This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa File: 31246558-533e-42f5-8c90-dc91729aa7fa.roa (raw, json) Hash identifier: TN0GUMJSOX6ulNUG8iwfwk7XspH6wDjZCvS6xlWI1x4= Subject key identifier: 1B:17:99:F6:6D:0A:6C:BC:E8:99:1C:A2:41:9F:11:47:CD:2D:54:30 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 197FC9E538B17753C26C9EFA039ADB5F016A9E3D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa Signing time: Wed 10 Dec 2025 05:20:07 +0000 ROA not before: Wed 10 Dec 2025 05:20:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:7f:c9:e5:38:b1:77:53:c2:6c:9e:fa:03:9a:db:5f:01:6a:9e:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=578760befbe6cf04092c266d05544c74523901d7e9fa841e3fa6e8e5612e9ac3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:0a:e7:69:f5:f9:ee:51:4a:ce:93:54:04:84: 6c:4b:48:9e:34:02:75:10:f5:ed:95:1f:a0:5c:f5: 6d:da:b5:27:32:1d:f4:d2:47:bc:7f:c9:d2:37:19: f5:f2:ed:ac:14:8d:66:c0:e1:e4:d5:c1:58:e0:c7: 2c:14:54:b7:ba:fb:d5:ed:4a:4e:38:09:0c:1e:a7: 18:ff:52:7f:b3:2f:08:7a:f3:d0:ff:d2:50:7c:c3: ea:c3:9d:3d:0d:e3:2f:fc:1e:1d:73:29:e3:bd:7e: 72:2e:13:e6:7a:92:11:a2:95:47:3f:a5:80:8b:14: 5c:4f:0d:54:b9:00:0a:4b:e1:e5:01:56:ea:d9:dd: 23:42:c1:6a:53:eb:41:09:79:ac:91:e3:78:ad:8e: 4b:36:f9:7d:3f:04:a5:37:f8:ac:7b:22:3e:bc:05: b3:a5:c5:5a:5f:09:3e:e0:8a:d2:d8:05:06:e2:b2: c3:db:77:a4:18:03:0d:8d:e5:15:c3:a6:b8:49:e2: b2:b3:e7:fa:9f:24:1c:8d:de:4a:8d:49:6f:36:bc: 27:5a:fe:98:2c:f4:6e:c7:1d:26:5e:ff:e1:a5:20: 7c:e0:cb:bb:ae:24:43:c7:52:21:00:f2:25:bb:8d: 43:d1:6d:9d:b8:9d:f0:dd:0f:d3:91:55:82:5b:b3: 64:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:17:99:F6:6D:0A:6C:BC:E8:99:1C:A2:41:9F:11:47:CD:2D:54:30 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:1000::/40 Signature Algorithm: sha256WithRSAEncryption bd:51:23:3e:d4:0f:e6:17:a4:d9:0b:91:be:a8:b3:69:c3:91: d0:d4:43:44:53:23:eb:05:a0:3d:f7:0c:f8:e1:95:09:ad:a2: e1:f9:14:01:e5:da:46:9a:27:73:1e:98:cf:83:ab:d8:4f:6f: 6c:a7:ac:32:49:2a:d7:44:a5:a3:d3:e8:54:d3:40:a2:67:3a: 6a:f2:e1:e7:ce:f9:aa:ae:37:03:6c:08:ad:b9:fa:6f:6e:e0: f1:47:3f:eb:91:39:8e:3c:f7:b1:8a:a3:28:e8:83:07:a0:eb: fa:97:bc:4a:6b:46:ae:ff:60:56:dc:43:ab:7e:89:0a:41:56: 7c:af:fc:20:26:fc:56:eb:2d:5d:cc:dc:52:20:98:6f:09:69: 90:0f:8d:02:d7:75:20:b4:9d:12:3a:31:0b:e6:c7:46:6e:f8: d4:25:e1:4b:2c:48:f1:b0:92:0f:53:3e:66:11:e6:a2:b8:70: 0d:64:0e:41:18:bb:51:58:21:5b:92:4f:03:a8:60:55:c0:91: 3b:4b:97:3f:f8:8b:18:33:20:b7:70:e8:ee:e4:96:91:2d:e7: 3c:c5:2f:86:7f:23:4c:d8:a5:f3:ae:42:37:5e:1c:ae:1a:fd: 5c:c4:c4:9a:0c:c7:6b:dd:da:ab:ae:b4:9f:26:8f:bd:b6:5a: 8f:a0:6b:ba -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGX/J5Tixd1PCbJ76A5rbXwFqnj0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU3ODc2MGJlZmJlNmNmMDQwOTJjMjY2ZDA1NTQ0Yzc0NTIzOTAxZDdlOWZh ODQxZTNmYTZlOGU1NjEyZTlhYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANYK52n1+e5RSs6TVASEbEtInjQCdRD17ZUfoFz1bdq1JzId9NJHvH/J0jcZ 9fLtrBSNZsDh5NXBWODHLBRUt7r71e1KTjgJDB6nGP9Sf7MvCHrz0P/SUHzD6sOd PQ3jL/weHXMp471+ci4T5nqSEaKVRz+lgIsUXE8NVLkACkvh5QFW6tndI0LBalPr QQl5rJHjeK2OSzb5fT8EpTf4rHsiPrwFs6XFWl8JPuCK0tgFBuKyw9t3pBgDDY3l FcOmuEnisrPn+p8kHI3eSo1Jbza8J1r+mCz0bscdJl7/4aUgfODLu64kQ8dSIQDy JbuNQ9Ftnbid8N0P05FVgluzZNcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbF5n2 bQpsvOiZHKJBnxFHzS1UMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzEyNDY1NTgtNTMzZS00MmY1LThjOTAtZGM5MTcyOWFhN2ZhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0Q MA0GCSqGSIb3DQEBCwUAA4IBAQC9USM+1A/mF6TZC5G+qLNpw5HQ1ENEUyPrBaA9 9wz44ZUJraLh+RQB5dpGmidzHpjPg6vYT29sp6wySSrXRKWj0+hU00CiZzpq8uHn zvmqrjcDbAitufpvbuDxRz/rkTmOPPexiqMo6IMHoOv6l7xKa0au/2BW3EOrfokK QVZ8r/wgJvxW6y1dzNxSIJhvCWmQD40C13UgtJ0SOjEL5sdGbvjUJeFLLEjxsJIP Uz5mEeaiuHANZA5BGLtRWCFbkk8DqGBVwJE7S5c/+IsYMyC3cOju5JaRLec8xS+G fyNM2KXzrkI3XhyuGv1cxMSaDMdr3dqrrrSfJo+9tlqPoGu6 -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:36 2026 by rpki-client