This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa File: ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa (raw, json) Hash identifier: +xeRSogIVKSu/S8vJxfdqRN7vR5eM1Mt8YCe3WGk9mE= Subject key identifier: 0E:EB:AA:DF:BB:D4:91:79:32:90:DB:7D:31:48:62:42:B7:29:93:67 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4C7C88D76BEB49F3A26EDC973E7C006D88D95D97 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa Signing time: Sat 29 Nov 2025 03:10:42 +0000 ROA not before: Sat 29 Nov 2025 03:10:42 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d074:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:7c:88:d7:6b:eb:49:f3:a2:6e:dc:97:3e:7c:00:6d:88:d9:5d:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:42 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=a12383d9936eb0199c1096edb4b9217bdcf350d245005e14887c994f0e631b30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:6c:88:72:6f:94:77:93:e4:41:3c:60:90:0e: ee:37:36:dd:74:56:9c:70:50:43:03:5b:25:8f:c6: 0a:b7:83:30:fa:0b:a4:e2:ef:6b:e7:75:1b:8c:1a: 7b:ef:03:04:30:3e:39:59:15:be:7c:72:d0:e0:ee: d1:c7:5a:85:ed:00:b9:2f:9b:0f:ca:f1:5d:af:ac: 1c:9a:cd:b8:3c:f6:96:03:93:1b:24:ee:de:2b:c6: 8c:2b:a5:b3:ce:6d:09:54:1b:02:14:4a:7d:ba:29: 7a:59:44:2d:34:71:45:f7:92:ca:f9:50:0a:bd:fc: dd:aa:61:47:d4:d2:8c:41:d1:c1:75:cf:fb:bc:ac: 46:ae:8c:64:51:2b:e2:c3:de:27:61:09:b2:43:fc: 05:0d:15:64:eb:e6:47:29:6e:f8:f7:8b:0a:df:90: 9a:79:83:b6:73:d2:8c:1e:dd:cb:27:6d:13:8b:6a: 72:a8:79:3e:b2:e7:c9:f3:1b:23:46:1a:99:e2:5f: 13:50:8a:ab:27:5a:35:6d:f4:1c:0e:74:d5:c3:f4: 21:6b:c3:bc:c2:50:88:2b:90:83:91:65:22:f9:d3: 8f:f7:4c:7c:80:48:62:53:d7:35:0a:26:c6:e2:d5: 35:7a:ab:fc:0d:8c:39:0a:7a:bd:2b:ee:3c:d9:b6: d5:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:EB:AA:DF:BB:D4:91:79:32:90:DB:7D:31:48:62:42:B7:29:93:67 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d074:a000::/40 Signature Algorithm: sha256WithRSAEncryption 21:20:05:eb:a5:1b:43:e3:78:79:bd:33:cb:18:60:80:b7:2c: 04:1c:16:48:bd:b1:62:db:4d:35:a8:df:93:91:80:6f:92:2f: 20:13:39:04:5a:1d:98:a7:e1:69:10:55:11:9c:8f:36:1e:f1: 98:c7:7a:d6:4f:98:32:5e:59:d5:c3:92:4c:2f:4a:7c:ca:1d: 88:8f:d2:bc:fd:68:3a:29:1a:2d:68:64:4d:84:fc:65:3a:0d: 76:89:1e:53:67:a4:6f:44:19:2c:53:b3:1d:ed:90:50:52:8c: 65:43:56:3c:2a:62:fd:84:c6:8d:1a:8c:0d:52:08:b4:eb:25: 58:89:2f:08:4d:61:dc:69:53:05:9b:e2:d6:4d:68:e5:5c:00: e4:27:df:a3:f3:ed:58:ef:7d:dd:2b:a9:d5:53:c7:89:7f:e7: 04:bf:f8:07:18:d1:4e:1f:f0:4f:ec:40:51:31:e3:16:df:0d: 21:6f:1b:8c:8a:bf:15:62:a5:1e:be:65:70:ee:fc:56:8d:76: 19:ce:98:a6:19:81:23:a8:08:30:d5:c7:e1:e4:c7:c4:24:9e: 54:14:a3:d5:5c:4e:79:07:e8:1e:f2:80:14:39:7c:cf:07:24: 43:cb:b1:27:76:a6:bc:a1:42:54:f6:dc:de:3a:cb:5c:95:f3: 83:53:c9:12 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTHyI12vrSfOibtyXPnwAbYjZXZcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwNDJaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGExMjM4M2Q5OTM2ZWIwMTk5YzEwOTZlZGI0YjkyMTdiZGNmMzUwZDI0NTAw NWUxNDg4N2M5OTRmMGU2MzFiMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANpsiHJvlHeT5EE8YJAO7jc23XRWnHBQQwNbJY/GCreDMPoLpOLva+d1G4wa e+8DBDA+OVkVvnxy0ODu0cdahe0AuS+bD8rxXa+sHJrNuDz2lgOTGyTu3ivGjCul s85tCVQbAhRKfbopellELTRxRfeSyvlQCr383aphR9TSjEHRwXXP+7ysRq6MZFEr 4sPeJ2EJskP8BQ0VZOvmRylu+PeLCt+QmnmDtnPSjB7dyydtE4tqcqh5PrLnyfMb I0YameJfE1CKqydaNW30HA501cP0IWvDvMJQiCuQg5FlIvnTj/dMfIBIYlPXNQom xuLVNXqr/A2MOQp6vSvuPNm21R0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQO66rf u9SReTKQ230xSGJCtymTZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmY0ODE2YzMtMmU1NS00MmQ4LWEyZmEtOGU3YWM3Mzc1ZDBlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSg MA0GCSqGSIb3DQEBCwUAA4IBAQAhIAXrpRtD43h5vTPLGGCAtywEHBZIvbFi2001 qN+TkYBvki8gEzkEWh2Yp+FpEFURnI82HvGYx3rWT5gyXlnVw5JML0p8yh2Ij9K8 /Wg6KRotaGRNhPxlOg12iR5TZ6RvRBksU7Md7ZBQUoxlQ1Y8KmL9hMaNGowNUgi0 6yVYiS8ITWHcaVMFm+LWTWjlXADkJ9+j8+1Y733dK6nVU8eJf+cEv/gHGNFOH/BP 7EBRMeMW3w0hbxuMir8VYqUevmVw7vxWjXYZzpimGYEjqAgw1cfh5MfEJJ5UFKPV XE55B+ge8oAUOXzPByRDy7Endqa8oUJU9tzeOstclfODU8kS -----END CERTIFICATE-----Generated at Sat Dec 6 17:36:13 2025 by rpki-client