This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa File: 22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa (raw, json) Hash identifier: uFlQzSfzhNIn9XAnd7fVqyb+W97LlJ4/OalvTFECzvU= Subject key identifier: 75:29:52:48:47:CC:5A:4F:77:D5:BE:CC:40:FD:6E:86:EA:B6:2E:82 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 105BABC79B90A33A7CAB11DD834B07618ECD5116 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa Signing time: Wed 10 Dec 2025 06:30:14 +0000 ROA not before: Wed 10 Dec 2025 06:30:14 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d050:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:5b:ab:c7:9b:90:a3:3a:7c:ab:11:dd:83:4b:07:61:8e:cd:51:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:14 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=dcd42669dafdf0d5abfdb5ff7a91dccfc765f1b5a7918ffc151230b8099a258e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f2:a1:f2:eb:44:fd:e0:75:2b:e4:28:80:c4: ca:7b:83:58:4e:ae:0a:9d:53:45:24:da:29:e8:93: 67:49:52:94:16:cd:0b:7a:4f:a3:1d:89:92:2d:69: a3:a8:c1:30:28:13:94:da:1e:34:a3:5e:04:c8:89: 7d:f7:18:bb:37:6b:99:35:6b:42:7c:17:0d:5b:cc: d8:00:06:fa:20:e8:10:df:8b:76:36:b7:8e:ac:db: 0e:53:f5:e2:7c:32:44:01:5d:49:03:fc:07:5b:c2: 22:64:59:16:71:b4:ea:85:26:48:19:39:d1:52:8f: 24:d5:de:b2:6f:ae:0c:60:d0:90:af:6c:bb:1a:29: 9e:48:8e:73:b0:77:dd:56:cf:9f:89:7c:20:6d:1e: 20:9f:7d:0a:a0:c7:39:ef:64:f9:35:c6:d3:1b:69: 5a:63:16:d8:0a:7a:ff:ed:d7:3e:88:bb:59:cd:96: d7:2c:49:b5:97:9f:52:25:a4:a9:6d:b7:e4:1d:e9: 7d:6a:e3:b8:d8:62:9b:11:3b:d3:01:08:35:c9:b2: 44:3d:97:7e:9e:dd:11:10:7a:ee:57:76:12:00:9f: 05:cf:ff:f6:b5:22:bc:19:a6:3a:71:07:e5:0e:9d: 6b:74:9c:e3:50:ba:03:0d:6e:0e:19:4a:3a:35:d4: 97:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:29:52:48:47:CC:5A:4F:77:D5:BE:CC:40:FD:6E:86:EA:B6:2E:82 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d050:4000::/40 Signature Algorithm: sha256WithRSAEncryption 5d:3d:0c:3d:f7:e9:ba:e9:bf:c6:42:ba:33:25:34:40:28:a1: 74:e5:63:d5:e0:55:ac:2c:a1:05:5b:56:a7:c5:0e:ea:6a:e7: f1:27:e4:47:24:dd:16:24:7d:0c:fb:a4:74:3c:dd:0d:2f:e8: 9b:ca:1d:f0:3d:0a:e2:f9:49:d7:85:5f:1d:86:65:01:47:97: 16:9c:f0:fa:10:a2:83:b5:b7:7d:2c:0c:7f:fe:16:37:1e:9b: 9f:75:50:e7:e1:cb:13:10:2b:98:8c:38:92:de:b0:46:52:d3: 6c:d7:b1:60:b0:7e:d0:44:d3:01:5f:b7:a1:17:86:24:30:22: e3:92:c3:5a:68:29:5a:76:eb:45:52:07:c5:b5:84:37:b4:fa: f3:3f:e7:40:db:ca:2c:02:81:11:0c:89:24:3f:0c:df:6c:67: 9d:70:73:e1:b4:b9:5a:9c:8c:19:27:4e:86:46:2c:35:c1:85: ac:81:16:2a:1a:2e:05:92:88:fd:e6:4c:c6:e8:e3:28:4f:b8: 8e:23:7b:4f:a0:03:bc:a0:fa:1b:cd:15:c3:19:95:fe:3e:04: 06:c9:63:55:7a:33:cb:d2:c2:b9:1b:8c:70:17:45:d9:3c:90: a3:53:77:99:e8:ac:6f:69:45:e1:30:1e:4f:11:be:fe:64:15: 7e:f8:47:0f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEFurx5uQozp8qxHdg0sHYY7NURYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGRjZDQyNjY5ZGFmZGYwZDVhYmZkYjVmZjdhOTFkY2NmYzc2NWYxYjVhNzkx OGZmYzE1MTIzMGI4MDk5YTI1OGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfyofLrRP3gdSvkKIDEynuDWE6uCp1TRSTaKeiTZ0lSlBbNC3pPox2Jki1p o6jBMCgTlNoeNKNeBMiJffcYuzdrmTVrQnwXDVvM2AAG+iDoEN+Ldja3jqzbDlP1 4nwyRAFdSQP8B1vCImRZFnG06oUmSBk50VKPJNXesm+uDGDQkK9suxopnkiOc7B3 3VbPn4l8IG0eIJ99CqDHOe9k+TXG0xtpWmMW2Ap6/+3XPoi7Wc2W1yxJtZefUiWk qW235B3pfWrjuNhimxE70wEINcmyRD2Xfp7dERB67ld2EgCfBc//9rUivBmmOnEH 5Q6da3Sc41C6Aw1uDhlKOjXUl9sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1KVJI R8xaT3fVvsxA/W6G6rYugjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjJjYjIwYmMtODA2My00MTY5LTllNGItYTNhZDI5YWVlZGM3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBA MA0GCSqGSIb3DQEBCwUAA4IBAQBdPQw99+m66b/GQrozJTRAKKF05WPV4FWsLKEF W1anxQ7qaufxJ+RHJN0WJH0M+6R0PN0NL+ibyh3wPQri+UnXhV8dhmUBR5cWnPD6 EKKDtbd9LAx//hY3HpufdVDn4csTECuYjDiS3rBGUtNs17FgsH7QRNMBX7ehF4Yk MCLjksNaaCladutFUgfFtYQ3tPrzP+dA28osAoERDIkkPwzfbGedcHPhtLlanIwZ J06GRiw1wYWsgRYqGi4Fkoj95kzG6OMoT7iOI3tPoAO8oPobzRXDGZX+PgQGyWNV ejPL0sK5G4xwF0XZPJCjU3eZ6KxvaUXhMB5PEb7+ZBV++EcP -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:38 2026 by rpki-client