This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa File: e234d9fb-5639-4264-99c1-35b39c1e56b5.roa (raw, json) Hash identifier: oA46CCBQKBmUqpBYefOjKRhZXlRT+utG2aYFAO7D6Ds= Subject key identifier: 24:06:03:07:C3:74:C9:8E:91:29:AE:4C:57:84:11:E9:1B:BE:C0:C8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4E5E80C44B9C749E9178592E9F26EC15DB31D656 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa Signing time: Wed 10 Dec 2025 05:50:43 +0000 ROA not before: Wed 10 Dec 2025 05:50:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:5e:80:c4:4b:9c:74:9e:91:78:59:2e:9f:26:ec:15:db:31:d6:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=047ce8559de7bbe9bbf00eeaaf4095071d181cd9aaf1e0f4f9e885ad970cbaab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:aa:44:7f:1f:b5:e3:ff:e8:6f:9f:1a:d6:55: a5:2b:18:af:6a:95:61:21:21:98:73:ec:2a:67:7c: 09:fa:74:89:6f:92:be:97:8f:3a:41:95:9b:cf:7f: f4:cd:a6:91:a9:64:ea:bb:61:04:8c:2b:53:b1:c9: c8:aa:ff:8f:09:81:f8:43:e4:46:da:3c:e8:83:df: ef:42:40:4a:1f:d9:1d:68:e1:9d:0c:c5:67:2e:0c: 7e:ae:e5:1e:d9:01:f9:69:90:fd:b1:51:76:99:97: cf:0c:32:e6:d0:3a:9c:f0:4f:bb:fe:7e:84:f1:59: 2a:71:ef:e1:bb:f4:1a:78:ae:f9:19:4f:b7:de:34: 5d:ec:3e:84:e7:a0:9c:86:af:0d:27:2d:2f:92:ba: e7:2c:ad:c2:d5:9b:d9:47:be:43:98:a6:83:d7:d9: f3:5d:34:e6:05:f0:0a:89:73:37:f9:55:3c:f5:2d: 1b:b3:27:75:dd:32:60:6e:89:e3:8b:81:c2:cc:ee: a1:3b:79:c9:dd:3b:a4:db:e4:ff:5a:63:5c:69:00: f1:c1:0d:ff:21:2b:05:81:16:fc:ac:ed:28:99:f8: 3d:1f:4f:28:a9:62:49:25:d6:83:9d:32:7c:eb:f2: 4d:0a:48:2d:59:93:a9:0a:06:ea:a6:6e:8d:40:87: df:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:06:03:07:C3:74:C9:8E:91:29:AE:4C:57:84:11:E9:1B:BE:C0:C8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e234d9fb-5639-4264-99c1-35b39c1e56b5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:2000::/40 Signature Algorithm: sha256WithRSAEncryption 3a:88:c9:2d:94:0d:a0:9f:c7:87:8f:fb:34:af:08:40:86:b9: da:82:86:f5:0d:75:76:ab:c2:3f:66:c6:91:32:6f:ed:3b:9d: 01:c3:89:93:d4:1c:74:95:ed:ce:32:fa:eb:2f:50:fa:ca:fd: 76:b0:ea:8b:d8:15:73:97:1e:5e:6e:8e:5b:a4:0a:84:51:1b: 90:dc:e2:de:f5:63:03:fd:ac:44:aa:37:1a:b3:28:26:9c:1d: ba:95:d7:b1:8e:17:c8:a5:81:65:55:5e:2e:84:0a:be:a2:54: 87:80:b9:35:8b:ba:34:c5:6c:6d:21:f9:68:44:70:dd:b3:2e: e9:f5:da:65:f3:a6:4e:fe:64:66:50:49:21:59:7c:3a:c5:0b: ce:54:47:0c:64:91:7b:03:e7:36:ef:87:6b:59:7e:6d:0b:fe: b5:6c:a7:d9:f0:57:97:f6:12:5c:37:a3:ee:5b:9a:58:2e:3d: ef:fa:57:eb:6e:82:b1:6b:66:8a:af:77:c4:b6:e5:64:65:5e: 05:db:c5:99:5d:16:13:f2:20:d4:78:6b:3b:db:7d:51:57:f4: b5:ce:a3:9f:d4:27:bf:cb:78:b0:8b:e9:ed:a5:23:db:d7:bd: 5c:d8:80:a0:d6:cb:95:20:8b:07:53:cc:1e:36:73:2e:71:c7: e8:6e:53:82 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTl6AxEucdJ6ReFkunybsFdsx1lYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA0N2NlODU1OWRlN2JiZTliYmYwMGVlYWFmNDA5NTA3MWQxODFjZDlhYWYx ZTBmNGY5ZTg4NWFkOTcwY2JhYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKSqRH8fteP/6G+fGtZVpSsYr2qVYSEhmHPsKmd8Cfp0iW+SvpePOkGVm89/ 9M2mkalk6rthBIwrU7HJyKr/jwmB+EPkRto86IPf70JASh/ZHWjhnQzFZy4Mfq7l HtkB+WmQ/bFRdpmXzwwy5tA6nPBPu/5+hPFZKnHv4bv0Gniu+RlPt940Xew+hOeg nIavDSctL5K65yytwtWb2Ue+Q5img9fZ81005gXwColzN/lVPPUtG7Mndd0yYG6J 44uBwszuoTt5yd07pNvk/1pjXGkA8cEN/yErBYEW/KztKJn4PR9PKKliSSXWg50y fOvyTQpILVmTqQoG6qZujUCH3x0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkBgMH w3TJjpEprkxXhBHpG77AyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTIzNGQ5ZmItNTYzOS00MjY0LTk5YzEtMzViMzljMWU1NmI1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g MA0GCSqGSIb3DQEBCwUAA4IBAQA6iMktlA2gn8eHj/s0rwhAhrnagob1DXV2q8I/ ZsaRMm/tO50Bw4mT1Bx0le3OMvrrL1D6yv12sOqL2BVzlx5ebo5bpAqEURuQ3OLe 9WMD/axEqjcasygmnB26ldexjhfIpYFlVV4uhAq+olSHgLk1i7o0xWxtIfloRHDd sy7p9dpl86ZO/mRmUEkhWXw6xQvOVEcMZJF7A+c274drWX5tC/61bKfZ8FeX9hJc N6PuW5pYLj3v+lfrboKxa2aKr3fEtuVkZV4F28WZXRYT8iDUeGs7231RV/S1zqOf 1Ce/y3iwi+ntpSPb171c2ICg1suVIIsHU8weNnMuccfoblOC -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:39 2025 by rpki-client