This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json) Hash identifier: W27xGVYPvE/Ly4ZRCK/WQ5AjAQ6NJciYICyqpy5U8B4= Subject key identifier: 9E:EA:B3:C4:25:8D:B8:93:49:52:21:56:A9:68:08:2B:8A:F7:23:43 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4C6C77A7F2003B5F254A2C3590E1F4C1A5D23F14 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa Signing time: Wed 10 Dec 2025 05:50:08 +0000 ROA not before: Wed 10 Dec 2025 05:50:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:6c:77:a7:f2:00:3b:5f:25:4a:2c:35:90:e1:f4:c1:a5:d2:3f:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1e683e758307650b69eb659722dcb9f260eeb575da97e0d7209a9d11a00e761e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:25:1e:34:d5:31:53:ec:eb:89:f7:49:11:03: c4:fa:8c:89:19:76:f8:1a:bb:5f:7d:c1:f2:03:87: 64:a5:be:3f:1c:fb:ca:d8:bc:99:c7:66:ab:7c:27: a4:36:65:4e:29:c7:0b:49:91:d1:e1:61:fe:15:df: 30:ab:9b:37:d4:15:97:65:53:37:a3:59:2d:f4:37: 9d:14:4b:98:f2:fe:9d:6b:30:bf:6f:76:4c:b1:3a: cb:2e:46:b0:8c:06:a3:f7:a1:b7:00:d6:80:ee:17: 49:e7:e9:b2:e5:48:62:da:75:fb:8c:ae:ab:31:91: 0a:d4:57:33:da:59:b6:3b:34:a4:fa:fe:05:96:ac: 7d:01:e9:14:97:8e:8b:bb:4c:87:da:88:87:5e:fd: 8c:f8:b5:5d:a3:39:10:8a:20:21:8a:62:6d:03:17: 15:cf:d5:48:f4:fa:47:0f:8e:54:79:3b:ff:42:fc: 02:cb:b3:26:bb:c3:09:d1:3b:1d:3a:ca:09:3e:51: ee:c0:af:70:13:0e:99:4e:9e:c8:b1:c2:be:27:f5: 56:4f:31:f5:60:7b:c0:ab:2f:bb:f2:8b:d1:1f:29: a4:36:b9:7b:00:07:76:9a:37:ee:ba:20:b1:a3:d5: 3e:20:6b:29:85:62:77:29:98:0a:37:bc:cb:9f:c0: b9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:EA:B3:C4:25:8D:B8:93:49:52:21:56:A9:68:08:2B:8A:F7:23:43 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 52:e4:85:a6:4f:ea:e4:15:af:68:c2:c0:f2:d4:e7:6f:96:13: f6:8f:c7:ae:84:32:79:30:0d:d8:4e:92:c3:6a:0b:be:48:bb: 67:e6:29:da:33:cb:22:5b:31:61:fd:cb:05:30:4b:57:1d:36: 7e:69:f0:c3:bc:46:08:d5:05:37:50:96:4d:5a:04:3f:83:5e: e9:0f:71:c5:f6:70:a3:11:5f:57:47:57:9b:10:7d:a8:49:11: da:f9:c0:8e:83:08:af:c2:88:43:0c:54:6a:a0:50:44:7a:e5: 64:6e:84:39:61:7b:ae:c2:f1:7f:97:9f:d6:cb:29:5b:d9:6a: 5b:7c:03:fe:79:49:20:08:a7:b2:cb:35:cb:2f:cb:5c:43:2d: 95:a4:9f:43:a8:63:80:19:26:cf:32:60:a0:d0:93:c4:03:31: 04:fa:ac:30:21:a1:8c:d1:f2:2c:94:0f:20:f3:b9:d4:ec:99: 64:2e:13:e0:12:bf:f8:3e:c0:c1:b7:89:13:d6:66:2a:8c:95: e7:09:12:b4:ba:61:f8:bd:73:e0:ba:1c:c8:49:25:25:fd:9e: a6:3e:85:8e:34:ca:7e:c3:a1:b5:fd:5a:18:4c:2b:3a:46:df: 37:e6:2f:04:87:4d:bc:71:ba:18:fb:66:2e:58:65:d5:0e:5d: 86:44:ed:70 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTGx3p/IAO18lSiw1kOH0waXSPxQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFlNjgzZTc1ODMwNzY1MGI2OWViNjU5NzIyZGNiOWYyNjBlZWI1NzVkYTk3 ZTBkNzIwOWE5ZDExYTAwZTc2MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOQlHjTVMVPs64n3SREDxPqMiRl2+Bq7X33B8gOHZKW+Pxz7yti8mcdmq3wn pDZlTinHC0mR0eFh/hXfMKubN9QVl2VTN6NZLfQ3nRRLmPL+nWswv292TLE6yy5G sIwGo/ehtwDWgO4XSefpsuVIYtp1+4yuqzGRCtRXM9pZtjs0pPr+BZasfQHpFJeO i7tMh9qIh179jPi1XaM5EIogIYpibQMXFc/VSPT6Rw+OVHk7/0L8AsuzJrvDCdE7 HTrKCT5R7sCvcBMOmU6eyLHCvif1Vk8x9WB7wKsvu/KL0R8ppDa5ewAHdpo37rog saPVPiBrKYVidymYCje8y5/AufkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe6rPE JY24k0lSIVapaAgrivcjQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA MA0GCSqGSIb3DQEBCwUAA4IBAQBS5IWmT+rkFa9owsDy1OdvlhP2j8euhDJ5MA3Y TpLDagu+SLtn5inaM8siWzFh/csFMEtXHTZ+afDDvEYI1QU3UJZNWgQ/g17pD3HF 9nCjEV9XR1ebEH2oSRHa+cCOgwivwohDDFRqoFBEeuVkboQ5YXuuwvF/l5/Wyylb 2WpbfAP+eUkgCKeyyzXLL8tcQy2VpJ9DqGOAGSbPMmCg0JPEAzEE+qwwIaGM0fIs lA8g87nU7JlkLhPgEr/4PsDBt4kT1mYqjJXnCRK0umH4vXPguhzISSUl/Z6mPoWO NMp+w6G1/VoYTCs6Rt835i8Eh028cboY+2YuWGXVDl2GRO1w -----END CERTIFICATE-----Generated at Mon Dec 15 15:28:27 2025 by rpki-client