This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa File: 09a66d07-54a4-4c26-8a49-e43710070e4d.roa (raw, json) Hash identifier: iCVSeD3OgK5jd58zsL7HOis6hihmZU7KzTjpTXMM7Tc= Subject key identifier: 54:0A:C4:81:41:31:97:26:91:10:AB:BD:61:F0:5D:0D:99:17:9A:5C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0B186935125EAC96E76E3311FDFA63796054C75E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa Signing time: Wed 10 Dec 2025 06:10:12 +0000 ROA not before: Wed 10 Dec 2025 06:10:12 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:1080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:18:69:35:12:5e:ac:96:e7:6e:33:11:fd:fa:63:79:60:54:c7:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:12 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=7c70c98b689a436968d9dd7d64ffba947f6db7e204d9ab146091c29e0a59c4c2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ff:77:a0:34:20:e8:9e:5b:cb:10:fe:c6:33: 1d:7b:60:35:46:24:70:fb:a4:ec:e4:b5:cb:f8:21: 09:44:11:ad:e6:eb:ca:d6:30:81:80:7f:f7:9c:88: d7:9e:a4:1a:6a:5a:9f:4c:29:d3:7f:9b:af:97:60: ef:29:56:14:a9:94:25:32:a6:d3:45:5d:52:d0:5a: f5:b2:22:e6:8b:ad:42:a2:e4:f9:a9:62:bb:1a:8d: 03:50:0d:fb:40:e1:2a:0f:6a:ac:0a:e7:5a:fe:8f: 10:a1:f9:f4:b3:b7:83:82:17:56:eb:3d:89:d0:cc: 72:b6:1b:81:91:2e:c8:cf:de:ef:02:1d:ec:77:d0: b8:ff:35:9d:b1:65:12:e0:96:62:f1:18:ee:0e:32: 3a:66:32:0e:c8:ce:f7:14:ec:35:70:03:e7:97:e1: 25:b6:08:14:4c:1b:3c:0b:35:00:c9:67:19:c7:15: 55:c6:6f:c9:5c:58:ea:60:dd:0f:29:dd:87:bf:07: 2f:8e:dc:95:53:34:bf:e5:ea:d1:9d:c7:52:21:04: 1e:b5:92:e6:92:21:74:30:84:57:3b:a6:a9:3e:3e: 6d:04:8a:89:61:6c:7e:e5:00:24:04:9d:97:76:6d: 80:bd:c9:75:6d:15:b4:6b:56:12:d1:e1:d9:19:c8: bf:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:0A:C4:81:41:31:97:26:91:10:AB:BD:61:F0:5D:0D:99:17:9A:5C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:1080::/48 Signature Algorithm: sha256WithRSAEncryption 15:df:b8:df:93:76:52:af:e4:45:65:83:39:77:51:3c:8f:5b: 06:99:5c:cf:63:bb:d4:7a:50:6b:c3:e1:02:c4:4b:46:44:c5: e9:07:76:5a:f6:02:0c:b9:e4:e6:f1:88:3b:23:3b:51:51:79: 69:98:51:48:32:87:e6:5a:55:60:8a:0b:32:fa:2d:eb:8a:74: f8:fd:e7:d4:eb:69:1e:e0:c9:d4:e5:75:67:67:08:c8:4b:3f: 4f:7c:b9:e8:d4:31:c9:0f:1b:49:d7:43:e4:be:3b:d7:54:2f: b8:8c:d5:ae:4d:6f:7e:61:f2:92:91:b6:3c:60:8e:46:cd:11: 6b:e6:65:9f:ce:f8:4b:ba:3c:52:e5:fc:c1:51:4d:0b:38:11: b0:26:60:33:64:a3:1e:e1:ea:b8:ca:27:0b:1f:40:ee:bc:77: 9e:0c:26:76:ae:17:c2:6d:21:ba:1c:6e:7c:ba:24:11:20:16: da:28:61:4d:8d:df:b0:1a:99:19:79:14:cb:08:ff:df:62:13: 36:5c:58:0f:3b:e8:1f:0e:45:5f:6f:b1:6f:bf:ba:13:21:52: c3:16:ad:4d:86:7b:da:ee:a5:2c:e4:df:48:c9:83:4c:53:15: a7:01:e0:37:5c:80:a5:5e:6f:d9:4a:da:c0:c2:6e:82:86:b9: 69:f7:1d:35 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUCxhpNRJerJbnbjMR/fpjeWBUx14wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwMTJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDdjNzBjOThiNjg5YTQzNjk2OGQ5ZGQ3ZDY0ZmZiYTk0N2Y2ZGI3ZTIwNGQ5 YWIxNDYwOTFjMjllMGE1OWM0YzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJz/d6A0IOieW8sQ/sYzHXtgNUYkcPuk7OS1y/ghCUQRrebrytYwgYB/95yI 156kGmpan0wp03+br5dg7ylWFKmUJTKm00VdUtBa9bIi5outQqLk+aliuxqNA1AN +0DhKg9qrArnWv6PEKH59LO3g4IXVus9idDMcrYbgZEuyM/e7wId7HfQuP81nbFl EuCWYvEY7g4yOmYyDsjO9xTsNXAD55fhJbYIFEwbPAs1AMlnGccVVcZvyVxY6mDd Dyndh78HL47clVM0v+Xq0Z3HUiEEHrWS5pIhdDCEVzumqT4+bQSKiWFsfuUAJASd l3ZtgL3JdW0VtGtWEtHh2RnIv8MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUCsSB QTGXJpEQq71h8F0NmReaXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDlhNjZkMDctNTRhNC00YzI2LThhNDktZTQzNzEwMDcwZTRkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q gDANBgkqhkiG9w0BAQsFAAOCAQEAFd+435N2Uq/kRWWDOXdRPI9bBplcz2O71HpQ a8PhAsRLRkTF6Qd2WvYCDLnk5vGIOyM7UVF5aZhRSDKH5lpVYIoLMvot64p0+P3n 1OtpHuDJ1OV1Z2cIyEs/T3y56NQxyQ8bSddD5L4711QvuIzVrk1vfmHykpG2PGCO Rs0Ra+Zln874S7o8UuX8wVFNCzgRsCZgM2SjHuHquMonCx9A7rx3ngwmdq4Xwm0h uhxufLokESAW2ihhTY3fsBqZGXkUywj/32ITNlxYDzvoHw5FX2+xb7+6EyFSwxat TYZ72u6lLOTfSMmDTFMVpwHgN1yApV5v2UrawMJugoa5afcdNQ== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:39 2026 by rpki-client