This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa File: fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa (raw, json) Hash identifier: 5o6yLH57JBE+VfmTPssov5SLWS20vk6BbXU0tfOV4sg= Subject key identifier: 3E:47:76:E0:D5:2E:B7:C5:A1:F3:DC:10:BD:E0:33:1A:9C:5F:D1:F0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 24F5A1D4E970A55FC9E95B3503CDEEC92D8A0AC2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa Signing time: Wed 10 Dec 2025 05:40:43 +0000 ROA not before: Wed 10 Dec 2025 05:40:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:4060::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:f5:a1:d4:e9:70:a5:5f:c9:e9:5b:35:03:cd:ee:c9:2d:8a:0a:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ba7a477ba2c2914a3ac29b6182d57c2979f3c7c1b0e187096110bac6a4dbd1d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:25:de:9d:37:e0:05:56:f5:8f:b3:e2:29:17: 76:4c:a9:40:eb:b6:40:ea:2d:b7:e4:2e:f1:89:0e: 6f:b4:56:38:e6:10:cf:57:0d:d5:a3:ca:88:8e:35: 13:6e:49:78:ba:23:68:7f:6f:cd:7e:e8:88:ca:25: fd:92:5c:4b:f6:f6:17:a5:92:80:92:eb:26:17:aa: 62:da:04:89:06:fc:69:ad:b2:63:72:18:f6:0b:6b: 00:41:c1:3a:be:da:92:2c:69:66:42:bf:d9:97:98: c7:9f:cb:f3:b8:10:06:cf:fc:3e:de:17:ad:b0:dd: f0:55:9e:45:23:92:1e:26:09:c0:4f:dd:ca:f7:26: 96:63:c3:1a:77:f2:7c:ad:c8:c6:5f:b6:4d:28:fe: 7a:f7:e9:94:64:b5:bc:75:2d:ed:77:46:0d:64:8e: 2d:7a:1d:f6:ad:5a:95:32:af:aa:f2:65:83:c7:28: f4:28:ea:da:9f:de:27:51:1e:57:34:58:2e:c3:ec: d1:72:45:0d:47:14:0b:24:6c:1f:d9:7b:a8:fb:ec: eb:ad:bb:55:1e:57:3e:dd:33:73:ae:82:81:01:f8: 65:37:2e:02:d2:14:3e:ee:74:fd:4d:00:02:67:a9: f1:0d:f4:2a:fa:a0:2c:0a:65:8e:24:67:ba:7c:f8: 85:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:47:76:E0:D5:2E:B7:C5:A1:F3:DC:10:BD:E0:33:1A:9C:5F:D1:F0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fb455f5d-6ce6-4373-b5bc-1c1e034a148a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:4060::/48 Signature Algorithm: sha256WithRSAEncryption 9f:ae:fc:2e:e6:3a:39:16:8b:7f:5d:63:60:65:07:f0:61:5d: 93:29:d1:c0:03:32:fa:92:3f:b6:48:74:20:60:f9:fa:0d:c1: 24:04:82:69:d7:0b:ba:58:f9:9e:18:76:ee:b1:c5:9a:7a:18: e2:d6:57:3a:4b:d0:d7:5a:0e:11:cb:7e:21:a3:d7:3e:11:54: a5:66:1e:26:c7:33:e9:1b:2c:18:bc:7a:74:64:02:32:1e:09: 1d:ac:3b:12:8e:c0:cb:23:fa:73:f3:8f:be:ed:06:fa:3d:0c: 46:d3:e9:f2:6a:73:44:46:44:50:2b:9d:db:04:24:62:ea:fe: 90:bd:4e:3f:34:e0:9b:16:6e:8a:eb:54:2f:e8:e7:25:13:e2: 9d:05:05:35:2d:23:43:2f:ee:46:7e:ff:0b:08:62:7c:8e:e5: 04:f7:3b:96:53:71:18:e6:cc:2c:ee:bb:d0:2f:89:84:9f:08: ee:76:48:84:48:54:09:23:4e:4b:0f:a8:33:2f:37:b3:c3:bf: 7d:d5:24:f1:c7:3c:37:81:4a:c5:ae:e4:64:04:86:9a:fd:32: de:bf:dc:b5:57:88:e4:8d:cb:8f:56:79:47:e6:30:5e:b8:aa: 3a:31:cd:94:39:5f:dd:c1:6f:0f:b5:8c:6f:e7:53:23:bb:31: 1b:4c:c8:3d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJPWh1OlwpV/J6Vs1A83uyS2KCsIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJhN2E0NzdiYTJjMjkxNGEzYWMyOWI2MTgyZDU3YzI5NzlmM2M3YzFiMGUx ODcwOTYxMTBiYWM2YTRkYmQxZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALEl3p034AVW9Y+z4ikXdkypQOu2QOott+Qu8YkOb7RWOOYQz1cN1aPKiI41 E25JeLojaH9vzX7oiMol/ZJcS/b2F6WSgJLrJheqYtoEiQb8aa2yY3IY9gtrAEHB Or7akixpZkK/2ZeYx5/L87gQBs/8Pt4XrbDd8FWeRSOSHiYJwE/dyvcmlmPDGnfy fK3Ixl+2TSj+evfplGS1vHUt7XdGDWSOLXod9q1alTKvqvJlg8co9Cjq2p/eJ1Ee VzRYLsPs0XJFDUcUCyRsH9l7qPvs6627VR5XPt0zc66CgQH4ZTcuAtIUPu50/U0A Amep8Q30KvqgLApljiRnunz4hecCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+R3bg 1S63xaHz3BC94DManF/R8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmI0NTVmNWQtNmNlNi00MzczLWI1YmMtMWMxZTAzNGExNDhhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA YDANBgkqhkiG9w0BAQsFAAOCAQEAn678LuY6ORaLf11jYGUH8GFdkynRwAMy+pI/ tkh0IGD5+g3BJASCadcLulj5nhh27rHFmnoY4tZXOkvQ11oOEct+IaPXPhFUpWYe Jscz6RssGLx6dGQCMh4JHaw7Eo7AyyP6c/OPvu0G+j0MRtPp8mpzREZEUCud2wQk Yur+kL1OPzTgmxZuiutUL+jnJRPinQUFNS0jQy/uRn7/CwhifI7lBPc7llNxGObM LO670C+JhJ8I7nZIhEhUCSNOSw+oMy83s8O/fdUk8cc8N4FKxa7kZASGmv0y3r/c tVeI5I3Lj1Z5R+YwXriqOjHNlDlf3cFvD7WMb+dTI7sxG0zIPQ== -----END CERTIFICATE-----Generated at Mon Dec 15 15:32:33 2025 by rpki-client