This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json) Hash identifier: XXuWNAQXvDc1PkU7bTzZPwt+LPXjkamZPp+lbn5xXG0= Subject key identifier: E1:A2:36:B2:B1:38:C3:4E:03:12:DD:75:99:9A:BB:E3:1E:92:3C:8E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1313910151DCD5E1EA7C1DFAF0704085FC5D7643 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa Signing time: Wed 10 Dec 2025 06:31:11 +0000 ROA not before: Wed 10 Dec 2025 06:31:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d050:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:13:91:01:51:dc:d5:e1:ea:7c:1d:fa:f0:70:40:85:fc:5d:76:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:31:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=debe6884e9f5cdbf35973efd7980e8f21dd865e92356211c4c06d1d488705d61, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:7f:17:f8:d2:f1:52:96:69:64:61:52:80:64: 72:17:d1:78:e1:67:38:15:6a:d5:3f:94:43:ef:96: 56:30:4a:05:15:ff:d7:24:06:e3:e3:5f:d8:32:84: 25:7a:4d:e7:72:b3:a5:f8:76:0b:9e:59:39:a0:08: d2:73:55:b7:85:88:2a:73:f4:9e:1d:cd:3a:ee:22: aa:12:3f:65:6e:59:71:10:05:2e:9b:ad:c2:13:c7: c2:55:1a:39:a2:cc:03:4a:92:49:4a:96:c8:19:83: 97:c7:7d:56:f5:c0:ba:e6:c5:69:ef:77:28:d8:b1: 1f:4d:e3:29:e0:8b:0c:eb:d9:b2:b1:ab:1c:e7:a4: 35:0e:75:c7:ab:49:f7:9b:51:85:d6:24:d3:c4:a4: a0:f8:99:f7:63:39:6d:36:67:64:c0:e5:db:fa:a1: bd:95:a4:80:a8:a4:22:b3:5c:3c:9f:bf:1a:49:a3: 8d:6c:13:85:46:f4:0d:8e:5a:e1:73:85:c2:26:7c: ef:66:e0:10:0e:96:e1:bd:0b:58:53:10:ff:16:02: 81:9c:ad:56:5b:f7:71:c4:ad:13:78:90:c3:42:a3: d6:33:ce:f2:19:8e:3e:44:0e:ea:92:a0:1d:7e:b1: 3b:39:b8:83:c8:24:7a:46:36:2a:99:39:bf:fc:1f: da:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:A2:36:B2:B1:38:C3:4E:03:12:DD:75:99:9A:BB:E3:1E:92:3C:8E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d050:9000::/40 Signature Algorithm: sha256WithRSAEncryption 80:de:3c:c0:b0:8a:21:8f:7d:71:8b:ec:53:b7:6f:bb:67:dc: af:88:18:95:3d:06:ac:51:30:56:66:d6:12:da:22:c0:89:62: d8:ca:ed:d3:6c:24:19:c7:0f:54:b8:ce:af:7e:ec:29:33:29: c4:07:b0:39:89:50:6e:4e:6a:a1:53:49:a6:ad:77:c4:e9:94: 9a:b4:4d:69:d0:ae:8f:b3:c1:d1:c1:2a:45:30:01:a8:bc:96: fc:a3:9a:d1:a8:46:cd:cf:59:ea:01:4c:60:70:d4:ec:03:85: 44:09:49:41:64:8b:7b:52:c5:6c:7d:01:ec:e8:99:3d:76:09: 09:b8:da:a0:5e:70:33:6c:87:3b:0e:00:3e:78:cf:47:82:f0: 87:f2:cd:c5:75:d7:2f:5d:ed:20:8c:1a:77:97:f2:ea:20:ca: 55:89:62:39:c8:fb:49:71:d6:6e:fb:9e:44:fa:64:98:23:ba: 67:aa:40:80:5f:cd:a8:86:43:f4:e8:de:2c:b5:61:44:59:c8: 92:73:1d:66:ae:5a:e6:85:25:8c:4d:44:4b:a6:c7:93:52:b0: 28:ce:ba:f0:57:ec:86:a4:c7:5a:f2:e9:88:30:e2:8a:bf:4a: 60:c7:99:b7:7a:65:32:e1:3b:5c:8f:ec:48:a5:bf:11:35:bf: 7d:a8:87:df -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUExORAVHc1eHqfB368HBAhfxddkMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMxMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGRlYmU2ODg0ZTlmNWNkYmYzNTk3M2VmZDc5ODBlOGYyMWRkODY1ZTkyMzU2 MjExYzRjMDZkMWQ0ODg3MDVkNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOB/F/jS8VKWaWRhUoBkchfReOFnOBVq1T+UQ++WVjBKBRX/1yQG4+Nf2DKE JXpN53Kzpfh2C55ZOaAI0nNVt4WIKnP0nh3NOu4iqhI/ZW5ZcRAFLputwhPHwlUa OaLMA0qSSUqWyBmDl8d9VvXAuubFae93KNixH03jKeCLDOvZsrGrHOekNQ51x6tJ 95tRhdYk08SkoPiZ92M5bTZnZMDl2/qhvZWkgKikIrNcPJ+/GkmjjWwThUb0DY5a 4XOFwiZ872bgEA6W4b0LWFMQ/xYCgZytVlv3ccStE3iQw0Kj1jPO8hmOPkQO6pKg HX6xOzm4g8gkekY2Kpk5v/wf2nsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBThojay sTjDTgMS3XWZmrvjHpI8jjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ MA0GCSqGSIb3DQEBCwUAA4IBAQCA3jzAsIohj31xi+xTt2+7Z9yviBiVPQasUTBW ZtYS2iLAiWLYyu3TbCQZxw9UuM6vfuwpMynEB7A5iVBuTmqhU0mmrXfE6ZSatE1p 0K6Ps8HRwSpFMAGovJb8o5rRqEbNz1nqAUxgcNTsA4VECUlBZIt7UsVsfQHs6Jk9 dgkJuNqgXnAzbIc7DgA+eM9HgvCH8s3FddcvXe0gjBp3l/LqIMpViWI5yPtJcdZu +55E+mSYI7pnqkCAX82ohkP06N4stWFEWciScx1mrlrmhSWMTURLpseTUrAozrrw V+yGpMda8umIMOKKv0pgx5m3emUy4Ttcj+xIpb8RNb99qIff -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:18 2026 by rpki-client