This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json) Hash identifier: jWjGcgys8phX2/Lss97q+8rD5LWjmrP/DN7pgRjMoyc= Subject key identifier: 0F:66:31:93:B8:AD:C3:17:81:E5:D8:10:B2:64:37:0A:5A:62:37:21 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 46833888674A605165DF09C093A03CBC6A4EA62D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa Signing time: Wed 10 Dec 2025 06:00:11 +0000 ROA not before: Wed 10 Dec 2025 06:00:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d019::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:83:38:88:67:4a:60:51:65:df:09:c0:93:a0:3c:bc:6a:4e:a6:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=838195c3db895d03117f2c1c6326678152a9557a0567aa3fdcb2cf211909f334, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d5:de:ee:92:8e:08:1b:ae:12:00:13:57:58: 2f:93:99:79:6c:2e:89:01:19:51:b4:e8:f1:2a:a6: 77:cd:62:9d:29:fc:fd:41:c9:27:e2:24:70:c6:c2: 6e:98:5c:ce:cd:ea:e3:bf:68:08:87:74:0c:34:05: 51:03:12:d5:97:70:cb:d0:15:36:0c:11:1a:95:13: 7b:05:61:80:fa:97:7b:9e:24:7d:90:52:c2:81:e0: ef:e6:1d:d1:d9:37:59:88:06:a9:82:40:56:5d:17: bc:0b:c5:90:19:41:f5:a5:ea:c5:e2:34:12:6c:cf: ca:06:0c:ec:68:83:2e:e0:41:0b:de:b7:b5:74:62: 74:27:5c:79:f3:c5:fc:6f:38:67:1c:e2:91:f0:4d: ad:da:bc:0c:e2:0a:33:dd:cd:55:03:73:44:2d:c4: 36:20:35:73:53:f8:32:2f:1c:7a:4c:d5:ca:1d:87: b0:e3:e5:8a:29:d7:d1:87:c2:df:d8:94:63:e4:32: 75:3c:f3:25:8a:c2:47:30:d5:6b:33:3d:76:6b:b7: 91:af:72:32:2d:6a:e4:60:46:d2:4d:10:1d:6d:7f: c8:50:53:45:f2:81:99:45:e3:45:6d:dd:a2:07:12: cd:4b:01:fb:79:3e:5e:ed:09:22:a0:82:fe:35:5c: 41:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:66:31:93:B8:AD:C3:17:81:E5:D8:10:B2:64:37:0A:5A:62:37:21 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d019::/38 Signature Algorithm: sha256WithRSAEncryption 9e:9e:08:ed:65:cb:b4:e3:58:f0:53:82:f0:72:d1:0f:f6:7f: 10:08:e8:89:50:ff:43:c8:30:b0:5f:c1:6b:7f:a9:a3:a4:d3: f3:8c:33:81:a3:9d:be:da:34:40:78:a5:f7:ed:4d:eb:ec:b1: 77:fe:8b:da:3b:2e:0d:93:ec:5d:76:64:79:3d:1d:05:eb:5c: 4c:c6:9b:91:43:1b:1d:92:a6:78:2d:80:44:39:e6:37:2c:44: 7f:34:60:88:26:0e:f8:b0:a7:29:87:b5:bb:d2:b7:b9:99:b5: 8e:5e:49:48:4c:e3:c9:fa:dd:22:ff:7c:82:69:99:7b:dd:9f: e6:65:a0:28:e8:23:f2:fe:22:60:c7:f2:fd:1f:fb:7e:2c:4f: 7b:49:0e:9d:b0:fa:44:12:f5:c7:da:93:78:0d:bb:7b:b1:25: 05:71:b5:4c:6b:e1:7c:dd:91:8a:39:5f:d0:82:5c:fa:76:2e: 70:e2:b6:eb:4d:35:bb:69:b4:79:f5:48:ec:49:c6:52:75:f2: dc:eb:a2:29:32:04:97:ee:ee:bf:c4:a6:f5:f6:cd:40:bd:9d: 89:1c:c4:bf:a9:76:ba:45:cd:1c:9e:58:e9:6b:7f:ea:c3:90: 64:1d:a2:85:39:bf:9b:d4:32:39:dd:5f:4a:ba:0b:b2:e7:2e: a4:a7:f2:dd -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURoM4iGdKYFFl3wnAk6A8vGpOpi0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDgzODE5NWMzZGI4OTVkMDMxMTdmMmMxYzYzMjY2NzgxNTJhOTU1N2EwNTY3 YWEzZmRjYjJjZjIxMTkwOWYzMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKXV3u6SjggbrhIAE1dYL5OZeWwuiQEZUbTo8Sqmd81inSn8/UHJJ+IkcMbC bphczs3q479oCId0DDQFUQMS1Zdwy9AVNgwRGpUTewVhgPqXe54kfZBSwoHg7+Yd 0dk3WYgGqYJAVl0XvAvFkBlB9aXqxeI0EmzPygYM7GiDLuBBC963tXRidCdcefPF /G84ZxzikfBNrdq8DOIKM93NVQNzRC3ENiA1c1P4Mi8cekzVyh2HsOPliinX0YfC 39iUY+QydTzzJYrCRzDVazM9dmu3ka9yMi1q5GBG0k0QHW1/yFBTRfKBmUXjRW3d ogcSzUsB+3k+Xu0JIqCC/jVcQWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPZjGT uK3DF4Hl2BCyZDcKWmI3ITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA MA0GCSqGSIb3DQEBCwUAA4IBAQCengjtZcu041jwU4LwctEP9n8QCOiJUP9DyDCw X8Frf6mjpNPzjDOBo52+2jRAeKX37U3r7LF3/ovaOy4Nk+xddmR5PR0F61xMxpuR QxsdkqZ4LYBEOeY3LER/NGCIJg74sKcph7W70re5mbWOXklITOPJ+t0i/3yCaZl7 3Z/mZaAo6CPy/iJgx/L9H/t+LE97SQ6dsPpEEvXH2pN4Dbt7sSUFcbVMa+F83ZGK OV/Qglz6di5w4rbrTTW7abR59UjsScZSdfLc66IpMgSX7u6/xKb19s1AvZ2JHMS/ qXa6Rc0cnljpa3/qw5BkHaKFOb+b1DI53V9Kuguy5y6kp/Ld -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:21 2026 by rpki-client