This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa File: e20afb98-f3fb-45c2-9398-65129b8874f0.roa (raw, json) Hash identifier: diJ+SD1mbzG/KHBTuc4+xmBrBBVZ3p0NxP85YujEkzU= Subject key identifier: 0E:45:16:B7:13:EA:ED:F1:DF:8D:02:6D:54:F2:8C:AC:DC:41:3D:0A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 34B2745877DAE3F3071B5511DE56DCB81AD45474 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa Signing time: Sat 15 Nov 2025 05:41:26 +0000 ROA not before: Sat 15 Nov 2025 05:41:26 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:b2:74:58:77:da:e3:f3:07:1b:55:11:de:56:dc:b8:1a:d4:54:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:26 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=671920e727b1bccb0496c08d02a40288e9fb483911200993e9e561265453a70b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8a:dc:18:2e:35:1c:77:dc:37:f0:5b:d8:9d: e5:9c:59:b3:03:90:be:dd:17:11:70:3c:be:df:98: d0:d9:22:a7:85:c6:a6:fe:16:3e:78:12:0d:b6:6e: bb:24:ed:9a:fc:5c:15:60:ab:e1:0f:75:0a:53:67: e9:7b:24:ee:f7:f8:7f:74:0e:0a:ac:d8:0c:61:e0: f2:a3:17:74:f5:bc:83:c2:2d:bd:c6:99:ac:a4:74: 7d:03:ef:eb:f0:eb:73:cd:eb:9d:fb:ac:8f:86:0b: 9a:e4:c8:2e:78:7b:37:81:6a:e6:8d:ab:34:ba:e9: 70:c7:8c:a0:eb:ea:2a:3b:05:af:ae:de:c9:2a:37: b4:46:f3:00:bb:e8:53:4f:87:1e:7f:9b:0e:fe:fe: cb:2b:df:6b:20:7b:78:eb:f8:49:98:5d:4d:b1:c6: 7b:62:d6:53:c5:8a:34:04:58:12:7d:88:ab:da:19: 61:17:c6:19:01:70:70:f5:9d:33:7d:ac:43:4c:08: 18:92:ca:9f:66:f3:5f:2d:02:94:13:5f:85:7e:cb: b1:fc:dc:4f:18:a7:ca:09:6b:02:f5:3c:e5:c4:71: 2c:06:74:c5:c6:85:07:0c:75:22:05:62:98:4a:99: c8:03:96:f3:6f:ed:58:33:0c:7c:34:6f:1f:d3:2c: 00:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:45:16:B7:13:EA:ED:F1:DF:8D:02:6D:54:F2:8C:AC:DC:41:3D:0A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption a0:30:33:2f:c7:b4:70:42:c8:0c:90:12:4b:30:a5:30:85:13: e4:2b:ee:f6:d0:53:54:da:ad:7d:a4:82:30:b4:66:cb:34:5d: 32:61:87:0d:6a:6d:75:e5:1f:b5:a7:8c:79:0c:79:c6:1f:ba: 54:eb:60:69:81:12:15:41:b5:a6:5f:46:76:ed:2a:43:dc:29: 34:64:c7:ab:9c:2c:3b:ca:e4:91:82:12:53:bc:23:5d:f2:28: 46:5e:b5:98:dc:d8:22:47:9e:2e:30:d2:9d:a9:e9:ef:0a:bd: 06:0b:a2:75:d1:7b:bf:e2:56:25:d2:19:0f:c0:98:a0:b1:9c: 76:d8:54:f6:03:32:39:b5:e9:0f:14:5e:3d:7e:ce:7c:c3:65: 21:32:77:00:24:4f:d6:5b:b5:4d:a9:ae:b1:e9:c4:ff:59:0f: 8f:1d:7f:c3:91:17:ad:91:d2:58:2c:60:b8:59:4a:c3:18:68: de:d5:c6:e2:ca:d0:b0:37:22:67:62:91:9f:3e:db:7a:5c:e9: a3:c2:20:6d:43:0a:3c:39:40:90:89:3e:de:17:7a:68:17:63: 32:cd:9e:cc:81:22:da:fe:cf:9c:4f:67:34:f6:93:45:65:f9: 05:cf:52:5f:17:11:59:59:b7:f2:ae:82:53:f1:f9:07:63:60: df:05:11:2d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUNLJ0WHfa4/MHG1UR3lbcuBrUVHQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMjZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDY3MTkyMGU3MjdiMWJjY2IwNDk2YzA4ZDAyYTQwMjg4ZTlmYjQ4MzkxMTIw MDk5M2U5ZTU2MTI2NTQ1M2E3MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALOK3BguNRx33DfwW9id5ZxZswOQvt0XEXA8vt+Y0Nkip4XGpv4WPngSDbZu uyTtmvxcFWCr4Q91ClNn6Xsk7vf4f3QOCqzYDGHg8qMXdPW8g8ItvcaZrKR0fQPv 6/Drc83rnfusj4YLmuTILnh7N4Fq5o2rNLrpcMeMoOvqKjsFr67eySo3tEbzALvo U0+HHn+bDv7+yyvfayB7eOv4SZhdTbHGe2LWU8WKNARYEn2Iq9oZYRfGGQFwcPWd M32sQ0wIGJLKn2bzXy0ClBNfhX7LsfzcTxinyglrAvU85cRxLAZ0xcaFBwx1IgVi mEqZyAOW82/tWDMMfDRvH9MsANcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQORRa3 E+rt8d+NAm1U8oys3EE9CjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTIwYWZiOTgtZjNmYi00NWMyLTkzOTgtNjUxMjliODg3NGYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg wDANBgkqhkiG9w0BAQsFAAOCAQEAoDAzL8e0cELIDJASSzClMIUT5Cvu9tBTVNqt faSCMLRmyzRdMmGHDWptdeUftaeMeQx5xh+6VOtgaYESFUG1pl9Gdu0qQ9wpNGTH q5wsO8rkkYISU7wjXfIoRl61mNzYIkeeLjDSnanp7wq9BguiddF7v+JWJdIZD8CY oLGcdthU9gMyObXpDxRePX7OfMNlITJ3ACRP1lu1TamusenE/1kPjx1/w5EXrZHS WCxguFlKwxho3tXG4srQsDciZ2KRnz7belzpo8IgbUMKPDlAkIk+3hd6aBdjMs2e zIEi2v7PnE9nNPaTRWX5Bc9SXxcRWVm38q6CU/H5B2Ng3wURLQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:45 2025 by rpki-client