This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa File: 11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa (raw, json) Hash identifier: bIZJVoNmL/Hlnow7Tf0CVouv5wa+b82iGRsHmWyntwQ= Subject key identifier: FD:A6:E0:80:14:A9:79:58:0F:1D:82:6B:D3:85:64:C1:DC:69:78:E7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 18A56623C01F0CDC55901F5B0E7DE485DACE5FAC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa Signing time: Wed 10 Dec 2025 06:30:14 +0000 ROA not before: Wed 10 Dec 2025 06:30:14 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01b:800::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:a5:66:23:c0:1f:0c:dc:55:90:1f:5b:0e:7d:e4:85:da:ce:5f:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:14 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=592b696049689db0ddc0548982e5ad5fd1bfaac7909da3adf376ea8ae1e6500f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a2:8e:3c:46:03:cf:e8:08:9f:f4:b1:78:5d: b4:56:c5:e9:2b:da:37:9f:de:22:f4:d6:b5:e9:b3: 0a:a2:ec:63:8c:4a:ae:d6:05:fe:3c:93:d2:2f:2c: b6:80:96:14:0a:66:d9:e4:38:c3:79:a6:90:f5:b3: 20:c5:79:0d:7c:69:be:9f:4c:c1:f9:af:0a:c7:c0: d8:d7:c3:5d:e7:91:00:8c:fb:de:c8:7e:ac:5a:66: 45:5e:63:05:2f:b1:1c:5c:d1:21:24:b2:4c:c3:e1: 93:db:78:17:12:31:a7:4f:ed:f9:ce:59:43:f9:64: f9:d9:cd:a3:8b:4b:c9:ad:21:d1:27:32:c2:dc:71: 70:f2:28:79:dd:03:dc:d6:c0:fd:cc:6e:2c:0c:30: 3f:d5:59:dc:b0:ab:ec:06:8c:6e:c2:21:d5:89:91: a0:55:c8:b8:be:ea:ce:4c:aa:cf:2d:28:af:18:d7: 50:bb:7c:29:4d:4f:96:0f:f2:12:3d:90:b0:f9:67: f8:80:9b:e6:e6:f4:20:a3:3f:59:bf:4b:60:e5:fd: d7:23:c6:4e:d5:ad:c9:9f:cf:fe:d2:11:e2:b7:fe: 6b:6c:33:12:fb:f7:e0:2b:a2:75:6d:10:03:95:90: 50:be:eb:8f:56:b8:32:74:ff:c9:5a:fd:12:e0:67: 08:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:A6:E0:80:14:A9:79:58:0F:1D:82:6B:D3:85:64:C1:DC:69:78:E7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01b:800::/37 Signature Algorithm: sha256WithRSAEncryption 5c:e6:26:62:d4:a9:1a:d5:23:16:e8:bd:26:fc:7e:61:c1:8d: 3f:a2:11:d6:93:f6:60:88:4c:cf:40:2b:b1:c2:7f:b4:f0:61: e9:bc:70:dc:94:c6:b0:7c:0d:8a:42:bc:cf:47:d9:be:25:2a: 19:cc:c5:1c:e1:65:56:e9:7a:f5:ce:c2:6d:d8:84:cd:79:d3: 05:85:37:52:6d:b2:10:4a:96:00:8c:57:25:34:5d:68:80:94: e6:6c:6d:99:0f:57:8f:3a:93:90:5c:bb:74:4c:a8:19:df:7d: f5:54:cd:6f:86:c7:75:db:b5:d9:99:c9:e5:8f:27:9f:38:11: 53:0a:8b:ce:49:a7:b2:05:13:b2:d7:dc:d5:5a:3e:3b:08:d4: 46:41:fe:af:14:b6:75:2b:8d:68:f4:6d:11:fb:ef:cb:85:3a: 71:58:79:b1:44:b1:90:e6:07:b6:74:b1:25:97:98:1e:6f:6e: b1:63:a7:bb:3c:f8:66:2b:3a:37:e1:31:09:84:5c:a0:34:1e: 5d:bb:2e:eb:a2:c1:c4:ea:e6:7b:f1:41:93:94:ea:16:2c:f7: cc:59:a8:a8:81:e4:8d:e1:9a:85:1e:50:0e:d9:94:a2:a8:24: 81:3b:db:cb:b3:99:d7:ea:50:fd:e9:3f:ec:5d:85:a3:fa:e8: 87:b3:31:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGKVmI8AfDNxVkB9bDn3khdrOX6wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU5MmI2OTYwNDk2ODlkYjBkZGMwNTQ4OTgyZTVhZDVmZDFiZmFhYzc5MDlk YTNhZGYzNzZlYThhZTFlNjUwMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM6ijjxGA8/oCJ/0sXhdtFbF6SvaN5/eIvTWtemzCqLsY4xKrtYF/jyT0i8s toCWFApm2eQ4w3mmkPWzIMV5DXxpvp9MwfmvCsfA2NfDXeeRAIz73sh+rFpmRV5j BS+xHFzRISSyTMPhk9t4FxIxp0/t+c5ZQ/lk+dnNo4tLya0h0ScywtxxcPIoed0D 3NbA/cxuLAwwP9VZ3LCr7AaMbsIh1YmRoFXIuL7qzkyqzy0orxjXULt8KU1Plg/y Ej2QsPln+ICb5ub0IKM/Wb9LYOX91yPGTtWtyZ/P/tIR4rf+a2wzEvv34CuidW0Q A5WQUL7rj1a4MnT/yVr9EuBnCFUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9puCA FKl5WA8dgmvThWTB3Gl45zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTFjMTUwZmMtZGNiNS00MDJjLTliZjAtNWE0NmMyYjU4ZDM1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsI MA0GCSqGSIb3DQEBCwUAA4IBAQBc5iZi1Kka1SMW6L0m/H5hwY0/ohHWk/ZgiEzP QCuxwn+08GHpvHDclMawfA2KQrzPR9m+JSoZzMUc4WVW6Xr1zsJt2ITNedMFhTdS bbIQSpYAjFclNF1ogJTmbG2ZD1ePOpOQXLt0TKgZ3331VM1vhsd127XZmcnljyef OBFTCovOSaeyBROy19zVWj47CNRGQf6vFLZ1K41o9G0R++/LhTpxWHmxRLGQ5ge2 dLEll5geb26xY6e7PPhmKzo34TEJhFygNB5duy7rosHE6uZ78UGTlOoWLPfMWaio geSN4ZqFHlAO2ZSiqCSBO9vLs5nX6lD96T/sXYWj+uiHszHU -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:26 2026 by rpki-client