This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json) Hash identifier: XxMpRP222uum7n4g3itfuwBpMT0nPmU/HUgmdLU9rtY= Subject key identifier: D9:5A:8D:D6:37:2C:C4:11:E4:44:8A:8A:FB:AC:94:91:2E:AE:3A:5D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 59D70E49A32E48D74BD3A4A873A8604C19F184FC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa Signing time: Sat 15 Nov 2025 05:30:55 +0000 ROA not before: Sat 15 Nov 2025 05:30:55 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d019::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:d7:0e:49:a3:2e:48:d7:4b:d3:a4:a8:73:a8:60:4c:19:f1:84:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:55 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=c3b3ff1a21d008a5ff93934cc4f510244998a77422313d8191d18782637c3491, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:d8:24:7c:07:23:57:b1:aa:7d:87:fd:c5:bd: b7:94:b7:bf:d5:7a:25:c8:a4:b4:bd:07:37:fd:c9: d4:ad:a0:8d:d0:3f:7a:a9:4a:29:01:89:17:94:5d: 80:72:1d:a5:56:ad:2e:e4:6c:2f:34:99:de:36:c0: 7a:7b:80:f5:5d:91:f7:6e:f5:09:19:30:4b:71:e6: 35:09:d8:9e:45:11:43:c6:c5:03:b7:a0:a3:e4:bf: 0e:76:90:b2:4b:ad:76:13:a9:a1:43:59:cc:fd:43: 9d:33:a4:30:b6:e4:c0:de:10:60:b4:e2:de:c0:1a: d2:8b:b4:2f:61:50:88:50:64:f3:3d:0a:85:be:6b: e5:c2:e9:3a:1c:cf:da:19:cc:4b:5c:1c:3b:02:35: 44:b1:5f:ea:cd:cc:28:ec:34:8f:cd:45:14:e2:3c: 20:26:a5:83:0f:f0:e7:1d:19:37:bf:45:c9:7d:22: 81:42:18:97:2f:9e:35:3b:ab:4f:91:e6:46:52:a1: 22:d5:1e:e7:87:4c:09:d4:79:de:c7:8d:79:86:d4: 69:86:99:04:a0:db:ae:c7:f0:b9:42:3f:6c:65:65: d6:e0:6f:ca:60:4e:a7:e1:fa:9c:c2:06:b3:b4:ed: 6f:0f:e1:16:91:3c:88:68:bb:05:7f:ea:a8:ac:5f: fa:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:5A:8D:D6:37:2C:C4:11:E4:44:8A:8A:FB:AC:94:91:2E:AE:3A:5D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d019::/36 Signature Algorithm: sha256WithRSAEncryption 20:e4:a3:81:65:69:ab:c1:57:cf:8b:e3:7b:f5:66:cf:a5:84: 6a:c6:18:a4:64:db:d7:aa:c5:b9:ca:06:58:09:56:21:d2:39: 54:31:14:15:5e:4e:19:2c:b3:a3:2b:b4:1c:12:ab:56:b1:27: f9:0f:ef:59:0c:2d:12:77:f9:35:a9:a5:6b:87:74:35:6b:70: ae:ef:a0:60:58:1f:04:df:e5:1e:92:1b:7d:3d:53:2e:11:2f: ad:07:23:af:a3:2a:a2:d7:3b:b8:3a:2a:70:bb:90:d4:b5:5f: 94:a4:16:2f:69:70:56:c4:92:d0:88:52:7f:27:da:a7:0d:e2: 43:03:43:fd:b7:47:40:d6:d7:e9:ab:c1:d3:86:4e:a0:49:53: e7:d5:5b:12:67:60:b9:e2:39:4d:00:b4:ed:63:d7:d9:96:49: 38:f5:73:f2:f7:3e:d4:4b:b6:2a:ae:bf:c6:d4:83:dd:22:ef: 5c:8f:0e:2e:75:fe:47:d1:a9:5f:da:0f:d7:59:dc:b7:81:4e: 1f:e6:1a:67:97:f6:64:58:e9:23:4c:a1:4c:36:61:e5:4b:ee: d4:6d:e6:a1:da:36:9d:62:b1:82:4c:7b:d0:6a:c9:d0:9d:29: b4:ef:92:f0:86:7e:42:ad:e1:0b:49:ff:c2:64:c8:86:56:09: 82:82:db:35 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWdcOSaMuSNdL06Soc6hgTBnxhPwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwNTVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGMzYjNmZjFhMjFkMDA4YTVmZjkzOTM0Y2M0ZjUxMDI0NDk5OGE3NzQyMjMx M2Q4MTkxZDE4NzgyNjM3YzM0OTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOjYJHwHI1exqn2H/cW9t5S3v9V6JciktL0HN/3J1K2gjdA/eqlKKQGJF5Rd gHIdpVatLuRsLzSZ3jbAenuA9V2R9271CRkwS3HmNQnYnkURQ8bFA7ego+S/DnaQ skutdhOpoUNZzP1DnTOkMLbkwN4QYLTi3sAa0ou0L2FQiFBk8z0Khb5r5cLpOhzP 2hnMS1wcOwI1RLFf6s3MKOw0j81FFOI8ICalgw/w5x0ZN79FyX0igUIYly+eNTur T5HmRlKhItUe54dMCdR53seNeYbUaYaZBKDbrsfwuUI/bGVl1uBvymBOp+H6nMIG s7Ttbw/hFpE8iGi7BX/qqKxf+msCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZWo3W NyzEEeREior7rJSRLq46XTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA MA0GCSqGSIb3DQEBCwUAA4IBAQAg5KOBZWmrwVfPi+N79WbPpYRqxhikZNvXqsW5 ygZYCVYh0jlUMRQVXk4ZLLOjK7QcEqtWsSf5D+9ZDC0Sd/k1qaVrh3Q1a3Cu76Bg WB8E3+Uekht9PVMuES+tByOvoyqi1zu4Oipwu5DUtV+UpBYvaXBWxJLQiFJ/J9qn DeJDA0P9t0dA1tfpq8HThk6gSVPn1VsSZ2C54jlNALTtY9fZlkk49XPy9z7US7Yq rr/G1IPdIu9cjw4udf5H0alf2g/XWdy3gU4f5hpnl/ZkWOkjTKFMNmHlS+7Ubeah 2jadYrGCTHvQasnQnSm075Lwhn5CreELSf/CZMiGVgmCgts1 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:42 2025 by rpki-client