This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9709897-68c6-44f9-98f1-1f292cf13bea.roa File: e9709897-68c6-44f9-98f1-1f292cf13bea.roa (raw, json) Hash identifier: zszUf5IsALlGeYrHvjTd7L2/RdoRi0EiMDdqPBv1cT8= Subject key identifier: BC:37:97:A7:A2:FB:BE:1D:0D:E1:A1:A5:99:70:E2:83:4B:AB:F6:87 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6E906A9FA7E504B89A07DFE3522771484CC3F19B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9709897-68c6-44f9-98f1-1f292cf13bea.roa Signing time: Sat 29 Nov 2025 03:00:40 +0000 ROA not before: Sat 29 Nov 2025 03:00:40 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d074:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:90:6a:9f:a7:e5:04:b8:9a:07:df:e3:52:27:71:48:4c:c3:f1:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:40 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=0c162769be64148be53260baffe931c356cf941433fea9bbe468ff43a3a6f49d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e2:b4:0b:cd:e4:0f:ed:bd:3d:f5:70:ac:c6: fd:b7:07:d2:3d:ae:a9:10:12:b8:3f:50:30:f9:7f: 2f:88:06:30:6a:84:27:77:e8:f0:f1:40:7f:86:9c: 08:c0:26:fa:1b:e2:f4:1c:e1:1f:bd:7b:6b:53:29: 61:92:e0:be:7b:6e:0c:5d:c3:d6:70:2d:62:89:69: 62:41:c8:fe:c7:cb:04:87:b4:9d:eb:94:0b:4e:04: 39:61:e7:77:75:6c:54:97:d7:e3:c1:92:3f:59:de: 33:61:b5:11:ec:5c:be:79:77:79:3b:94:31:76:9d: 99:13:56:18:d9:e2:d7:19:6d:2c:5c:bc:e4:14:92: 22:92:23:82:c2:7a:f4:4a:77:7d:45:b7:88:a2:e5: 91:39:9c:f3:1f:21:78:04:15:1b:7b:ce:de:62:17: 5e:6c:48:02:4b:e6:48:44:0e:89:82:3b:66:cd:e1: d9:04:4d:f7:b3:c4:0c:df:09:22:f6:dc:95:d2:98: 3f:e9:99:2b:5d:1a:4f:fc:1b:ea:9c:14:1b:8c:73: 5f:e4:ed:81:35:17:eb:34:4d:61:59:b2:4e:9d:b7: f4:30:b3:75:6e:7c:0d:7d:37:ea:bb:0e:e7:5f:42: 60:cd:3a:74:97:78:21:e0:ec:4e:41:43:b1:02:f9: 2e:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:37:97:A7:A2:FB:BE:1D:0D:E1:A1:A5:99:70:E2:83:4B:AB:F6:87 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9709897-68c6-44f9-98f1-1f292cf13bea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d074:6000::/40 Signature Algorithm: sha256WithRSAEncryption 39:99:fb:9f:f7:a0:54:09:ce:5c:4b:ae:55:54:66:2b:99:aa: 9f:cd:74:ac:80:79:8f:60:cc:f6:5a:53:d1:2b:50:c0:60:10: 8a:65:3e:97:da:c8:d2:ab:f9:f9:98:a6:bd:2c:a9:0c:8a:3c: 18:ee:ab:ec:66:7c:63:14:93:1b:58:0b:2b:20:d7:7b:2d:8d: da:6d:94:ec:7c:7a:95:63:bc:29:90:8a:f0:f0:55:19:4a:fa: fd:cf:8b:61:e7:b7:3d:65:c8:62:c3:20:01:f7:55:98:90:95: 15:86:ce:ef:d9:ba:8b:0d:40:17:10:4a:cd:f1:87:ac:79:e4: bf:ad:61:49:41:1f:b1:0a:e7:4e:3f:09:53:0f:c7:5a:8f:6b: da:37:7d:52:32:76:d9:ac:d2:94:76:e4:2d:d3:7d:b5:98:f7: 1f:fb:6b:98:c5:d3:b5:3e:a8:59:02:a0:98:ed:25:e4:e1:5a: 6a:1a:f8:f1:6b:e1:36:d4:50:c8:9e:0b:18:cf:df:0e:08:20: 7f:2f:e6:e5:30:b5:72:75:0e:a3:39:68:5c:7e:72:bd:82:0a: 9b:e8:82:ea:df:c8:57:41:c4:db:46:b0:1b:4e:c8:aa:96:d4: 04:f3:b6:0e:c7:ab:26:17:bb:8a:fd:50:4d:38:f2:ab:35:11: 3b:f9:b4:6e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUbpBqn6flBLiaB9/jUidxSEzD8ZswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwNDBaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDBjMTYyNzY5YmU2NDE0OGJlNTMyNjBiYWZmZTkzMWMzNTZjZjk0MTQzM2Zl YTliYmU0NjhmZjQzYTNhNmY0OWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjitAvN5A/tvT31cKzG/bcH0j2uqRASuD9QMPl/L4gGMGqEJ3fo8PFAf4ac CMAm+hvi9BzhH717a1MpYZLgvntuDF3D1nAtYolpYkHI/sfLBIe0neuUC04EOWHn d3VsVJfX48GSP1neM2G1Eexcvnl3eTuUMXadmRNWGNni1xltLFy85BSSIpIjgsJ6 9Ep3fUW3iKLlkTmc8x8heAQVG3vO3mIXXmxIAkvmSEQOiYI7Zs3h2QRN97PEDN8J IvbcldKYP+mZK10aT/wb6pwUG4xzX+TtgTUX6zRNYVmyTp239DCzdW58DX036rsO 519CYM06dJd4IeDsTkFDsQL5LtsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8N5en ovu+HQ3hoaWZcOKDS6v2hzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTk3MDk4OTctNjhjNi00NGY5LTk4ZjEtMWYyOTJjZjEzYmVhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg MA0GCSqGSIb3DQEBCwUAA4IBAQA5mfuf96BUCc5cS65VVGYrmaqfzXSsgHmPYMz2 WlPRK1DAYBCKZT6X2sjSq/n5mKa9LKkMijwY7qvsZnxjFJMbWAsrINd7LY3abZTs fHqVY7wpkIrw8FUZSvr9z4th57c9ZchiwyAB91WYkJUVhs7v2bqLDUAXEErN8Yes eeS/rWFJQR+xCudOPwlTD8daj2vaN31SMnbZrNKUduQt0321mPcf+2uYxdO1PqhZ AqCY7SXk4VpqGvjxa+E21FDIngsYz98OCCB/L+blMLVydQ6jOWhcfnK9ggqb6ILq 38hXQcTbRrAbTsiqltQE87YOx6smF7uK/VBNOPKrNRE7+bRu -----END CERTIFICATE-----Generated at Sat Dec 6 22:37:24 2025 by rpki-client