This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa File: f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa (raw, json) Hash identifier: ZO81BJbBx550kfBeH1qD6BJ2ZGlRZjmEaiSTFkhUsO8= Subject key identifier: 9E:3B:A7:22:7D:76:18:05:81:75:18:2F:96:5A:0B:89:E3:77:D6:4C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 14583D11C7BB91C6906884611ED46FC03E5DB053 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa Signing time: Wed 26 Nov 2025 00:00:07 +0000 ROA not before: Wed 26 Nov 2025 00:00:07 +0000 ROA not after: Tue 24 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:f080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:58:3d:11:c7:bb:91:c6:90:68:84:61:1e:d4:6f:c0:3e:5d:b0:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 26 00:00:07 2025 GMT Not After : Feb 24 23:59:59 2026 GMT Subject: serialNumber=62983b896428da398d6ac06eb386e3c9c62e67ed66bd45cb3b0f7cb8af211240, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:e3:55:30:af:10:f0:76:4f:d3:22:cc:1d:b5: d9:80:51:27:13:eb:69:ec:79:06:d9:8b:36:53:53: 51:b6:4a:1c:7b:ea:a3:03:dc:1d:ec:fc:84:95:3b: e1:20:6c:b2:8e:9d:9b:f3:89:34:9e:cb:9f:c1:0e: d1:ef:e1:37:82:18:6c:37:5b:86:2e:87:4d:15:af: 58:de:f5:08:0a:51:39:ed:a4:48:fa:a6:32:b9:39: e2:9c:82:aa:db:ea:de:f7:9e:95:13:ae:a9:6e:a6: cd:ac:69:c5:dd:bb:fc:4d:07:a5:a9:99:f6:7e:99: 6d:2a:0d:9e:7c:52:5f:01:48:7a:ff:eb:1c:ea:35: b5:a5:20:d7:0b:44:fe:ff:57:89:5c:0c:bd:2f:96: 16:61:9a:9a:6f:4f:72:56:4b:f8:91:61:8e:c4:de: 10:44:37:d3:77:9c:dd:7d:51:43:6a:1d:02:46:95: 9e:3e:ad:48:78:27:46:0a:91:c4:94:44:6c:67:ff: ca:31:9f:21:03:14:a8:4e:c9:c3:2b:17:0b:43:c4: c9:0b:66:0d:34:96:7a:f3:3b:32:3e:19:42:9b:08: 35:43:7a:f0:9c:c0:ee:91:14:da:4f:3f:26:f3:5e: 8c:33:18:10:f0:62:07:d0:69:a9:54:79:f2:90:b0: 4f:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:3B:A7:22:7D:76:18:05:81:75:18:2F:96:5A:0B:89:E3:77:D6:4C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f298c9d1-5f5e-4a2a-a203-29e2cbdb3779.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:f080::/48 Signature Algorithm: sha256WithRSAEncryption a6:5c:95:60:69:21:30:0f:1f:86:84:50:5f:b2:ea:ff:ec:32: 8e:2b:53:0d:66:15:63:b7:41:0f:74:6a:7e:81:c5:62:d1:83: 98:db:03:34:0a:0b:08:a9:72:6e:d6:4c:a5:61:67:bc:3b:ca: a2:90:ae:c8:ec:33:fa:e6:70:6a:f5:7a:c8:18:c0:57:e4:89: 42:7a:09:e0:a1:13:99:34:cd:e9:a8:18:f2:59:f5:1f:71:07: 4d:14:72:6b:3f:64:8f:66:e3:b8:d6:01:36:33:d4:ec:bf:1f: ee:29:d7:6c:de:3d:c2:3b:b7:ef:b7:c1:32:6e:86:32:8f:3e: f6:b5:54:69:57:ac:37:c7:10:a1:34:24:36:55:21:0e:2e:98: de:09:4f:e9:44:95:3f:80:7b:5c:98:d2:1c:a5:6e:b6:8e:4f: ac:b9:85:01:02:96:e1:43:08:b9:80:6b:e0:71:88:ba:3b:ed: 5f:c4:fd:91:a3:93:7e:be:7a:38:b2:81:c3:e4:ca:dd:bf:c6: 0d:4f:d3:8b:43:e3:a9:4c:20:73:b1:d6:b1:21:29:63:ef:56: ba:4b:81:06:49:8c:ed:85:b5:75:7d:6a:9f:81:69:04:ef:49: 24:a8:9d:75:fa:9a:fc:0e:0d:a0:89:f2:98:22:02:d8:3f:b4: be:a5:21:a6 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFFg9Ece7kcaQaIRhHtRvwD5dsFMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjYwMDAwMDdaFw0yNjAyMjQyMzU5NTlaMHoxSTBHBgNV BAUTQDYyOTgzYjg5NjQyOGRhMzk4ZDZhYzA2ZWIzODZlM2M5YzYyZTY3ZWQ2NmJk NDVjYjNiMGY3Y2I4YWYyMTEyNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKLjVTCvEPB2T9MizB212YBRJxPraex5BtmLNlNTUbZKHHvqowPcHez8hJU7 4SBsso6dm/OJNJ7Ln8EO0e/hN4IYbDdbhi6HTRWvWN71CApROe2kSPqmMrk54pyC qtvq3veelROuqW6mzaxpxd27/E0HpamZ9n6ZbSoNnnxSXwFIev/rHOo1taUg1wtE /v9XiVwMvS+WFmGamm9PclZL+JFhjsTeEEQ303ec3X1RQ2odAkaVnj6tSHgnRgqR xJREbGf/yjGfIQMUqE7JwysXC0PEyQtmDTSWevM7Mj4ZQpsINUN68JzA7pEU2k8/ JvNejDMYEPBiB9BpqVR58pCwT98CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSeO6ci fXYYBYF1GC+WWguJ43fWTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZjI5OGM5ZDEtNWY1ZS00YTJhLWEyMDMtMjllMmNiZGIzNzc5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/w gDANBgkqhkiG9w0BAQsFAAOCAQEAplyVYGkhMA8fhoRQX7Lq/+wyjitTDWYVY7dB D3RqfoHFYtGDmNsDNAoLCKlybtZMpWFnvDvKopCuyOwz+uZwavV6yBjAV+SJQnoJ 4KETmTTN6agY8ln1H3EHTRRyaz9kj2bjuNYBNjPU7L8f7inXbN49wju377fBMm6G Mo8+9rVUaVesN8cQoTQkNlUhDi6Y3glP6USVP4B7XJjSHKVuto5PrLmFAQKW4UMI uYBr4HGIujvtX8T9kaOTfr56OLKBw+TK3b/GDU/Ti0PjqUwgc7HWsSEpY+9WukuB BkmM7YW1dX1qn4FpBO9JJKiddfqa/A4NoInymCIC2D+0vqUhpg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:48 2025 by rpki-client