This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa File: fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa (raw, json) Hash identifier: dWpcBPctBulF6FCgEi3b+ZLcli/i1scUm3tli/7Q//4= Subject key identifier: 7E:F7:65:8A:A4:6F:2B:F3:0D:EE:C7:61:EB:6F:E3:5B:95:A4:C4:A0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 21C15F3FE6E86F4E57E1736D0B3DB153A7CDF744 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa Signing time: Sat 15 Nov 2025 05:50:47 +0000 ROA not before: Sat 15 Nov 2025 05:50:47 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d075:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:c1:5f:3f:e6:e8:6f:4e:57:e1:73:6d:0b:3d:b1:53:a7:cd:f7:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:47 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=3be5850d73ac8875c00adb93eab1103f446a44627b5047a53e4ba987a8bf2442, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:48:5a:69:ce:af:2d:78:24:25:68:b1:8a:ec: 3f:6f:2c:e1:9d:1e:f6:2c:d8:35:ce:53:3e:fa:09: c0:16:61:88:25:86:c9:cd:0e:e6:45:f7:ba:cf:18: 10:e3:f8:4f:75:38:ee:a1:dc:66:a9:fd:ec:a5:4f: ba:22:e2:68:b5:5b:0c:0b:40:04:38:06:16:89:b5: 3a:09:ff:41:ea:c0:19:3e:7a:f4:9d:ef:15:61:1d: 90:03:dc:07:35:2c:1f:f5:97:f3:bc:ef:0b:0a:cd: a7:c0:d8:5e:a3:cf:1e:fe:f0:e8:cf:78:ad:60:36: f5:6e:2a:d9:95:e7:65:9c:25:50:9f:1f:db:ac:04: 6e:4f:eb:e7:4f:d9:d0:02:b6:af:19:21:8f:8c:e7: 84:d0:0b:6b:90:02:34:67:01:cd:d4:75:c3:52:5f: d5:80:59:ec:9e:22:c7:17:fa:d8:95:61:94:f0:c9: da:75:12:a7:f9:45:2e:77:5d:3f:37:0a:48:5f:38: 83:61:a4:71:94:c2:f7:80:4a:4b:e9:08:80:89:91: 72:a5:c8:b9:02:23:51:9c:63:a0:f8:38:7b:95:6b: 46:ca:b2:0e:93:04:0c:a3:70:01:3c:ce:aa:b7:e2: d2:19:81:74:7b:fb:ca:70:c0:e4:eb:de:5d:32:01: 53:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:F7:65:8A:A4:6F:2B:F3:0D:EE:C7:61:EB:6F:E3:5B:95:A4:C4:A0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d075:c000::/40 Signature Algorithm: sha256WithRSAEncryption c7:98:32:06:8d:bb:5d:b0:f2:a9:7b:03:80:95:75:42:51:ef: 50:5c:4c:83:dc:4f:79:c3:19:f6:da:48:da:e9:3c:32:56:38: 9f:69:a4:1e:8e:d6:1e:99:bc:01:f1:02:b1:80:af:16:b5:24: e7:7f:27:51:e4:b8:61:8d:3b:5b:a3:96:dc:cd:d9:e7:bd:d1: 31:d8:a1:3d:0b:e9:3b:26:de:73:a5:ee:cf:0b:47:ff:57:1c: bf:f4:c0:53:18:15:3d:dc:dc:79:7f:0a:35:d0:1c:00:66:83: 44:26:99:d0:d2:26:ef:2e:c1:ca:73:aa:5f:9c:03:ba:17:fb: 14:85:53:9e:4b:4b:bb:5c:1d:fe:f0:5d:5f:44:14:1a:f3:79: 76:85:eb:57:b3:07:b1:24:66:0c:d4:8b:86:da:e9:67:2a:90: 72:4f:e0:85:45:eb:d5:85:3c:b9:f6:82:0b:eb:3c:dd:4d:80: 21:3f:c0:c6:bb:96:56:d6:f7:2e:98:b1:5b:10:65:32:75:8a: 1c:58:6e:2e:cb:35:fa:a9:2c:83:e9:c5:a8:ed:0d:cb:71:72: fd:59:ef:92:72:fe:36:ff:fd:d3:13:16:0f:61:cf:75:d2:ca: dd:37:3c:7d:db:c3:78:0e:fb:19:84:65:1e:07:90:93:3a:8c: 2f:5c:16:2e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIcFfP+bob05X4XNtCz2xU6fN90QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwNDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDNiZTU4NTBkNzNhYzg4NzVjMDBhZGI5M2VhYjExMDNmNDQ2YTQ0NjI3YjUw NDdhNTNlNGJhOTg3YThiZjI0NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpIWmnOry14JCVosYrsP28s4Z0e9izYNc5TPvoJwBZhiCWGyc0O5kX3us8Y EOP4T3U47qHcZqn97KVPuiLiaLVbDAtABDgGFom1Ogn/QerAGT569J3vFWEdkAPc BzUsH/WX87zvCwrNp8DYXqPPHv7w6M94rWA29W4q2ZXnZZwlUJ8f26wEbk/r50/Z 0AK2rxkhj4znhNALa5ACNGcBzdR1w1Jf1YBZ7J4ixxf62JVhlPDJ2nUSp/lFLndd PzcKSF84g2GkcZTC94BKS+kIgImRcqXIuQIjUZxjoPg4e5VrRsqyDpMEDKNwATzO qrfi0hmBdHv7ynDA5OveXTIBU+cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+92WK pG8r8w3ux2Hrb+NblaTEoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmNjMmM4NTUtY2E2Mi00YjRjLWExYzYtOGI0MTUyYmM3YTA1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HXA MA0GCSqGSIb3DQEBCwUAA4IBAQDHmDIGjbtdsPKpewOAlXVCUe9QXEyD3E95wxn2 2kja6TwyVjifaaQejtYembwB8QKxgK8WtSTnfydR5LhhjTtbo5bczdnnvdEx2KE9 C+k7Jt5zpe7PC0f/Vxy/9MBTGBU93Nx5fwo10BwAZoNEJpnQ0ibvLsHKc6pfnAO6 F/sUhVOeS0u7XB3+8F1fRBQa83l2hetXswexJGYM1IuG2ulnKpByT+CFRevVhTy5 9oIL6zzdTYAhP8DGu5ZW1vcumLFbEGUydYocWG4uyzX6qSyD6cWo7Q3LcXL9We+S cv42//3TExYPYc910srdNzx928N4DvsZhGUeB5CTOowvXBYu -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:53 2025 by rpki-client