This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa File: 290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa (raw, json) Hash identifier: 14ChmZt1dhooTcj+kTKyaMffPFdee3yTOB8BwzNYx2E= Subject key identifier: 54:05:52:F2:EB:A5:F1:1D:A1:6F:12:A7:73:64:AA:41:08:5C:F5:81 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2969A86E4C3467501C6DE9D788586E42EC53A14E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa Signing time: Wed 10 Dec 2025 06:00:44 +0000 ROA not before: Wed 10 Dec 2025 06:00:44 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d02b::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:69:a8:6e:4c:34:67:50:1c:6d:e9:d7:88:58:6e:42:ec:53:a1:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:44 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c2f5fbb31ac475ae2dd886944eecc0b29f4aa27ccb292340e4fdda9b0c2bd491, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:eb:ba:ad:61:ea:f0:dc:7d:08:7b:c2:c8:2e: f1:1e:11:4e:0d:32:af:c0:82:19:f0:ac:5f:fa:ae: db:9f:dd:97:1d:84:5a:e2:d8:d1:08:eb:db:69:9c: ba:ad:31:c6:cd:ac:9e:60:07:b5:9f:1f:02:c1:14: 62:90:20:59:13:4d:b4:ab:dc:d1:fa:d7:e9:9a:6f: f9:cf:17:ac:b5:37:9c:a0:62:9e:e5:ec:dd:e4:4d: f6:95:8e:84:af:d7:1f:7b:ca:22:ea:55:b0:14:9c: b4:8c:2b:39:6b:70:c1:01:82:77:26:14:ae:fa:60: c4:62:6f:16:de:82:a4:fc:19:c0:74:04:41:db:cd: 40:8b:46:13:99:9f:ea:c9:06:9b:01:c7:2f:df:a5: 32:69:02:06:b3:96:40:75:a1:c5:1e:c0:fb:d1:5e: 3f:d6:82:d1:8b:cd:22:74:81:99:16:4a:c3:1f:38: 2e:79:87:9d:76:18:2b:cf:ad:1b:7e:0f:3c:03:b2: 60:3b:3a:4a:3e:54:ad:44:72:0d:9e:05:a4:f7:8f: 16:72:c7:e8:7d:70:08:e0:2d:42:ee:f5:f6:78:e9: 31:f0:b9:fc:a3:e5:ac:c2:2f:22:a8:a0:88:fb:cd: 53:19:04:74:cd:0b:1d:13:4a:92:1b:11:cf:c6:b4: 62:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:05:52:F2:EB:A5:F1:1D:A1:6F:12:A7:73:64:AA:41:08:5C:F5:81 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d02b::/36 Signature Algorithm: sha256WithRSAEncryption 5d:ba:fa:56:50:37:be:fc:80:61:f8:44:d0:50:f8:50:55:ad: 20:48:8e:b4:58:91:22:67:43:41:76:99:52:85:51:40:31:5b: f4:7b:51:20:2a:3c:98:5f:89:05:de:75:83:f2:0a:cb:4d:3e: 8d:63:e9:61:00:8e:2c:af:3b:33:ed:1d:b9:2a:84:8d:b7:bd: 40:a1:52:96:71:74:0f:b9:95:43:e3:1f:72:d5:9f:79:0a:5c: 3e:a6:bd:c9:07:b6:12:56:b8:e4:0e:63:27:23:db:a0:d6:34: 2e:88:19:ee:e9:54:6f:6e:35:58:a9:6b:76:e1:a3:11:5a:b7: 3d:23:7f:33:c0:91:e9:6f:c0:03:5f:de:88:df:56:f0:b9:ce: 3b:b2:f8:02:10:ae:04:40:f8:09:ca:9d:f3:a6:a2:95:ce:c4: 0d:1b:ef:32:cd:9d:4e:55:2a:bb:c5:41:33:cc:76:63:62:d6: 07:14:e2:91:1d:9e:bf:88:8b:c4:52:97:5e:73:5d:cd:98:d1: fa:ba:52:ee:4b:09:4d:4a:3d:01:a8:01:da:f1:5e:3d:c7:9c: 13:00:14:82:59:d0:b3:99:6b:c7:0f:68:27:3e:6e:8e:95:1c: 62:6e:3e:c0:1e:65:f0:8d:f5:a4:05:a8:87:75:e9:ab:fd:17: 7c:e3:ec:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKWmobkw0Z1AcbenXiFhuQuxToU4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwNDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGMyZjVmYmIzMWFjNDc1YWUyZGQ4ODY5NDRlZWNjMGIyOWY0YWEyN2NjYjI5 MjM0MGU0ZmRkYTliMGMyYmQ0OTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfruq1h6vDcfQh7wsgu8R4RTg0yr8CCGfCsX/qu25/dlx2EWuLY0Qjr22mc uq0xxs2snmAHtZ8fAsEUYpAgWRNNtKvc0frX6Zpv+c8XrLU3nKBinuXs3eRN9pWO hK/XH3vKIupVsBSctIwrOWtwwQGCdyYUrvpgxGJvFt6CpPwZwHQEQdvNQItGE5mf 6skGmwHHL9+lMmkCBrOWQHWhxR7A+9FeP9aC0YvNInSBmRZKwx84LnmHnXYYK8+t G34PPAOyYDs6Sj5UrURyDZ4FpPePFnLH6H1wCOAtQu719njpMfC5/KPlrMIvIqig iPvNUxkEdM0LHRNKkhsRz8a0YvkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUBVLy 66XxHaFvEqdzZKpBCFz1gTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjkwZTY3YzctN2I3NS00YjlkLWFiYzYtMGMzZWMzNGMxNTI3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CsA MA0GCSqGSIb3DQEBCwUAA4IBAQBduvpWUDe+/IBh+ETQUPhQVa0gSI60WJEiZ0NB dplShVFAMVv0e1EgKjyYX4kF3nWD8grLTT6NY+lhAI4srzsz7R25KoSNt71AoVKW cXQPuZVD4x9y1Z95Clw+pr3JB7YSVrjkDmMnI9ug1jQuiBnu6VRvbjVYqWt24aMR Wrc9I38zwJHpb8ADX96I31bwuc47svgCEK4EQPgJyp3zpqKVzsQNG+8yzZ1OVSq7 xUEzzHZjYtYHFOKRHZ6/iIvEUpdec13NmNH6ulLuSwlNSj0BqAHa8V49x5wTABSC WdCzmWvHD2gnPm6OlRxibj7AHmXwjfWkBaiHdemr/Rd84+zU -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:42 2026 by rpki-client