This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json) Hash identifier: jdosZxlKHYXEOiIRIr4oZhkBL8caub/tVraXiEbT1SI= Subject key identifier: 8D:1E:AB:29:7E:9A:68:45:E0:58:93:49:60:9A:50:50:B8:62:8B:7C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 58CF9385DA3A531AC52A8F38B2F5B3B204970EB9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa Signing time: Sat 15 Nov 2025 05:30:53 +0000 ROA not before: Sat 15 Nov 2025 05:30:53 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:cf:93:85:da:3a:53:1a:c5:2a:8f:38:b2:f5:b3:b2:04:97:0e:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:53 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=ca76055b38f20107df8ad14b606a792daa28f7eaba2f814d5464bc79d1cfd288, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:96:2d:b4:a9:b3:ac:65:26:c2:91:46:06:bd: f9:cf:8d:d4:b3:ec:d8:98:e7:8b:c5:72:95:18:0f: 9c:16:1a:23:53:f2:a7:9f:68:e2:f6:4f:2c:4f:bd: 03:be:2a:36:46:d6:0a:2f:cc:f1:97:67:4e:7d:af: b2:27:97:9f:b8:2d:50:fe:d1:66:52:1f:95:b8:d2: f1:88:76:3b:a1:aa:e8:6b:81:0c:43:c0:18:0a:55: 97:e1:fc:64:36:7c:8d:3f:e1:3f:3c:12:a3:7d:16: 41:8c:77:de:62:fb:71:3b:a2:c3:e3:28:e0:64:38: 80:47:9f:6d:88:c7:cc:9a:d1:3c:67:e9:10:f7:4a: 32:4c:e0:46:ec:33:73:41:dc:7f:5b:ba:36:9f:0d: 9e:b3:ac:45:cd:71:5d:81:fe:c0:be:41:c3:50:34: 03:92:0e:52:8f:4e:c5:84:55:b4:4a:7c:d2:36:3f: e9:f1:ba:ff:1c:2e:9f:dd:f4:07:9e:62:b3:28:c6: 1a:8c:10:d4:d7:b3:4a:a0:fe:30:0d:6b:dc:4f:ba: 68:79:7e:10:02:b5:70:a1:a2:07:41:3b:f4:46:bb: 29:cb:09:3a:09:72:e1:2e:8a:c5:ea:91:e7:d3:fd: e8:3f:53:2c:06:f6:fc:32:ce:72:db:3f:4b:3a:c1: 19:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:1E:AB:29:7E:9A:68:45:E0:58:93:49:60:9A:50:50:B8:62:8B:7C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 54:4c:15:ea:a4:3d:3e:6a:b3:b8:fc:8d:4e:7f:6c:28:57:ef: f0:4d:e6:6b:bc:29:c2:23:e4:d9:ca:8c:c5:d9:b0:55:53:a2: 17:08:fb:29:a3:5f:a8:b4:a0:e4:e9:c6:92:2d:d8:2c:a4:4e: 91:1d:8b:ce:91:d1:21:46:fb:b2:5f:ab:bd:6f:69:50:f9:10: 9d:6d:9f:81:08:1a:47:b6:ce:ce:53:a5:e8:7a:c6:c4:61:14: 71:0d:14:a3:fc:dc:4c:50:75:aa:11:b1:61:ff:90:99:2a:cb: ec:59:29:67:8a:4f:9f:4f:3e:68:96:bc:d9:31:a1:84:6d:26: 34:a6:8a:a5:30:3e:ea:81:13:f0:31:60:db:b2:8a:f6:4c:23: 42:d6:60:c2:05:6d:34:cc:ba:9f:4c:ce:28:01:6c:f2:9c:67: 39:86:b6:11:ee:3e:30:56:f1:81:84:b6:b0:24:0e:f3:61:43: a9:c3:ee:02:e2:d9:91:df:a5:9d:4e:15:a2:ad:ea:af:b7:48: 35:7f:71:f8:13:b4:51:0e:c5:52:f5:46:1e:91:7c:b1:ab:42: 26:6a:b9:33:df:4d:33:0e:0c:39:80:81:cc:d0:d7:b6:7d:fd: 46:cb:73:1f:26:75:7b:04:9c:85:87:41:a3:cf:6c:1e:76:26: 71:cd:35:c8 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUWM+Thdo6UxrFKo84svWzsgSXDrkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwNTNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGNhNzYwNTViMzhmMjAxMDdkZjhhZDE0YjYwNmE3OTJkYWEyOGY3ZWFiYTJm ODE0ZDU0NjRiYzc5ZDFjZmQyODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOyWLbSps6xlJsKRRga9+c+N1LPs2Jjni8VylRgPnBYaI1Pyp59o4vZPLE+9 A74qNkbWCi/M8ZdnTn2vsieXn7gtUP7RZlIflbjS8Yh2O6Gq6GuBDEPAGApVl+H8 ZDZ8jT/hPzwSo30WQYx33mL7cTuiw+Mo4GQ4gEefbYjHzJrRPGfpEPdKMkzgRuwz c0Hcf1u6Np8NnrOsRc1xXYH+wL5Bw1A0A5IOUo9OxYRVtEp80jY/6fG6/xwun930 B55isyjGGowQ1NezSqD+MA1r3E+6aHl+EAK1cKGiB0E79Ea7KcsJOgly4S6KxeqR 59P96D9TLAb2/DLOcts/SzrBGUcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSNHqsp fppoReBYk0lgmlBQuGKLfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg wDANBgkqhkiG9w0BAQsFAAOCAQEAVEwV6qQ9PmqzuPyNTn9sKFfv8E3ma7wpwiPk 2cqMxdmwVVOiFwj7KaNfqLSg5OnGki3YLKROkR2LzpHRIUb7sl+rvW9pUPkQnW2f gQgaR7bOzlOl6HrGxGEUcQ0Uo/zcTFB1qhGxYf+QmSrL7FkpZ4pPn08+aJa82TGh hG0mNKaKpTA+6oET8DFg27KK9kwjQtZgwgVtNMy6n0zOKAFs8pxnOYa2Ee4+MFbx gYS2sCQO82FDqcPuAuLZkd+lnU4Voq3qr7dINX9x+BO0UQ7FUvVGHpF8satCJmq5 M99NMw4MOYCBzNDXtn39RstzHyZ1ewSchYdBo89sHnYmcc01yA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:57 2025 by rpki-client