This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json) Hash identifier: DEKB8JlA5G3Jse13tb9hh0hoKUNX9ffCFQJ4yeL1qHQ= Subject key identifier: D3:0A:85:9B:B4:57:D9:6F:69:4D:61:D2:65:7D:2C:34:F9:E7:59:4A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 161D6CA0301F1BA87C0D4D801C23BFB6A07E6D67 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa Signing time: Wed 10 Dec 2025 06:21:25 +0000 ROA not before: Wed 10 Dec 2025 06:21:25 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d02d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:1d:6c:a0:30:1f:1b:a8:7c:0d:4d:80:1c:23:bf:b6:a0:7e:6d:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:25 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=20f146348b1b4df695ff846ce12df00bc78223de2ede4bb744af583e19b6e39f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:cc:81:ee:c6:9d:e1:45:01:61:bb:2c:ff:d1: d8:23:a8:fd:6f:cd:14:8a:7d:17:77:a2:61:0c:f5: 01:23:77:61:92:d5:1b:d7:88:f3:10:e2:9c:62:a9: 74:f1:64:a1:29:5f:0d:60:c9:74:3d:15:9d:b1:9c: d5:cb:7c:0a:fc:f9:32:70:69:39:12:e9:7a:b1:50: 4e:1d:8e:68:2e:f2:8a:5f:f5:13:df:99:f6:b5:01: ed:ed:9a:d3:14:0c:d9:f9:de:e8:c3:2f:72:68:29: 24:65:96:2c:65:c3:46:24:a6:41:c0:27:74:69:37: 33:38:1c:f5:b8:47:31:8b:ec:99:2a:2f:db:60:92: f6:be:b7:a9:5d:b9:be:3c:26:ca:8a:10:52:ce:10: 7c:6c:22:65:cc:18:11:0a:aa:2a:99:5e:cd:21:80: 50:cb:91:92:27:b9:70:2b:f9:fd:61:bf:4d:fc:44: 17:72:ec:c8:fc:f3:c9:1e:e4:64:bb:9f:8c:9c:08: 84:86:90:8c:2b:8b:fe:44:da:a9:10:30:10:51:40: aa:02:96:4c:52:3b:60:7d:81:47:96:f0:71:ce:f8: b0:b1:1d:10:2c:4e:70:b3:a5:b1:39:cf:d1:04:69: 4d:3f:a0:a0:91:ee:fd:89:65:83:3c:f8:b7:55:9c: ae:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:0A:85:9B:B4:57:D9:6F:69:4D:61:D2:65:7D:2C:34:F9:E7:59:4A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d02d::/36 Signature Algorithm: sha256WithRSAEncryption 8b:8b:08:a9:69:c6:85:67:16:d4:05:7a:f4:00:c1:0e:c9:45: 0f:c8:e6:1c:a6:bd:28:05:e0:e9:04:43:a7:ed:f8:af:de:f4: 2e:9f:6d:9d:f9:2c:81:bd:f8:e6:00:92:25:f6:d7:9b:13:27: 07:0c:0d:28:c0:1c:00:7f:58:03:7e:f2:ab:29:e4:ea:5f:4f: 07:f8:62:14:95:df:a6:5f:51:80:d3:ab:ad:50:01:e3:7d:df: b5:7c:5a:79:b0:a1:06:1b:01:2f:0d:7d:81:de:05:33:88:59: d5:e5:4c:cd:da:7f:32:9e:7d:31:f3:80:06:fa:99:99:1b:52: b3:59:84:a7:82:24:3e:0b:2b:f1:ac:ac:58:6f:41:5d:fc:c3: 81:7c:5d:29:80:b4:c5:63:9a:8d:bb:8a:9a:2f:0f:62:08:0c: a9:8b:60:95:8c:4d:02:5b:3d:eb:c0:54:b1:b7:84:cd:a0:3a: 4c:65:9d:f1:81:44:d4:d9:49:b4:5e:ac:4e:41:02:de:b9:d0: b0:da:6e:7d:8b:72:a9:b5:64:24:cd:aa:a0:ea:d8:af:22:14: c1:86:c3:56:b0:3e:91:bf:bc:cf:18:f3:89:14:d3:74:f7:fa: d8:45:aa:bb:59:ad:bb:94:df:47:7d:0e:22:63:73:f9:f0:1b: 27:44:e2:15 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFh1soDAfG6h8DU2AHCO/tqB+bWcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMjVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIwZjE0NjM0OGIxYjRkZjY5NWZmODQ2Y2UxMmRmMDBiYzc4MjIzZGUyZWRl NGJiNzQ0YWY1ODNlMTliNmUzOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPXMge7GneFFAWG7LP/R2COo/W/NFIp9F3eiYQz1ASN3YZLVG9eI8xDinGKp dPFkoSlfDWDJdD0VnbGc1ct8Cvz5MnBpORLperFQTh2OaC7yil/1E9+Z9rUB7e2a 0xQM2fne6MMvcmgpJGWWLGXDRiSmQcAndGk3Mzgc9bhHMYvsmSov22CS9r63qV25 vjwmyooQUs4QfGwiZcwYEQqqKplezSGAUMuRkie5cCv5/WG/TfxEF3LsyPzzyR7k ZLufjJwIhIaQjCuL/kTaqRAwEFFAqgKWTFI7YH2BR5bwcc74sLEdECxOcLOlsTnP 0QRpTT+goJHu/Yllgzz4t1WcroECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTCoWb tFfZb2lNYdJlfSw0+edZSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A MA0GCSqGSIb3DQEBCwUAA4IBAQCLiwipacaFZxbUBXr0AMEOyUUPyOYcpr0oBeDp BEOn7fiv3vQun22d+SyBvfjmAJIl9tebEycHDA0owBwAf1gDfvKrKeTqX08H+GIU ld+mX1GA06utUAHjfd+1fFp5sKEGGwEvDX2B3gUziFnV5UzN2n8ynn0x84AG+pmZ G1KzWYSngiQ+CyvxrKxYb0Fd/MOBfF0pgLTFY5qNu4qaLw9iCAypi2CVjE0CWz3r wFSxt4TNoDpMZZ3xgUTU2Um0XqxOQQLeudCw2m59i3KptWQkzaqg6tivIhTBhsNW sD6Rv7zPGPOJFNN09/rYRaq7Wa27lN9HfQ4iY3P58BsnROIV -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:09 2026 by rpki-client