This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa File: 3bde61a2-7506-48c2-8365-3447411d858e.roa (raw, json) Hash identifier: hVJNam035JC9OuIY1W9rzl/3KEM0khK0mMpYcET7b10= Subject key identifier: F9:81:7D:0E:99:BB:58:76:C6:54:0B:09:C6:33:7A:12:E5:16:D9:EB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 71D2AFAFFC1FF7E6DEA829B43BA290DAB0DE4B66 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa Signing time: Wed 10 Dec 2025 06:21:29 +0000 ROA not before: Wed 10 Dec 2025 06:21:29 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d050:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:d2:af:af:fc:1f:f7:e6:de:a8:29:b4:3b:a2:90:da:b0:de:4b:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:29 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=cd40877f2438cd8ecca51fdce82cfedd20ee1dcfb694e2c0dd8b7e9dfca45993, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a5:6a:7d:33:27:b9:be:bd:ff:f3:34:c0:22: 11:ab:47:5a:a8:b4:07:9f:35:3c:3f:92:46:ff:30: 63:8e:82:ed:11:47:28:f4:74:87:f9:34:21:6e:50: fc:f5:ae:40:ca:e2:9c:90:8d:ad:dc:d9:20:3b:5a: f3:d1:7f:6b:1d:3c:c9:d3:eb:da:78:4f:35:88:68: 7f:09:30:8c:c9:87:46:09:09:e4:49:9f:30:86:45: 29:b1:47:3c:47:e7:1e:67:e3:30:ec:56:a2:78:74: 2c:02:ac:2c:fd:be:2d:fc:3e:dc:27:fb:fd:f0:89: d2:74:f1:f9:2c:71:00:95:66:bc:62:de:a6:a4:e3: 3d:5c:f9:35:a9:84:ac:b0:44:bc:53:55:55:07:e6: 44:f9:6d:c8:f4:3a:ca:97:eb:97:08:32:ee:85:c0: 35:ab:68:8b:72:4e:99:d5:d9:a3:4d:b5:53:db:e9: 42:eb:be:07:6d:7e:2e:56:7a:ef:bc:91:85:37:65: 5e:2c:e0:31:f0:bb:66:76:b7:10:ce:72:2f:a4:48: cd:d0:78:a6:8f:f2:36:90:38:00:c3:6c:92:c4:96: f3:1e:71:0e:e7:90:ba:72:9f:19:83:de:f0:62:d2: 25:0f:5a:4d:5e:52:75:7d:24:b0:a2:4c:63:b6:f0: ae:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:81:7D:0E:99:BB:58:76:C6:54:0B:09:C6:33:7A:12:E5:16:D9:EB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3bde61a2-7506-48c2-8365-3447411d858e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d050:5000::/40 Signature Algorithm: sha256WithRSAEncryption 17:8a:9a:9f:fa:a5:b8:85:c6:83:84:e8:74:4a:54:6b:f4:c2: e4:a1:07:b7:6e:e6:71:97:aa:dc:8e:77:91:2e:df:e3:22:37: 7b:44:19:64:a3:2b:ac:69:94:99:6c:be:b4:6e:49:a9:61:08: 5c:dd:73:b9:06:2c:8b:f3:10:92:08:63:7b:0d:d2:c2:59:bd: 48:1e:d5:df:e3:0c:1d:bd:a4:47:9e:a0:f9:f4:7d:10:fd:5a: 30:c5:d5:d7:9f:05:87:5a:ae:7d:a0:16:9a:92:27:dc:91:10: 65:38:55:d0:6d:27:8d:b1:92:3c:35:32:f8:5e:6b:a8:b9:28: 01:37:a0:0f:0f:b0:e9:ed:58:d1:fe:a4:cf:0d:3a:51:3e:03: 06:c5:c5:41:52:97:0a:a6:b9:b4:0f:e7:36:b8:ad:01:c9:0a: 2a:6b:e9:92:c6:cd:80:9e:c4:2f:13:df:bb:8c:32:9e:a7:cc: 86:14:7f:4a:a8:6e:2c:fc:57:a0:d9:81:a1:b6:72:02:79:a1: a5:59:77:70:74:b4:59:00:3c:61:bd:45:f9:5b:91:33:a6:53: 6c:0b:7b:bb:ea:e3:66:66:3c:d9:34:8e:0d:a5:99:41:33:3c: a9:e0:58:f1:99:1e:1d:6e:dc:e1:1b:84:fd:c2:6b:d7:c9:f4: 27:72:4c:0c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUcdKvr/wf9+beqCm0O6KQ2rDeS2YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMjlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNkNDA4NzdmMjQzOGNkOGVjY2E1MWZkY2U4MmNmZWRkMjBlZTFkY2ZiNjk0 ZTJjMGRkOGI3ZTlkZmNhNDU5OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKelan0zJ7m+vf/zNMAiEatHWqi0B581PD+SRv8wY46C7RFHKPR0h/k0IW5Q /PWuQMrinJCNrdzZIDta89F/ax08ydPr2nhPNYhofwkwjMmHRgkJ5EmfMIZFKbFH PEfnHmfjMOxWonh0LAKsLP2+Lfw+3Cf7/fCJ0nTx+SxxAJVmvGLepqTjPVz5NamE rLBEvFNVVQfmRPltyPQ6ypfrlwgy7oXANatoi3JOmdXZo021U9vpQuu+B21+LlZ6 77yRhTdlXizgMfC7Zna3EM5yL6RIzdB4po/yNpA4AMNsksSW8x5xDueQunKfGYPe 8GLSJQ9aTV5SdX0ksKJMY7bwrocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5gX0O mbtYdsZUCwnGM3oS5RbZ6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2JkZTYxYTItNzUwNi00OGMyLTgzNjUtMzQ0NzQxMWQ4NThlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBQ MA0GCSqGSIb3DQEBCwUAA4IBAQAXipqf+qW4hcaDhOh0SlRr9MLkoQe3buZxl6rc jneRLt/jIjd7RBlkoyusaZSZbL60bkmpYQhc3XO5BiyL8xCSCGN7DdLCWb1IHtXf 4wwdvaRHnqD59H0Q/VowxdXXnwWHWq59oBaakifckRBlOFXQbSeNsZI8NTL4Xmuo uSgBN6APD7Dp7VjR/qTPDTpRPgMGxcVBUpcKprm0D+c2uK0ByQoqa+mSxs2AnsQv E9+7jDKep8yGFH9KqG4s/Feg2YGhtnICeaGlWXdwdLRZADxhvUX5W5EzplNsC3u7 6uNmZjzZNI4NpZlBMzyp4FjxmR4dbtzhG4T9wmvXyfQnckwM -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:19 2026 by rpki-client