This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa File: da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa (raw, json) Hash identifier: JyusB6NCWl3e+htoBUT7nk86Hyqmck9kDTvQ4oXwqEs= Subject key identifier: 22:BF:3D:B4:1D:8D:19:72:7D:BD:EF:56:81:15:4A:FE:04:FE:A6:67 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 490E50D977B98A9A5E45C52FF506E0C4471D4ECB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa Signing time: Mon 08 Dec 2025 02:10:28 +0000 ROA not before: Mon 08 Dec 2025 02:10:28 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:0e:50:d9:77:b9:8a:9a:5e:45:c5:2f:f5:06:e0:c4:47:1d:4e:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 8 02:10:28 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=10edc1d8b9eb87ec3e225fd685e9456d91161af10768066a9e8947209ddfb716, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:cc:0b:b7:a1:d8:da:72:03:fb:48:a5:b2:6e: 5f:92:8f:d6:18:bb:f3:3a:a4:e6:63:0a:c1:d5:f3: b4:6f:a9:6c:df:c0:4c:1a:6b:5d:19:3f:57:d4:e6: e1:28:57:89:7e:f3:df:34:6c:f1:42:17:5b:56:62: d2:62:d9:9c:73:41:23:a8:7f:8c:ec:73:2a:2d:04: b2:4a:9d:83:c1:8a:ba:17:b3:c0:95:17:95:9a:b4: 14:53:ff:ff:5d:0a:4f:2e:d2:59:4f:54:bd:25:38: 0c:c7:b2:92:dd:d4:78:5d:ea:b9:61:fc:6b:80:7e: ae:fb:ed:47:cd:07:02:ce:2a:1a:a6:65:f4:22:38: ec:60:2e:5e:7c:eb:b1:4a:b1:f2:50:ff:68:b1:a6: 35:7d:28:8c:4e:c9:c3:10:cb:ce:67:72:3f:ce:7f: d9:f3:61:ec:e7:0d:c8:cf:3f:f6:c9:85:43:2c:37: 41:d5:e2:0b:29:62:c9:81:54:af:aa:5b:dd:82:11: fb:99:7f:96:07:44:1c:1e:a4:20:10:d8:05:64:6e: 85:e8:8a:3b:71:7e:0d:0c:bc:88:43:3f:19:46:d0: 4b:e2:93:25:ce:a8:04:b9:27:13:79:78:51:8f:ff: ca:e6:0d:6b:95:b5:6d:7c:cf:65:80:86:46:97:cf: cb:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:BF:3D:B4:1D:8D:19:72:7D:BD:EF:56:81:15:4A:FE:04:FE:A6:67 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:880::/48 Signature Algorithm: sha256WithRSAEncryption 2e:f8:9c:b3:3d:1d:f9:53:cf:b2:fe:99:ae:c3:25:32:51:5f: 61:f2:c3:6e:35:9b:69:73:84:18:88:52:d5:fb:4b:2c:71:7a: a3:6c:e5:a1:ca:64:98:f8:4c:db:f9:34:c3:b6:b6:9c:42:83: ed:41:84:89:d6:6d:aa:81:b6:ff:46:89:6a:ce:63:3e:25:66: 29:f1:1e:36:e4:fa:e2:98:75:99:ce:23:a2:28:c4:05:a5:8d: 22:0f:77:69:9e:5c:fa:fa:f9:84:c1:c0:73:87:d9:eb:fc:1a: 3b:6c:a6:e3:52:f7:01:85:94:8b:46:83:91:2a:a5:41:5d:ff: f9:ce:99:7b:2f:12:de:34:5c:97:98:9e:09:6e:44:cb:cb:63: a3:86:58:03:99:e4:58:3d:ac:ad:b8:ee:ca:9d:d2:44:4c:19: 93:95:bd:8f:58:64:ad:4a:55:c3:e7:84:42:2b:5d:c3:29:51: bf:a8:58:9b:6c:c0:9a:00:db:5c:54:aa:be:a7:1a:ea:c3:0b: 12:63:b2:0f:e5:2b:9b:fb:00:b3:78:49:64:c3:18:30:3f:19: c1:16:40:9b:28:35:a3:ae:c4:c3:24:9f:84:ff:bf:ec:94:21: d1:07:8e:5d:e3:19:0d:55:f5:c9:a2:38:2f:79:7d:6b:ee:02: 07:ed:39:a0 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUSQ5Q2Xe5ippeRcUv9QbgxEcdTsswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDgwMjEwMjhaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDEwZWRjMWQ4YjllYjg3ZWMzZTIyNWZkNjg1ZTk0NTZkOTExNjFhZjEwNzY4 MDY2YTllODk0NzIwOWRkZmI3MTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMjMC7eh2NpyA/tIpbJuX5KP1hi78zqk5mMKwdXztG+pbN/ATBprXRk/V9Tm 4ShXiX7z3zRs8UIXW1Zi0mLZnHNBI6h/jOxzKi0Eskqdg8GKuhezwJUXlZq0FFP/ /10KTy7SWU9UvSU4DMeykt3UeF3quWH8a4B+rvvtR80HAs4qGqZl9CI47GAuXnzr sUqx8lD/aLGmNX0ojE7JwxDLzmdyP85/2fNh7OcNyM8/9smFQyw3QdXiCyliyYFU r6pb3YIR+5l/lgdEHB6kIBDYBWRuheiKO3F+DQy8iEM/GUbQS+KTJc6oBLknE3l4 UY//yuYNa5W1bXzPZYCGRpfPyykCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQivz20 HY0Zcn2971aBFUr+BP6mZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGE3YjhjNGUtZWUwYS00NWNkLWI2ZTMtN2JhY2Y4YTllMmYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I gDANBgkqhkiG9w0BAQsFAAOCAQEALvicsz0d+VPPsv6ZrsMlMlFfYfLDbjWbaXOE GIhS1ftLLHF6o2zlocpkmPhM2/k0w7a2nEKD7UGEidZtqoG2/0aJas5jPiVmKfEe NuT64ph1mc4joijEBaWNIg93aZ5c+vr5hMHAc4fZ6/waO2ym41L3AYWUi0aDkSql QV3/+c6Zey8S3jRcl5ieCW5Ey8tjo4ZYA5nkWD2srbjuyp3SREwZk5W9j1hkrUpV w+eEQitdwylRv6hYm2zAmgDbXFSqvqca6sMLEmOyD+Urm/sAs3hJZMMYMD8ZwRZA myg1o67EwySfhP+/7JQh0QeOXeMZDVX1yaI4L3l9a+4CB+05oA== -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:19 2025 by rpki-client