This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa File: e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa (raw, json) Hash identifier: ApU/UxH6Ic9C0fPTt6AbpfMh+MGTcC+0OvNF93XzBTM= Subject key identifier: 84:B1:EB:FF:35:26:01:34:CE:2C:6E:04:EC:BF:F7:BE:4F:0D:A5:00 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 03CC7477971B785510AC166521046DEDA7C38C5C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa Signing time: Sat 15 Nov 2025 05:50:50 +0000 ROA not before: Sat 15 Nov 2025 05:50:50 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d03a:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:cc:74:77:97:1b:78:55:10:ac:16:65:21:04:6d:ed:a7:c3:8c:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:50 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=4bae7a211ab10dd2e800ba319361ef27f29beb1d839aa2616cd674308fab6eeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:10:f6:07:ae:fa:4d:60:1b:0a:c4:79:aa:7b: ab:35:ab:85:bd:ae:17:6d:7f:a7:15:26:17:2e:b9: 72:a0:a1:27:f2:c7:f9:89:ad:95:81:be:98:d7:6b: 10:3f:d7:5d:97:e8:d6:6e:5a:eb:16:5b:66:59:36: 36:a7:38:4e:ab:f1:fb:2b:c7:43:c7:c1:12:eb:e3: c5:07:90:b3:87:73:69:ba:1c:33:6b:5d:3e:06:75: 5e:25:3b:41:9b:7a:f8:69:4c:6c:5b:03:db:a4:85: 64:38:bb:d3:f7:5f:f4:22:50:71:2a:a4:11:b2:ab: 7f:0b:9c:d1:b1:c4:a4:51:7c:d8:5c:ce:82:4f:d0: 67:d0:7c:1c:5c:5a:22:7a:25:f5:ee:d2:99:a8:45: c9:9c:e7:9a:7b:d8:a1:f0:79:f7:18:8d:01:6b:17: 92:ae:f9:69:9b:7b:b4:2b:30:94:65:03:fb:88:0d: c8:62:b8:f6:a0:3b:9f:49:af:21:b9:90:bf:79:8b: 74:a5:0e:29:6b:39:76:62:a5:d6:ee:6a:64:05:d8: 2d:70:b2:4a:fb:7b:dc:fa:80:d7:68:74:90:8f:e3: 01:73:dd:8a:75:f4:66:79:03:a0:77:11:ca:08:86: e0:38:90:63:59:d1:63:b8:27:6d:d1:b8:d2:a2:74: 93:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:B1:EB:FF:35:26:01:34:CE:2C:6E:04:EC:BF:F7:BE:4F:0D:A5:00 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d03a:8000::/40 Signature Algorithm: sha256WithRSAEncryption 4e:0e:6a:ce:68:13:ff:8c:7b:c8:b0:c6:f8:c2:e7:7d:fa:cd: 3c:de:35:fd:5d:06:64:1d:4a:4b:13:02:7e:6a:c2:64:92:84: 19:e9:46:9b:c9:b0:ea:eb:98:30:0f:d8:e0:c4:87:9f:01:54: a1:bc:ac:45:93:8b:c4:c3:a5:76:60:9f:62:62:07:f7:69:3c: 4d:4f:a6:96:0f:52:df:a0:54:d3:02:c6:8e:49:79:af:4e:49: ac:73:da:49:7b:dc:19:bc:a1:b0:b6:30:1c:d3:ca:f1:61:5b: 11:7e:23:2c:6a:6d:67:f3:03:55:b5:f2:25:da:c9:d0:40:42: 45:89:3d:90:03:15:4f:ed:c8:c9:67:7a:92:86:1c:fa:31:2b: d1:0f:99:a8:03:ff:9d:cb:88:83:78:89:18:cf:bf:74:a9:b3: b1:e6:f3:cf:1e:06:51:97:17:a5:9c:de:d1:f6:b6:b1:56:6f: 4a:a6:d3:e9:a0:c2:8a:59:cf:61:7c:08:73:14:97:a2:94:09: f6:06:b5:eb:e4:16:51:00:82:55:fd:a2:fa:62:2e:8b:0c:37: 98:37:2b:9b:54:33:d6:2f:61:05:54:c6:0a:ac:d6:99:c6:61: 46:15:b8:18:e0:77:85:de:68:66:0b:da:e6:ee:36:e6:2b:e2: cf:dc:d9:83 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUA8x0d5cbeFUQrBZlIQRt7afDjFwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwNTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDRiYWU3YTIxMWFiMTBkZDJlODAwYmEzMTkzNjFlZjI3ZjI5YmViMWQ4Mzlh YTI2MTZjZDY3NDMwOGZhYjZlZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsQ9geu+k1gGwrEeap7qzWrhb2uF21/pxUmFy65cqChJ/LH+YmtlYG+mNdr ED/XXZfo1m5a6xZbZlk2Nqc4Tqvx+yvHQ8fBEuvjxQeQs4dzabocM2tdPgZ1XiU7 QZt6+GlMbFsD26SFZDi70/df9CJQcSqkEbKrfwuc0bHEpFF82FzOgk/QZ9B8HFxa Inol9e7SmahFyZznmnvYofB59xiNAWsXkq75aZt7tCswlGUD+4gNyGK49qA7n0mv IbmQv3mLdKUOKWs5dmKl1u5qZAXYLXCySvt73PqA12h0kI/jAXPdinX0ZnkDoHcR ygiG4DiQY1nRY7gnbdG40qJ0k70CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSEsev/ NSYBNM4sbgTsv/e+Tw2lADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTdlZmQ4NjEtOGRjNi00MGM1LTg3MTMtMGJjZmRiZWQ3YzJlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA MA0GCSqGSIb3DQEBCwUAA4IBAQBODmrOaBP/jHvIsMb4wud9+s083jX9XQZkHUpL EwJ+asJkkoQZ6UabybDq65gwD9jgxIefAVShvKxFk4vEw6V2YJ9iYgf3aTxNT6aW D1LfoFTTAsaOSXmvTkmsc9pJe9wZvKGwtjAc08rxYVsRfiMsam1n8wNVtfIl2snQ QEJFiT2QAxVP7cjJZ3qShhz6MSvRD5moA/+dy4iDeIkYz790qbOx5vPPHgZRlxel nN7R9raxVm9KptPpoMKKWc9hfAhzFJeilAn2BrXr5BZRAIJV/aL6Yi6LDDeYNyub VDPWL2EFVMYKrNaZxmFGFbgY4HeF3mhmC9rm7jbmK+LP3NmD -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:04 2025 by rpki-client