This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json) Hash identifier: x0u0uAMlllF6+2u9dsRLBC6OsRjMfMPXQxks3oKWlL8= Subject key identifier: 04:17:9D:5F:52:54:E7:C0:7E:8B:3B:E1:FD:50:D7:52:4F:86:5A:A9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1E0184BE701575B40516A7D5B2302CE944A2E0 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa Signing time: Sat 15 Nov 2025 06:10:40 +0000 ROA not before: Sat 15 Nov 2025 06:10:40 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07a:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:01:84:be:70:15:75:b4:05:16:a7:d5:b2:30:2c:e9:44:a2:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:40 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=3605e31f100edea6da94a1cd8de05b5344c97300703e3c9afaf50e916ca4f5eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:f2:f8:bb:26:bb:b1:28:f2:21:3c:65:bc:f0: 78:bf:88:36:a3:79:c1:75:01:32:5d:88:4b:a0:3e: 48:18:3a:0b:c8:04:24:67:3c:92:46:ce:14:d0:c3: 5a:2f:b0:b2:ba:21:f7:b2:16:b9:2c:ea:0b:d9:41: 63:ce:be:24:19:f4:6e:01:fc:6d:23:8a:ec:45:05: 2a:6f:fb:3a:ba:8e:b7:2b:e1:65:72:50:dc:c3:72: e7:1a:45:44:ce:71:a3:64:6e:1d:ac:b3:ee:f5:cc: cc:49:02:dd:d5:98:e7:ac:c9:5f:e6:29:b6:40:c6: 34:dd:c3:1b:d4:a3:e1:85:f6:0b:c8:87:7f:01:3a: 12:22:c6:03:0d:c4:b4:f0:9d:8a:f6:0e:5c:11:05: 51:ce:8b:27:6f:eb:63:76:a1:50:67:02:65:1e:17: 92:ab:62:56:27:95:0d:f5:c7:56:5d:91:2f:ce:da: 6a:3b:cd:04:13:cf:d0:79:3e:39:cd:27:e5:3c:51: 48:75:ca:0e:13:ed:70:82:89:d2:39:2f:18:c3:cb: 5f:9e:31:4f:fa:6f:03:68:f1:7d:e3:a1:82:91:3c: c3:9d:8c:d4:59:bc:29:ee:ca:03:79:7d:84:97:67: 41:07:11:a6:fc:9e:19:50:21:5f:c4:23:27:de:8c: 55:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:17:9D:5F:52:54:E7:C0:7E:8B:3B:E1:FD:50:D7:52:4F:86:5A:A9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07a:4000::/40 Signature Algorithm: sha256WithRSAEncryption 15:c6:c8:d7:b7:0e:b6:5f:a0:5a:b5:d5:22:a3:b8:7e:7d:60: c8:f4:7b:ea:35:17:c0:a8:02:ed:2b:ba:74:58:fe:49:3b:37: bb:f6:b3:86:b7:fa:7a:81:38:6d:75:5d:3f:96:a6:17:fc:9a: 22:e7:b1:d6:1d:67:72:5b:a6:1e:f6:03:48:fb:b0:17:4e:6d: 89:25:fe:d1:ce:23:1a:c1:f8:e6:95:1e:b7:68:4c:47:34:c6: 6d:c3:5a:03:cd:5e:93:c2:d6:fc:38:7d:2b:10:c9:06:39:93: 2f:af:00:b7:b6:4a:0b:16:6b:ab:8c:e3:7a:79:36:d9:c6:b9: 4f:c7:67:63:bd:1d:e0:db:7c:fd:8d:c7:fc:e6:45:95:29:42: dd:74:71:0e:22:0c:73:e7:a2:91:b5:15:0f:c7:a6:a9:79:2f: a9:d7:3e:8f:08:68:53:5e:e2:bc:1e:b5:d0:b2:1c:83:df:78: dd:21:06:ce:e7:62:81:a2:32:aa:de:66:64:f5:22:07:56:0c: 54:5d:39:cf:f3:04:db:69:05:34:f9:50:e5:d8:ae:6f:35:7f: 5d:1b:75:d2:6c:ed:2a:8d:35:c1:72:bc:1f:05:78:1f:49:56: b9:c6:bc:23:f6:6a:2f:4f:4d:33:fb:72:52:8a:44:ee:49:c3: 95:38:4e:f6 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgITHgGEvnAVdbQFFqfVsjAs6USi4DANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0 OTk3MGJjMB4XDTI1MTExNTA2MTA0MFoXDTI1MTIyMDIzNTk1OVowejFJMEcGA1UE BRNAMzYwNWUzMWYxMDBlZGVhNmRhOTRhMWNkOGRlMDViNTM0NGM5NzMwMDcwM2Uz YzlhZmFmNTBlOTE2Y2E0ZjVlYjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3 LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsfL4uya7sSjyITxlvPB4v4g2o3nBdQEyXYhLoD5IGDoLyAQkZzySRs4U0MNa L7CyuiH3sha5LOoL2UFjzr4kGfRuAfxtI4rsRQUqb/s6uo63K+FlclDcw3LnGkVE znGjZG4drLPu9czMSQLd1ZjnrMlf5im2QMY03cMb1KPhhfYLyId/AToSIsYDDcS0 8J2K9g5cEQVRzosnb+tjdqFQZwJlHheSq2JWJ5UN9cdWXZEvztpqO80EE8/QeT45 zSflPFFIdcoOE+1wgonSOS8Yw8tfnjFP+m8DaPF946GCkTzDnYzUWbwp7soDeX2E l2dBBxGm/J4ZUCFfxCMn3oxVKwIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFAQXnV9S VOfAfos74f1Q11JPhlqpMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8 MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9l YjY5YjIxNi02MGQ1LTRmNTYtYjJiOC0zNDAxZjMzMWYzMWUucm9hMIGIBgNVHR8E gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQekAw DQYJKoZIhvcNAQELBQADggEBABXGyNe3DrZfoFq11SKjuH59YMj0e+o1F8CoAu0r unRY/kk7N7v2s4a3+nqBOG11XT+Wphf8miLnsdYdZ3Jbph72A0j7sBdObYkl/tHO IxrB+OaVHrdoTEc0xm3DWgPNXpPC1vw4fSsQyQY5ky+vALe2SgsWa6uM43p5NtnG uU/HZ2O9HeDbfP2Nx/zmRZUpQt10cQ4iDHPnopG1FQ/Hpql5L6nXPo8IaFNe4rwe tdCyHIPfeN0hBs7nYoGiMqreZmT1IgdWDFRdOc/zBNtpBTT5UOXYrm81f10bddJs 7SqNNcFyvB8FeB9JVrnGvCP2ai9PTTP7clKKRO5Jw5U4TvY= -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:24 2025 by rpki-client