This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json) Hash identifier: Tl3KQRt82qXLDCwGgzTIZXkY95iLix0HjXs5g69OZ50= Subject key identifier: 13:FA:85:21:C4:E0:53:DF:E9:D3:DF:10:66:32:01:D5:AB:67:7A:1E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5A12B344E4047F8E12D07BDC36BC6A7CEF20465A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa Signing time: Wed 10 Dec 2025 05:30:48 +0000 ROA not before: Wed 10 Dec 2025 05:30:48 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:80d0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:12:b3:44:e4:04:7f:8e:12:d0:7b:dc:36:bc:6a:7c:ef:20:46:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:48 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=81da5c065c03221e6c4d9aee99feb29c1f63644a1d24d51515bdcb032bce59bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:dd:4c:18:b9:e1:a0:46:77:d6:e1:e1:ea:59: 3c:47:14:ff:c7:09:c2:7e:46:f7:31:bc:6d:c2:3f: 15:21:3e:8f:cb:b3:53:53:46:f4:fb:cd:a2:07:ef: 44:c3:9e:65:bc:00:eb:22:a3:a1:50:29:2f:ef:09: 1f:c5:a8:cf:ab:71:ea:8d:8b:6e:e8:f7:47:35:bb: be:d5:1e:8a:b0:94:a8:13:cb:d6:ab:2e:e0:8c:b2: 71:53:4c:5a:20:c9:3c:ab:27:81:05:39:7c:e8:67: 92:f4:35:43:1b:df:14:af:b5:4d:29:22:c5:5d:e7: 6b:59:ba:33:d2:60:3a:cb:08:79:9c:61:9c:6d:12: 26:44:29:bc:c9:1c:50:0b:e6:7c:b1:a6:ec:28:b6: aa:8d:7f:ee:89:34:92:ce:4f:09:59:8f:3f:2b:01: a0:d2:3f:9b:be:7d:f7:2c:ef:d2:d4:67:53:10:47: 90:17:d3:10:24:37:fc:9b:a3:fe:ec:85:7c:ae:59: 16:46:37:50:5e:a6:5f:54:97:0f:86:dd:af:0c:2f: 40:45:97:93:fb:43:b8:22:0d:55:59:e3:78:a1:5e: bf:e0:aa:4f:96:ce:c9:49:0e:22:72:28:cb:14:05: 96:4f:9c:cd:ee:93:0a:c1:2d:eb:42:f5:e7:ab:06: 95:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:FA:85:21:C4:E0:53:DF:E9:D3:DF:10:66:32:01:D5:AB:67:7A:1E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:80d0::/48 Signature Algorithm: sha256WithRSAEncryption a8:5e:c3:6b:32:fb:ef:b8:be:2f:f8:7f:b5:66:d9:3b:40:e5: 9e:98:24:84:aa:e7:d8:6e:48:1b:fc:c4:4d:68:3a:36:44:c5: 2d:a9:9c:49:43:40:0c:9d:19:7f:d1:81:92:ef:93:41:63:55: 81:dd:ab:7d:ab:a0:62:cb:64:93:e0:b2:13:0d:89:4d:4c:c4: a4:2b:f4:b8:b3:a3:59:27:2f:15:54:30:0c:c3:df:1e:45:4e: 78:6b:7d:81:55:ac:c4:96:fe:d4:8f:e0:c8:70:85:c8:c1:9b: 9a:d2:d0:b8:ef:07:05:e4:ab:1f:c0:a1:9e:81:6e:22:2a:85: 4d:f7:a9:75:99:ff:90:07:d0:d0:12:bb:79:19:58:68:4f:30: 80:fd:e7:60:2f:35:89:d8:e3:74:3a:8e:16:cc:f2:48:f6:eb: 15:f3:f6:e3:19:93:26:6b:f5:10:30:b7:39:7a:9b:db:a4:57: 0c:2a:e8:12:5f:5a:6c:c2:ad:94:29:25:1c:0b:c6:a9:4f:f3: ac:2f:b6:f0:52:a7:53:34:8c:20:a1:53:a8:f2:e0:c3:9b:c1: b8:e6:78:17:8e:95:fa:8e:17:89:4d:68:48:3c:28:8a:45:23: 72:4a:d4:31:ae:ec:45:c5:8e:9d:21:f6:8b:ed:da:91:05:15: 36:38:fb:19 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUWhKzROQEf44S0HvcNrxqfO8gRlowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDgxZGE1YzA2NWMwMzIyMWU2YzRkOWFlZTk5ZmViMjljMWY2MzY0NGExZDI0 ZDUxNTE1YmRjYjAzMmJjZTU5YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANDdTBi54aBGd9bh4epZPEcU/8cJwn5G9zG8bcI/FSE+j8uzU1NG9PvNogfv RMOeZbwA6yKjoVApL+8JH8Woz6tx6o2Lbuj3RzW7vtUeirCUqBPL1qsu4IyycVNM WiDJPKsngQU5fOhnkvQ1QxvfFK+1TSkixV3na1m6M9JgOssIeZxhnG0SJkQpvMkc UAvmfLGm7Ci2qo1/7ok0ks5PCVmPPysBoNI/m7599yzv0tRnUxBHkBfTECQ3/Juj /uyFfK5ZFkY3UF6mX1SXD4bdrwwvQEWXk/tDuCINVVnjeKFev+CqT5bOyUkOInIo yxQFlk+cze6TCsEt60L156sGlW8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQT+oUh xOBT3+nT3xBmMgHVq2d6HjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA 0DANBgkqhkiG9w0BAQsFAAOCAQEAqF7DazL777i+L/h/tWbZO0DlnpgkhKrn2G5I G/zETWg6NkTFLamcSUNADJ0Zf9GBku+TQWNVgd2rfaugYstkk+CyEw2JTUzEpCv0 uLOjWScvFVQwDMPfHkVOeGt9gVWsxJb+1I/gyHCFyMGbmtLQuO8HBeSrH8ChnoFu IiqFTfepdZn/kAfQ0BK7eRlYaE8wgP3nYC81idjjdDqOFszySPbrFfP24xmTJmv1 EDC3OXqb26RXDCroEl9abMKtlCklHAvGqU/zrC+28FKnUzSMIKFTqPLgw5vBuOZ4 F46V+o4XiU1oSDwoikUjckrUMa7sRcWOnSH2i+3akQUVNjj7GQ== -----END CERTIFICATE-----Generated at Mon Dec 15 15:33:11 2025 by rpki-client