This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa File: f067aa52-ee52-4fb2-867c-8dc79786d43d.roa (raw, json) Hash identifier: n5kgFUjTQVwo/Wc3UgG+8U79FxDrTiFwtLXh4ks0KLw= Subject key identifier: C2:E0:5D:B9:7D:66:45:03:AB:C5:6C:53:7B:0B:B4:A8:9F:C2:82:6C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 032B8242127912A5130CD7D72B2EC3B6F0B68DDF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa Signing time: Wed 10 Dec 2025 05:30:08 +0000 ROA not before: Wed 10 Dec 2025 05:30:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:2080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:2b:82:42:12:79:12:a5:13:0c:d7:d7:2b:2e:c3:b6:f0:b6:8d:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4857cb577168dc910b8bfb82dd938977bbc54e99cc04cfaddbd004275afd8cf6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:86:85:cc:e7:36:13:6a:75:10:a7:7d:a0:cd: fa:a9:8e:97:0d:ef:65:d8:88:b6:49:cf:2a:98:4a: 74:c1:f5:b5:6d:e1:08:25:35:4d:eb:91:29:18:76: 6f:1b:34:f6:4e:21:db:b0:5a:d3:ac:db:a6:e5:3f: 47:85:6d:57:14:bb:7f:e2:99:78:28:52:46:61:8e: 33:e5:ef:25:49:f1:f6:b3:ce:57:f3:bf:88:a0:5f: fb:99:38:cf:bd:31:21:b9:51:1f:af:82:f3:c8:2d: 01:dd:81:51:c1:b0:59:f3:23:02:04:24:f3:f5:08: e8:a0:2a:88:88:08:d3:1a:c3:ff:98:ee:2a:ac:8c: 33:4f:a8:8e:5a:13:80:c4:6f:fc:26:7d:f0:d7:35: ae:cc:dc:18:77:eb:ff:81:82:1b:38:40:05:36:28: 89:a7:0d:2c:cf:71:19:ab:af:90:ef:65:8f:78:fd: 1e:e9:30:16:47:bc:4f:b3:80:70:8c:32:ea:21:c2: fa:ed:64:e1:f4:f3:13:50:cc:17:43:67:7b:1d:1a: c1:5b:3f:4d:56:28:bc:8b:a0:68:20:3a:cd:fa:1f: f5:01:8c:b9:58:a4:7a:bc:56:e1:9b:d6:30:50:44: 34:a7:b9:a6:94:59:cb:1e:4b:7e:44:34:77:fd:e6: 38:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:E0:5D:B9:7D:66:45:03:AB:C5:6C:53:7B:0B:B4:A8:9F:C2:82:6C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:2080::/48 Signature Algorithm: sha256WithRSAEncryption 2e:61:eb:c4:dd:02:71:24:f6:f0:8d:b4:19:b1:cb:28:37:2b: 9c:a1:36:e2:83:3e:02:e5:7a:32:f9:ff:fc:7e:3d:ca:a7:2d: ab:20:40:4e:98:b7:10:b4:c0:fd:23:d5:71:f4:cf:75:cb:25: 52:03:1b:3d:eb:86:17:d0:77:31:74:c2:88:9e:dd:3e:85:bd: 84:29:6a:d0:4c:65:2d:35:c5:93:32:9a:66:cb:3a:59:5f:da: ef:b3:ba:db:ef:c2:d4:40:d1:96:ce:95:a9:d9:33:61:9b:d8: fd:51:f0:2e:49:94:31:98:93:7d:71:d8:55:06:0b:f1:8d:95: 3e:f7:47:52:43:9f:b3:ec:1a:a8:87:a7:f5:76:7a:c3:74:b5: bb:ba:d0:a2:a7:25:f3:de:a0:1f:ba:77:cf:89:0e:f9:dc:f5: 17:39:04:59:22:02:ef:05:55:8a:01:6d:36:22:67:51:77:60: ad:e1:3a:65:69:f0:c3:fc:ee:fa:84:eb:8d:97:2e:b7:ba:c1: d9:87:9a:eb:f6:77:58:5e:53:e7:79:a5:a0:ab:8d:79:30:cb: 10:84:d4:18:c0:6d:bc:e1:7d:e5:67:0e:11:d3:0c:7b:fc:6a: fa:d8:3d:e0:1c:28:af:a6:27:b4:01:84:fa:7c:c0:60:20:07: 0a:c2:a6:86 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUAyuCQhJ5EqUTDNfXKy7DtvC2jd8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ4NTdjYjU3NzE2OGRjOTEwYjhiZmI4MmRkOTM4OTc3YmJjNTRlOTljYzA0 Y2ZhZGRiZDAwNDI3NWFmZDhjZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN+GhcznNhNqdRCnfaDN+qmOlw3vZdiItknPKphKdMH1tW3hCCU1TeuRKRh2 bxs09k4h27Ba06zbpuU/R4VtVxS7f+KZeChSRmGOM+XvJUnx9rPOV/O/iKBf+5k4 z70xIblRH6+C88gtAd2BUcGwWfMjAgQk8/UI6KAqiIgI0xrD/5juKqyMM0+ojloT gMRv/CZ98Nc1rszcGHfr/4GCGzhABTYoiacNLM9xGauvkO9lj3j9HukwFke8T7OA cIwy6iHC+u1k4fTzE1DMF0Nnex0awVs/TVYovIugaCA6zfof9QGMuVikerxW4ZvW MFBENKe5ppRZyx5LfkQ0d/3mOLMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTC4F25 fWZFA6vFbFN7C7Son8KCbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZjA2N2FhNTItZWU1Mi00ZmIyLTg2N2MtOGRjNzk3ODZkNDNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg gDANBgkqhkiG9w0BAQsFAAOCAQEALmHrxN0CcST28I20GbHLKDcrnKE24oM+AuV6 Mvn//H49yqctqyBATpi3ELTA/SPVcfTPdcslUgMbPeuGF9B3MXTCiJ7dPoW9hClq 0ExlLTXFkzKaZss6WV/a77O62+/C1EDRls6VqdkzYZvY/VHwLkmUMZiTfXHYVQYL 8Y2VPvdHUkOfs+waqIen9XZ6w3S1u7rQoqcl896gH7p3z4kO+dz1FzkEWSIC7wVV igFtNiJnUXdgreE6ZWnww/zu+oTrjZcut7rB2Yea6/Z3WF5T53mloKuNeTDLEITU GMBtvOF95WcOEdMMe/xq+tg94Bwor6YntAGE+nzAYCAHCsKmhg== -----END CERTIFICATE-----Generated at Mon Dec 15 17:08:58 2025 by rpki-client