This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa File: da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa (raw, json) Hash identifier: PMXtyt91KzX6v5PNwj5JK6cpEXQHvUGgdJ2oTVk8Yic= Subject key identifier: 2D:4C:4B:FF:8A:38:22:5B:F7:5F:CC:58:DE:6C:74:B5:4D:DF:62:20 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 42FC17B2189824D31887DAB1E61F53E485A53E6A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa Signing time: Thu 13 Nov 2025 02:00:41 +0000 ROA not before: Thu 13 Nov 2025 02:00:41 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:fc:17:b2:18:98:24:d3:18:87:da:b1:e6:1f:53:e4:85:a5:3e:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 13 02:00:41 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=fb9c1e68fb3e4ff2ea522e53599d38a0ab72209f79c0f73e50655abe10b12191, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:dd:17:f5:bc:61:c4:b0:3d:29:5d:25:dc:44: c7:00:86:a7:a3:f1:94:2c:9f:1f:c6:4b:66:c3:f5: c0:e8:0b:1d:d5:59:a7:6b:64:88:f9:ce:c2:5b:db: d8:05:92:08:b7:6e:5e:c9:ff:2f:e9:dd:a1:8d:49: a6:54:14:3f:ef:d0:01:03:a0:af:44:e8:5d:b1:6e: c5:90:d4:b6:78:bf:70:26:d9:7a:91:8d:e2:2a:40: bb:b2:7a:b1:6d:79:3a:f9:ff:3d:c8:f9:e3:5e:f2: cb:22:37:9f:b0:e9:c8:14:b1:97:41:06:6f:09:68: 49:50:25:15:9d:81:c4:10:f1:ce:9e:49:62:fe:0a: fd:e1:1c:56:af:ff:c2:4b:d5:0b:0c:4f:c4:b9:45: 01:a7:74:cb:39:00:8e:ec:2f:26:07:36:b4:ea:b7: 03:f9:67:41:35:64:b0:9c:f0:44:59:d6:64:8a:8d: 33:9f:8a:fc:36:ad:58:9d:52:d3:e3:5e:f0:6d:d8: 79:91:0c:38:01:c0:21:62:77:85:1c:97:51:1b:1b: a0:fa:36:b2:75:c6:89:7d:c4:cd:12:66:92:20:23: dc:a5:bc:46:0b:a8:9e:57:6a:dd:7b:ce:e9:df:08: 28:ac:c9:2a:a3:7d:95:23:15:ea:29:fd:79:25:62: 05:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:4C:4B:FF:8A:38:22:5B:F7:5F:CC:58:DE:6C:74:B5:4D:DF:62:20 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da7b8c4e-ee0a-45cd-b6e3-7bacf8a9e2f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:880::/48 Signature Algorithm: sha256WithRSAEncryption 7a:ba:03:81:12:bf:56:8c:ea:bd:86:cd:a6:c5:35:4a:47:6e: 35:24:66:c5:c0:64:e6:f1:ec:55:98:43:bf:4b:4f:da:16:bf: 64:95:87:88:17:7e:e5:af:5a:75:fa:ab:79:fb:cd:84:76:99: 58:59:ff:d9:79:02:a5:23:a2:a1:18:b6:2c:a8:23:bc:94:ef: 6f:6d:d4:c1:7d:8e:40:55:fc:ab:18:e8:93:db:40:c6:be:11: 29:17:0f:9d:50:d5:05:54:2f:68:82:84:1c:be:5e:2f:ed:7f: 3f:0e:14:55:c2:d5:c7:2d:34:ac:38:81:df:12:ae:3e:91:62: 78:33:a9:a7:eb:28:a9:eb:60:2b:13:cb:f8:13:43:a8:14:c8: 2e:b4:6a:92:90:98:ae:7b:38:8f:37:53:00:ac:7c:3f:07:c4: a4:0d:3c:24:1e:87:19:ae:fa:96:70:c4:84:27:27:2a:ff:7c: 84:a6:39:db:1d:44:90:26:ce:88:2c:61:57:d8:0b:e4:04:62: 23:9e:aa:f7:89:69:f5:12:db:c1:db:2b:db:2f:10:2f:69:11: b9:6e:e2:e6:2d:65:31:be:bc:d4:db:c4:8a:7e:d6:9b:64:87: 65:97:57:6c:d6:d5:16:ce:53:08:73:4b:a7:19:7e:b4:94:fb: 8f:f7:68:af -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUQvwXshiYJNMYh9qx5h9T5IWlPmowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTMwMjAwNDFaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV BAUTQGZiOWMxZTY4ZmIzZTRmZjJlYTUyMmU1MzU5OWQzOGEwYWI3MjIwOWY3OWMw ZjczZTUwNjU1YWJlMTBiMTIxOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMDdF/W8YcSwPSldJdxExwCGp6PxlCyfH8ZLZsP1wOgLHdVZp2tkiPnOwlvb 2AWSCLduXsn/L+ndoY1JplQUP+/QAQOgr0ToXbFuxZDUtni/cCbZepGN4ipAu7J6 sW15Ovn/Pcj5417yyyI3n7DpyBSxl0EGbwloSVAlFZ2BxBDxzp5JYv4K/eEcVq// wkvVCwxPxLlFAad0yzkAjuwvJgc2tOq3A/lnQTVksJzwRFnWZIqNM5+K/DatWJ1S 0+Ne8G3YeZEMOAHAIWJ3hRyXURsboPo2snXGiX3EzRJmkiAj3KW8Rguonldq3XvO 6d8IKKzJKqN9lSMV6in9eSViBcUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQtTEv/ ijgiW/dfzFjebHS1Td9iIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGE3YjhjNGUtZWUwYS00NWNkLWI2ZTMtN2JhY2Y4YTllMmYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I gDANBgkqhkiG9w0BAQsFAAOCAQEAeroDgRK/VozqvYbNpsU1SkduNSRmxcBk5vHs VZhDv0tP2ha/ZJWHiBd+5a9adfqrefvNhHaZWFn/2XkCpSOioRi2LKgjvJTvb23U wX2OQFX8qxjok9tAxr4RKRcPnVDVBVQvaIKEHL5eL+1/Pw4UVcLVxy00rDiB3xKu PpFieDOpp+soqetgKxPL+BNDqBTILrRqkpCYrns4jzdTAKx8PwfEpA08JB6HGa76 lnDEhCcnKv98hKY52x1EkCbOiCxhV9gL5ARiI56q94lp9RLbwdsr2y8QL2kRuW7i 5i1lMb681NvEin7Wm2SHZZdXbNbVFs5TCHNLpxl+tJT7j/dorw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:24 2025 by rpki-client