This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json) Hash identifier: KmwPQ1Yv1OcyeEDG1hjTba25Wr6Cd6cVyXXQDrToIeU= Subject key identifier: 8E:40:49:C5:EF:66:D8:AF:3B:D0:D3:9E:14:94:B5:DD:F1:1E:C3:62 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 07BD41A853D0A6CF626E2EF4C2EE45763B91A264 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa Signing time: Wed 10 Dec 2025 05:40:10 +0000 ROA not before: Wed 10 Dec 2025 05:40:10 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d050:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:bd:41:a8:53:d0:a6:cf:62:6e:2e:f4:c2:ee:45:76:3b:91:a2:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:10 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9eb1fd59d7439e69b6331e1bb6e0cfdbeb01729c5376ba146c561541b74934b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d3:aa:bb:0e:d0:a4:f1:6e:33:2e:8e:56:54: 14:5c:0e:28:d5:6f:e8:f9:d8:95:31:5c:45:fc:a4: 6c:08:24:43:64:38:05:84:98:ac:8a:b8:9f:81:a1: 37:0b:32:68:33:24:56:09:24:f2:c4:7c:51:dd:17: fc:d7:13:df:cd:30:8b:6c:be:3b:81:91:0b:ff:54: 32:d6:6c:4f:1c:c4:bb:bf:d7:bb:76:2d:cc:be:75: 14:a5:d3:bb:23:fb:f6:d8:e2:bb:b4:7f:f0:5c:a4: cb:bf:77:4b:5a:c9:c0:1d:7d:bb:38:f4:26:ed:e4: 47:8c:5e:25:3c:e3:5f:24:cd:35:a9:b2:63:9e:41: fd:ff:8c:03:c4:56:6b:56:bc:36:98:5b:48:12:47: 36:3a:f3:ea:37:26:12:84:97:9f:94:d3:c2:ca:be: 7b:48:68:a5:f0:cf:7e:14:35:60:3e:e3:11:c4:fc: 02:05:54:7b:f1:c5:43:70:eb:17:df:a4:24:d2:ad: 3d:14:b5:27:2e:d9:7d:bb:32:f2:f6:98:10:12:b7: 34:9f:1d:b9:79:c4:a6:15:e0:a5:3d:30:48:10:dc: f5:08:ed:1a:d1:02:69:ee:25:fc:2c:74:e6:f2:a5: 53:52:25:5a:b1:a0:38:a3:e5:92:43:47:b0:33:91: ef:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:40:49:C5:EF:66:D8:AF:3B:D0:D3:9E:14:94:B5:DD:F1:1E:C3:62 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d050:2000::/40 Signature Algorithm: sha256WithRSAEncryption 25:f4:73:94:80:0a:4a:fd:2e:3b:46:11:02:b1:53:13:36:cd: 93:de:de:cf:07:ac:4d:b0:e1:c0:53:a3:f5:e6:dd:2b:a3:a3: a6:e1:58:c3:31:0f:db:fb:35:ff:6f:2d:cb:06:1c:78:e8:48: 7f:7e:5a:c2:b2:ef:b1:36:8b:92:d6:7b:97:78:b8:cd:d7:c3: 2d:31:e3:15:e3:69:33:c2:fd:1b:91:7b:27:44:23:f1:e6:6d: 97:be:e1:44:8d:f5:a3:b1:f5:41:62:ec:43:36:9d:b6:da:ca: b1:69:4c:53:a7:db:f7:1d:ab:94:30:5a:e5:eb:eb:0b:b6:31: 33:fb:f6:f8:08:ed:ac:23:3e:9e:66:6c:87:10:a6:d6:25:26: 2f:b3:7c:a8:bf:8d:49:89:9d:5a:9c:f9:b5:b6:16:c2:71:f7: d0:7c:ec:6a:96:e4:7b:1b:93:87:eb:de:b8:79:0e:c4:89:25: a4:3b:80:bb:06:a7:a0:32:c1:be:eb:1a:b0:d0:a8:54:33:c7: 7e:b5:8b:0b:63:3e:e3:99:3d:d0:86:b3:7f:73:85:9c:be:12: a0:70:fb:05:66:f3:e8:9f:92:06:78:ab:54:be:89:36:f5:e5: b4:d9:3c:dc:89:d9:41:60:68:20:f0:6f:33:1f:f2:cb:57:28: 3e:10:ff:e0 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUB71BqFPQps9ibi70wu5FdjuRomQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwMTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDllYjFmZDU5ZDc0MzllNjliNjMzMWUxYmI2ZTBjZmRiZWIwMTcyOWM1Mzc2 YmExNDZjNTYxNTQxYjc0OTM0YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL3TqrsO0KTxbjMujlZUFFwOKNVv6PnYlTFcRfykbAgkQ2Q4BYSYrIq4n4Gh NwsyaDMkVgkk8sR8Ud0X/NcT380wi2y+O4GRC/9UMtZsTxzEu7/Xu3YtzL51FKXT uyP79tjiu7R/8Fyky793S1rJwB19uzj0Ju3kR4xeJTzjXyTNNamyY55B/f+MA8RW a1a8NphbSBJHNjrz6jcmEoSXn5TTwsq+e0hopfDPfhQ1YD7jEcT8AgVUe/HFQ3Dr F9+kJNKtPRS1Jy7Zfbsy8vaYEBK3NJ8duXnEphXgpT0wSBDc9QjtGtECae4l/Cx0 5vKlU1IlWrGgOKPlkkNHsDOR78cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOQEnF 72bYrzvQ054UlLXd8R7DYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg MA0GCSqGSIb3DQEBCwUAA4IBAQAl9HOUgApK/S47RhECsVMTNs2T3t7PB6xNsOHA U6P15t0ro6Om4VjDMQ/b+zX/by3LBhx46Eh/flrCsu+xNouS1nuXeLjN18MtMeMV 42kzwv0bkXsnRCPx5m2XvuFEjfWjsfVBYuxDNp222sqxaUxTp9v3HauUMFrl6+sL tjEz+/b4CO2sIz6eZmyHEKbWJSYvs3yov41JiZ1anPm1thbCcffQfOxqluR7G5OH 6964eQ7EiSWkO4C7BqegMsG+6xqw0KhUM8d+tYsLYz7jmT3QhrN/c4WcvhKgcPsF ZvPon5IGeKtUvok29eW02TzcidlBYGgg8G8zH/LLVyg+EP/g -----END CERTIFICATE-----Generated at Sun Dec 21 08:57:37 2025 by rpki-client