This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef1c587f-7016-4879-9f71-ad8ce780a8da.roa File: ef1c587f-7016-4879-9f71-ad8ce780a8da.roa (raw, json) Hash identifier: xWoH76FJTsx2IDzbyo/4c46VivQYzpeII6sGAWaAJ1U= Subject key identifier: D4:95:1E:75:A9:01:5C:4B:70:1A:AA:FF:B6:92:B4:79:4D:6E:46:16 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 48AD7EC01311D3DEBCD6BC876D01EFA3032AC1C6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef1c587f-7016-4879-9f71-ad8ce780a8da.roa Signing time: Tue 18 Nov 2025 00:40:07 +0000 ROA not before: Tue 18 Nov 2025 00:40:07 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:ad:7e:c0:13:11:d3:de:bc:d6:bc:87:6d:01:ef:a3:03:2a:c1:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:40:07 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=aeb2f82995d6dba8b1e5e6e1af573e7b516c118a12f86850533f21376f9e2f2f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:62:bc:c7:54:a9:32:83:db:ef:11:ad:f1:3a: 6d:ec:a0:a9:32:30:54:a3:6f:31:39:9a:c4:91:78: 1a:41:67:93:7e:70:28:44:a2:7c:a4:88:5f:a6:dd: 68:87:53:a2:1b:84:fa:6f:c5:55:3c:38:3e:0f:7c: a9:28:9d:ab:f1:5a:43:41:1d:62:6f:78:65:b2:9a: 3f:92:4f:ad:01:f9:57:90:e0:03:d1:ed:21:4d:19: db:91:29:cd:7d:2c:fa:a7:42:6c:37:81:0e:69:97: 9c:95:03:41:60:47:fe:a6:2b:67:29:50:74:0b:a1: ee:05:90:52:ea:5d:61:06:2d:96:65:6c:ef:73:c0: 30:bb:19:79:52:03:d7:05:75:a1:f2:58:8e:f5:71: 20:e8:d8:b1:f9:e2:a3:5a:eb:95:5f:0c:0a:15:76: a8:7b:f4:67:1b:f2:87:c2:85:b9:27:0d:72:eb:80: 05:02:dc:2b:1d:8f:03:8b:f7:fe:6b:0c:e0:a3:e2: 44:9e:e7:02:15:25:9d:a2:c5:d9:d8:a1:22:12:b9: 5c:d2:be:62:48:c3:0d:a7:7d:91:ad:ee:63:47:ed: 7d:8a:c0:dc:3c:04:ac:1f:5a:18:0f:59:24:75:a8: 2d:09:22:fb:a7:ef:0b:a8:dc:51:3d:55:18:64:66: b3:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:95:1E:75:A9:01:5C:4B:70:1A:AA:FF:B6:92:B4:79:4D:6E:46:16 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef1c587f-7016-4879-9f71-ad8ce780a8da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 53:c4:47:e4:e1:ae:ca:d0:49:5c:b7:95:bf:72:64:20:fb:58: 50:1c:51:95:8c:f7:be:23:9c:eb:0b:3e:48:06:93:fc:d7:d8: 17:bd:2f:d3:07:1e:f9:a8:76:1e:9a:99:45:8c:ac:88:05:40: c8:c3:68:db:f5:1b:32:54:53:cc:40:2d:de:ae:aa:ce:3d:aa: a8:b9:80:e9:a1:56:87:c8:4b:73:c3:9a:5f:d5:6a:cd:cd:6e: 72:5c:09:52:b9:c8:f8:53:12:29:31:5a:d9:50:c8:4c:db:9c: e1:7c:bb:d2:ec:81:cd:fc:73:75:7f:8b:06:3b:91:f7:34:07: f6:b4:dd:0d:69:b4:ac:45:52:35:3f:42:51:a9:ad:10:52:f8: a2:e6:6f:c7:7a:0a:04:9d:d2:f6:fb:24:c9:ef:41:f2:f7:d7: 0a:f4:33:d6:10:46:20:4d:98:c3:ac:2b:b0:a3:4e:89:19:73: c6:f4:b3:af:4d:8e:81:69:b0:6a:d4:4f:5e:d7:a3:5d:00:c1: 80:6f:f6:cf:b4:e9:24:b2:96:a9:83:68:9c:32:0d:8b:85:f3: 3f:c5:b1:3a:8e:da:a5:75:0a:a8:e1:9b:cc:93:a0:f2:d6:94: 6d:7a:e9:98:a4:94:1b:d7:f1:8a:9f:75:aa:5a:83:8d:1c:33: 71:1c:1b:8f -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUSK1+wBMR09681ryHbQHvowMqwcYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDQwMDdaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGFlYjJmODI5OTVkNmRiYThiMWU1ZTZlMWFmNTczZTdiNTE2YzExOGExMmY4 Njg1MDUzM2YyMTM3NmY5ZTJmMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhivMdUqTKD2+8RrfE6beygqTIwVKNvMTmaxJF4GkFnk35wKESifKSIX6bd aIdTohuE+m/FVTw4Pg98qSidq/FaQ0EdYm94ZbKaP5JPrQH5V5DgA9HtIU0Z25Ep zX0s+qdCbDeBDmmXnJUDQWBH/qYrZylQdAuh7gWQUupdYQYtlmVs73PAMLsZeVID 1wV1ofJYjvVxIOjYsfnio1rrlV8MChV2qHv0Zxvyh8KFuScNcuuABQLcKx2PA4v3 /msM4KPiRJ7nAhUlnaLF2dihIhK5XNK+YkjDDad9ka3uY0ftfYrA3DwErB9aGA9Z JHWoLQki+6fvC6jcUT1VGGRms/0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTUlR51 qQFcS3Aaqv+2krR5TW5GFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWYxYzU4N2YtNzAxNi00ODc5LTlmNzEtYWQ4Y2U3ODBhOGRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g wDANBgkqhkiG9w0BAQsFAAOCAQEAU8RH5OGuytBJXLeVv3JkIPtYUBxRlYz3viOc 6ws+SAaT/NfYF70v0wce+ah2HpqZRYysiAVAyMNo2/UbMlRTzEAt3q6qzj2qqLmA 6aFWh8hLc8OaX9Vqzc1uclwJUrnI+FMSKTFa2VDITNuc4Xy70uyBzfxzdX+LBjuR 9zQH9rTdDWm0rEVSNT9CUamtEFL4ouZvx3oKBJ3S9vskye9B8vfXCvQz1hBGIE2Y w6wrsKNOiRlzxvSzr02OgWmwatRPXtejXQDBgG/2z7TpJLKWqYNonDINi4XzP8Wx Oo7apXUKqOGbzJOg8taUbXrpmKSUG9fxip91qlqDjRwzcRwbjw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:39 2025 by rpki-client