d1d49843fb156d5ed1dd36147555834, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:6a:b4:ae:ce:b6:95:5a:41:75:ad:f2:39:54: f4:42:7b:d6:28:70:8f:24:25:8b:91:90:0b:79:10: 89:4a:1e:8d:72:0e:5c:4d:bf:44:bc:f1:a4:c1:f9: 3a:8c:49:d6:63:bc:d0:38:df:91:00:48:f9:47:20: b0:93:c4:88:15:2e:85:00:45:42:55:ee:fd:42:fc: 8f:06:2a:30:53:9b:27:63:df:a8:f2:e0:08:63:ef: fd:31:16:a0:dd:59:f7:e2:aa:a6:56:05:9a:19:33: bb:95:7c:ce:aa:a8:b0:76:fb:95:95:63:0d:f6:ee: 1f:ec:c4:a6:cc:7b:6b:3a:fa:d7:0f:60:ab:94:43: 9b:00:b4:a4:53:c9:c9:e4:af:2a:71:a0:b1:78:1a: 0f:8e:06:6e:e6:2b:ac:78:a4:ae:c6:05:0f:f9:40: 64:27:b5:fe:0d:eb:28:6f:e8:65:f9:9d:fa:34:73: 08:e6:17:b8:f7:fb:c3:04:cb:b7:3f:72:16:ab:69: fd:21:c8:d4:f4:de:b1:76:f2:fa:07:01:03:14:f6: b9:f8:52:96:8a:95:80:b6:39:73:ae:ec:7c:cd:9c: c3:01:38:60:08:1d:24:b6:5c:9e:ba:7e:79:6c:29: 13:31:9f:03:3f:4c:a6:d0:51:2f:51:81:8c:18:5c: 9a:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:30:BF:F8:30:3E:32:3B:01:97:CB:0C:4D:58:46:41:9C:76:DA:4A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:e000::/40 Signature Algorithm: sha256WithRSAEncryption 8a:b9:ec:63:3c:d8:99:2c:68:89:bb:8e:82:58:d5:5c:b7:67: c7:5e:75:1b:46:1b:55:04:d7:6b:aa:36:4a:fc:b7:c5:89:58: b6:21:2e:ad:85:ea:23:d8:49:5c:ea:d1:02:e2:1f:12:08:41: 63:f7:19:80:62:98:d0:c4:d3:75:48:4e:26:17:5d:1e:ee:7f: 6d:1b:73:95:fb:b0:2b:d7:07:c1:0c:68:c7:d4:1f:e1:70:ce: 00:84:3e:88:e1:4f:d3:8e:fa:f2:10:2c:24:9e:61:bc:83:18: 6c:42:cc:0c:a9:90:2d:d3:26:c4:a5:af:fd:74:1f:ba:e7:ea: 5e:40:b8:e4:2c:ad:61:cc:34:ae:8d:eb:31:9b:f1:d1:e6:df: 39:7b:ee:51:68:a8:bc:75:13:b7:21:f2:c4:77:22:aa:ec:86: e0:e5:c6:b6:ec:c9:cf:02:73:4b:9a:c5:7b:f2:95:1f:4b:14: 64:e5:3b:92:06:a1:97:e5:3f:90:21:6b:c0:14:a5:68:d0:5f: be:5f:9e:ef:8f:cc:58:5f:6e:80:22:94:63:1b:c4:36:7c:08: 41:a0:4f:a9:6f:66:c3:7d:b2:bb:80:cb:85:0c:ce:13:f9:a9: 5b:a4:18:f4:e2:37:e5:7a:4c:8b:62:d8:07:4a:1c:ba:4f:5d: 8f:6c:c9:ea -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIULO89i6Nrbz0c40AXK7Q961fd73EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAxMDFaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDA1MTBhNzhjMjRhYWRiMzdlOTcyZGQyYmZmNTNjYmY2MWQxZDQ5ODQzZmIx NTZkNWVkMWRkMzYxNDc1NTU4MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN5qtK7OtpVaQXWt8jlU9EJ71ihwjyQli5GQC3kQiUoejXIOXE2/RLzxpMH5 OoxJ1mO80DjfkQBI+UcgsJPEiBUuhQBFQlXu/UL8jwYqMFObJ2PfqPLgCGPv/TEW oN1Z9+KqplYFmhkzu5V8zqqosHb7lZVjDfbuH+zEpsx7azr61w9gq5RDmwC0pFPJ yeSvKnGgsXgaD44GbuYrrHikrsYFD/lAZCe1/g3rKG/oZfmd+jRzCOYXuPf7wwTL tz9yFqtp/SHI1PTesXby+gcBAxT2ufhSloqVgLY5c67sfM2cwwE4YAgdJLZcnrp+ eWwpEzGfAz9MptBRL1GBjBhcmp8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReML/4 MD4yOwGXywxNWEZBnHbaSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDYyNjUyNjktMzcwYS00ZTNiLTk4M2ItOWJlYzNhNWM1MzVhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPg MA0GCSqGSIb3DQEBCwUAA4IBAQCKuexjPNiZLGiJu46CWNVct2fHXnUbRhtVBNdr qjZK/LfFiVi2IS6theoj2Elc6tEC4h8SCEFj9xmAYpjQxNN1SE4mF10e7n9tG3OV +7Ar1wfBDGjH1B/hcM4AhD6I4U/TjvryECwknmG8gxhsQswMqZAt0ybEpa/9dB+6 5+peQLjkLK1hzDSujesxm/HR5t85e+5RaKi8dRO3IfLEdyKq7Ibg5ca27MnPAnNL msV78pUfSxRk5TuSBqGX5T+QIWvAFKVo0F++X57vj8xYX26AIpRjG8Q2fAhBoE+p b2bDfbK7gMuFDM4T+albpBj04jflekyLYtgHShy6T12PbMnq -----END CERTIFICATE-----Generated at Sat Dec 6 17:31:34 2025 by rpki-client