This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json) Hash identifier: rHHjJEUlbNwwHv5kVq0n7NrVMwqereMUKWyvfslF+qQ= Subject key identifier: 0E:39:42:83:40:EF:19:B8:1D:FF:4C:D2:99:64:D2:3C:18:6F:77:4B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 18A2B58F3E6BA3B7D9417FCAB13400444752C919 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa Signing time: Sat 15 Nov 2025 06:10:26 +0000 ROA not before: Sat 15 Nov 2025 06:10:26 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:a2:b5:8f:3e:6b:a3:b7:d9:41:7f:ca:b1:34:00:44:47:52:c9:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:26 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=0ab7e40cb3d50a0dba9fb500c22667d0fbd2f7462f35b1e98cc6bd268906b0e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:3e:bc:a4:18:96:e8:79:87:fe:3f:87:19:24: 15:d4:a3:e3:a8:13:d3:7a:8a:e3:53:bf:86:b5:2a: 81:95:6e:1d:70:d8:68:77:dc:e3:d3:67:89:3a:8f: 42:d8:25:f1:12:f4:56:6e:4d:76:b6:ac:80:e2:9c: 97:af:77:cb:af:0e:64:60:f4:e7:96:b8:b6:35:91: 48:9c:41:8f:b5:99:fd:f9:54:55:1d:9f:5e:8b:4d: 60:35:33:44:0e:93:06:60:98:3c:cb:d0:ec:34:c9: ed:27:44:e0:e1:5b:bc:5e:c8:85:d1:84:f3:fb:3e: 91:b2:e2:0e:1e:77:13:26:5f:1f:a3:76:29:13:83: 27:48:e2:92:e4:27:d8:51:40:cb:be:54:b6:2e:e9: d9:b5:17:78:4d:93:24:38:02:48:07:8f:cd:cd:be: 90:ec:83:98:4e:87:e9:2b:d7:ec:f6:fb:69:bd:da: 1a:2b:e8:e6:bf:3d:4a:24:da:8d:b7:29:1a:42:f9: 45:f2:92:d7:3d:c3:36:b6:34:52:4a:4e:0c:07:89: e1:c6:33:9f:69:1e:7b:1c:d6:4e:b3:2c:c6:5b:6c: 6a:1a:36:68:68:89:8e:f2:c9:f1:b3:6e:cd:ad:96: eb:52:22:55:0f:f4:b3:1a:db:36:7e:48:bd:64:79: ea:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:39:42:83:40:EF:19:B8:1D:FF:4C:D2:99:64:D2:3C:18:6F:77:4B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:8000::/40 Signature Algorithm: sha256WithRSAEncryption 5d:a9:3b:cd:39:79:02:b2:00:e8:04:e8:29:33:3c:dd:0c:cd: 8f:59:09:92:7c:ef:26:51:2e:8f:28:7d:a1:96:89:1b:1b:60: 4a:9d:9d:72:ee:6c:3c:54:af:87:e6:ca:7b:80:22:a4:72:38: 0b:c9:58:63:2c:ac:bc:e5:7c:b6:a1:21:51:61:b8:c7:d8:a5: 90:72:87:50:28:7b:9a:0d:34:4f:02:fa:a2:bb:5f:ca:6f:72: ef:1a:aa:47:ff:d9:a6:07:09:f2:1b:c6:71:2f:b7:d8:50:fe: a9:57:ae:91:58:36:9e:64:84:26:15:44:65:09:74:25:44:a4: 17:e6:6a:10:ee:6c:0b:24:cc:07:fe:10:60:e9:4e:4b:11:58: 90:a3:4a:c1:d8:48:e9:55:95:5e:3f:5c:a6:d5:e4:fe:3d:fd: 83:cf:b2:ec:17:db:e1:ef:2f:e6:0d:ab:e6:41:20:ff:4c:49: 79:f0:b8:1f:1a:ab:55:3d:63:da:b1:be:03:94:b3:b4:8b:a6: af:cb:e2:66:ac:30:4c:e8:15:fb:23:ef:57:26:30:57:3d:79: 57:8f:ad:ae:dc:c2:23:95:3c:ff:f4:ca:38:0e:0d:5b:2b:d2: c9:32:cd:7f:7b:ee:dd:25:4a:9e:96:43:b9:78:84:08:82:8a: 66:c3:e1:5e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGKK1jz5ro7fZQX/KsTQAREdSyRkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMjZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDBhYjdlNDBjYjNkNTBhMGRiYTlmYjUwMGMyMjY2N2QwZmJkMmY3NDYyZjM1 YjFlOThjYzZiZDI2ODkwNmIwZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOY+vKQYluh5h/4/hxkkFdSj46gT03qK41O/hrUqgZVuHXDYaHfc49NniTqP Qtgl8RL0Vm5NdrasgOKcl693y68OZGD055a4tjWRSJxBj7WZ/flUVR2fXotNYDUz RA6TBmCYPMvQ7DTJ7SdE4OFbvF7IhdGE8/s+kbLiDh53EyZfH6N2KRODJ0jikuQn 2FFAy75Uti7p2bUXeE2TJDgCSAePzc2+kOyDmE6H6SvX7Pb7ab3aGivo5r89SiTa jbcpGkL5RfKS1z3DNrY0UkpODAeJ4cYzn2keexzWTrMsxltsaho2aGiJjvLJ8bNu za2W61IiVQ/0sxrbNn5IvWR56hkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOOUKD QO8ZuB3/TNKZZNI8GG93SzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA MA0GCSqGSIb3DQEBCwUAA4IBAQBdqTvNOXkCsgDoBOgpMzzdDM2PWQmSfO8mUS6P KH2hlokbG2BKnZ1y7mw8VK+H5sp7gCKkcjgLyVhjLKy85Xy2oSFRYbjH2KWQcodQ KHuaDTRPAvqiu1/Kb3LvGqpH/9mmBwnyG8ZxL7fYUP6pV66RWDaeZIQmFURlCXQl RKQX5moQ7mwLJMwH/hBg6U5LEViQo0rB2EjpVZVeP1ym1eT+Pf2Dz7LsF9vh7y/m DavmQSD/TEl58LgfGqtVPWPasb4DlLO0i6avy+JmrDBM6BX7I+9XJjBXPXlXj62u 3MIjlTz/9Mo4Dg1bK9LJMs1/e+7dJUqelkO5eIQIgopmw+Fe -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:50 2025 by rpki-client