This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa File: d62aaac2-f54a-4bc2-8155-22367e855165.roa (raw, json) Hash identifier: +HRbEmQSG3iNOeY/LdaJ4iB2mYittgI/BCBKbplA9Hg= Subject key identifier: 84:13:EA:B7:E5:78:F7:99:FB:A6:26:3D:71:49:1B:D0:27:0B:2C:C7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 21D09E44F42EB396F2ACB8786877CCA87656F4E9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa Signing time: Wed 10 Dec 2025 06:20:43 +0000 ROA not before: Wed 10 Dec 2025 06:20:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:d0:9e:44:f4:2e:b3:96:f2:ac:b8:78:68:77:cc:a8:76:56:f4:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=aaf4a7f67baa2fd9bd74858d0811a424a20a1d10f37e58aafc40955f791ba0ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c0:d4:2c:d4:fc:7a:6f:8f:34:6d:e3:5b:05: b0:53:fd:2b:04:fc:7d:b9:2a:be:06:3b:bf:2d:d2: ff:f6:d4:0c:9b:03:02:e9:65:fd:b1:e5:3f:62:4f: 28:3f:f1:68:1b:da:5e:27:52:88:ad:27:9b:6f:12: 61:0a:c6:9c:f1:c2:64:17:b5:86:b8:6e:9d:ce:24: 22:a6:54:38:d6:c1:24:e6:9b:13:30:90:e7:01:2e: b2:a6:17:a5:61:09:a1:f2:68:5e:5f:04:99:94:38: bc:1a:62:9b:e7:a4:dd:55:80:cb:e8:e9:7d:b9:bd: f1:c6:d0:e4:6c:3a:85:8d:e8:dd:ca:36:17:88:e3: 36:53:23:ca:e7:2e:b9:e1:8e:31:1b:34:1c:ea:08: 51:b3:81:71:81:d7:41:2f:f3:8f:59:3c:22:78:15: 5d:8d:f0:97:e8:55:40:e6:72:5b:00:53:58:e8:93: bb:13:a8:2e:c8:fd:13:60:33:6d:c2:0f:bd:c5:d2: 05:99:4f:b5:10:8b:38:10:7c:05:1d:04:8e:b0:36: 8d:b1:0e:13:e9:5d:b6:23:ed:04:1f:51:c5:c4:ee: cd:1e:5f:b8:b8:75:ba:d8:1c:f2:fa:4e:8d:65:1f: 32:b2:ba:31:87:5a:5d:4e:50:15:5b:71:62:77:a3: bc:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:13:EA:B7:E5:78:F7:99:FB:A6:26:3D:71:49:1B:D0:27:0B:2C:C7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:b000::/40 Signature Algorithm: sha256WithRSAEncryption 46:2d:7e:42:6e:97:6b:62:28:67:0d:03:81:a2:c8:ea:e4:9e: ea:75:86:27:b1:70:09:4f:d9:cb:32:31:aa:f5:51:f4:11:82: 46:79:c8:97:f6:a9:c9:9e:71:41:6f:b9:02:a6:6e:2f:5f:fe: de:ea:e0:25:6e:96:a9:3a:fa:83:65:19:97:85:32:90:b6:02: 15:fe:4f:c7:ad:80:c1:11:2c:1c:b8:87:85:1f:00:7b:5f:79: 1b:a2:26:f8:92:a6:f6:9f:dc:c3:87:b0:cb:f7:3b:72:60:0e: cf:ee:20:92:44:24:a0:74:d1:ef:eb:1f:ab:8f:8c:9e:83:c0: c7:b9:ec:80:ce:d9:97:55:fb:95:a3:0c:f7:2b:22:e0:30:d9: 8d:56:37:1b:09:f1:cb:a3:0b:de:1b:e6:08:69:9f:f2:e3:47: 2d:4a:ba:ec:ac:dc:56:cc:b2:10:72:91:55:c8:10:3c:8f:d5: 1d:08:0d:be:1e:01:72:0d:60:0d:17:73:44:18:1e:2f:af:90: e9:df:da:3e:87:ac:f3:29:85:50:91:9c:e5:78:6f:d3:2e:75: 9f:b4:e5:95:ce:98:6b:5d:76:e9:0f:4b:b2:50:56:23:51:79: 96:8b:54:92:df:48:8e:6d:dc:5f:37:fc:5d:78:7e:77:21:c3: b1:db:df:4f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIdCeRPQus5byrLh4aHfMqHZW9OkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGFhZjRhN2Y2N2JhYTJmZDliZDc0ODU4ZDA4MTFhNDI0YTIwYTFkMTBmMzdl NThhYWZjNDA5NTVmNzkxYmEwZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAObA1CzU/HpvjzRt41sFsFP9KwT8fbkqvgY7vy3S//bUDJsDAull/bHlP2JP KD/xaBvaXidSiK0nm28SYQrGnPHCZBe1hrhunc4kIqZUONbBJOabEzCQ5wEusqYX pWEJofJoXl8EmZQ4vBpim+ek3VWAy+jpfbm98cbQ5Gw6hY3o3co2F4jjNlMjyucu ueGOMRs0HOoIUbOBcYHXQS/zj1k8IngVXY3wl+hVQOZyWwBTWOiTuxOoLsj9E2Az bcIPvcXSBZlPtRCLOBB8BR0EjrA2jbEOE+ldtiPtBB9RxcTuzR5fuLh1utgc8vpO jWUfMrK6MYdaXU5QFVtxYnejvNkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSEE+q3 5Xj3mfumJj1xSRvQJwssxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDYyYWFhYzItZjU0YS00YmMyLTgxNTUtMjIzNjdlODU1MTY1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKw MA0GCSqGSIb3DQEBCwUAA4IBAQBGLX5CbpdrYihnDQOBosjq5J7qdYYnsXAJT9nL MjGq9VH0EYJGeciX9qnJnnFBb7kCpm4vX/7e6uAlbpapOvqDZRmXhTKQtgIV/k/H rYDBESwcuIeFHwB7X3kboib4kqb2n9zDh7DL9ztyYA7P7iCSRCSgdNHv6x+rj4ye g8DHueyAztmXVfuVowz3KyLgMNmNVjcbCfHLowveG+YIaZ/y40ctSrrsrNxWzLIQ cpFVyBA8j9UdCA2+HgFyDWANF3NEGB4vr5Dp39o+h6zzKYVQkZzleG/TLnWftOWV zphrXXbpD0uyUFYjUXmWi1SS30iObdxfN/xdeH53IcOx299P -----END CERTIFICATE-----Generated at Tue Dec 16 00:30:19 2025 by rpki-client