This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa File: fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa (raw, json) Hash identifier: //P5og8/b3soaoG+UJwPS2EkiwX7jYNW9F4U+MYuZAI= Subject key identifier: 3B:E8:A7:97:F9:DC:C8:16:63:C9:C5:20:A8:4D:60:40:58:B0:F2:6D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0A335DB34D44E4C4AB0BEFADEBE58E5549F0F71B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa Signing time: Sat 29 Nov 2025 03:10:07 +0000 ROA not before: Sat 29 Nov 2025 03:10:07 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 46.137.128.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:33:5d:b3:4d:44:e4:c4:ab:0b:ef:ad:eb:e5:8e:55:49:f0:f7:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:07 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=adc375255b6295e4534fa4189ba25f995ec88f929f193819b23f43f445b1b2ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:7d:8b:d4:0f:0a:a7:58:e9:7f:7e:0d:93:0b: 3e:39:23:6a:bd:29:eb:57:a0:0a:ed:3f:12:a2:1e: 5e:b3:67:4e:bb:d4:52:3b:95:92:27:65:b7:62:bd: c8:8c:e3:2a:7a:c7:6c:98:9b:24:a2:dd:44:e6:b3: d1:11:19:a6:da:36:b2:a3:06:95:1e:88:13:d5:57: 2a:04:87:fa:fc:ba:2f:4d:10:eb:9d:87:bf:98:18: 6b:3c:2f:63:a3:68:a4:21:49:e5:d3:82:b0:ba:79: f6:74:4f:85:3e:1c:5f:d5:7d:da:db:df:13:f8:05: 8c:91:9f:a4:5f:6e:44:8a:18:ce:6f:f7:b7:a6:85: f8:92:9c:20:8a:17:5c:8d:7f:50:39:32:f4:fa:d4: 58:ff:72:ab:bb:3b:ff:89:d0:99:aa:0d:38:f5:b8: 03:53:19:ab:16:d6:d6:d6:7c:7b:0f:04:21:90:c7: a7:1e:a5:31:30:b6:55:3a:68:9d:53:47:42:63:08: 5d:14:14:88:9b:51:34:6c:59:24:f6:16:1d:6e:46: 03:23:f1:4b:d6:56:da:02:a2:e0:71:e9:e0:8b:41: 44:ad:05:08:ac:43:f4:e0:13:34:d6:1d:0e:e3:51: a2:44:08:40:56:d3:00:0a:39:60:7b:e9:17:0d:5e: a5:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:E8:A7:97:F9:DC:C8:16:63:C9:C5:20:A8:4D:60:40:58:B0:F2:6D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcee65ca-9c67-4925-b46f-60ec2eecb7a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.137.128.0/20 Signature Algorithm: sha256WithRSAEncryption ca:2d:37:01:58:bf:26:30:a6:2b:bc:e6:2c:ef:63:b8:1c:ff: 6e:75:56:bd:ce:4e:0b:fd:83:bf:68:68:b6:09:87:0d:f3:a9: 84:e2:dc:be:ac:78:71:8f:b7:5c:4f:fa:82:52:16:82:92:2b: bd:c8:3b:84:b8:0b:59:a3:3e:8b:dc:29:19:6b:5a:c8:eb:24: 71:98:43:4d:4c:ae:f3:c4:da:b8:a3:52:08:14:4d:50:f0:15: 01:5f:d5:de:16:90:09:51:3b:d4:22:92:86:f6:60:ce:27:0c: f7:8d:00:c2:45:fe:d9:73:55:26:a2:dd:78:28:fb:03:5c:61: e3:8c:90:09:18:f7:51:5e:7d:0e:85:2d:29:4d:4f:8c:bf:60: 86:78:ea:3b:c5:0b:9a:bb:63:9f:89:0d:b5:22:05:f1:5a:ee: 94:42:ec:76:1d:77:28:ae:50:c0:1d:6a:ca:4d:0e:8d:76:35: 33:a3:f5:85:fb:f0:eb:80:90:ce:0d:6d:8d:04:69:0d:24:f7: 22:1d:1d:9a:89:5a:17:ed:de:9a:69:5d:9e:51:cc:bc:24:6d: d6:9a:4b:0d:a2:9a:cb:7d:67:57:d8:e9:e1:e0:2e:75:c3:07: 80:51:15:d2:1c:c7:ef:9e:55:04:ca:b8:aa:0e:ca:15:91:c7: 05:b2:df:d1 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUCjNds01E5MSrC++t6+WOVUnw9xswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwMDdaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGFkYzM3NTI1NWI2Mjk1ZTQ1MzRmYTQxODliYTI1Zjk5NWVjODhmOTI5ZjE5 MzgxOWIyM2Y0M2Y0NDViMWIyYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMF9i9QPCqdY6X9+DZMLPjkjar0p61egCu0/EqIeXrNnTrvUUjuVkidlt2K9 yIzjKnrHbJibJKLdROaz0REZpto2sqMGlR6IE9VXKgSH+vy6L00Q652Hv5gYazwv Y6NopCFJ5dOCsLp59nRPhT4cX9V92tvfE/gFjJGfpF9uRIoYzm/3t6aF+JKcIIoX XI1/UDky9PrUWP9yq7s7/4nQmaoNOPW4A1MZqxbW1tZ8ew8EIZDHpx6lMTC2VTpo nVNHQmMIXRQUiJtRNGxZJPYWHW5GAyPxS9ZW2gKi4HHp4ItBRK0FCKxD9OATNNYd DuNRokQIQFbTAAo5YHvpFw1epfkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ76KeX +dzIFmPJxSCoTWBAWLDybTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmNlZTY1Y2EtOWM2Ny00OTI1LWI0NmYtNjBlYzJlZWNiN2EzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC6JgDAN BgkqhkiG9w0BAQsFAAOCAQEAyi03AVi/JjCmK7zmLO9juBz/bnVWvc5OC/2Dv2ho tgmHDfOphOLcvqx4cY+3XE/6glIWgpIrvcg7hLgLWaM+i9wpGWtayOskcZhDTUyu 88TauKNSCBRNUPAVAV/V3haQCVE71CKShvZgzicM940AwkX+2XNVJqLdeCj7A1xh 44yQCRj3UV59DoUtKU1PjL9ghnjqO8ULmrtjn4kNtSIF8VrulELsdh13KK5QwB1q yk0OjXY1M6P1hfvw64CQzg1tjQRpDST3Ih0dmolaF+3emmldnlHMvCRt1ppLDaKa y31nV9jp4eAudcMHgFEV0hzH755VBMq4qg7KFZHHBbLf0Q== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:44 2025 by rpki-client