This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json) Hash identifier: xtqNfrMl+rmvA87Wyemg61CJ4Vyykt6YSYJwG4rTf8E= Subject key identifier: C7:26:1D:57:A7:0B:D8:23:4E:67:63:6B:A4:79:59:26:9F:AB:40:B2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3E9318F04C20666477F4CECB4EE364EE4636D7E6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa Signing time: Wed 10 Dec 2025 05:30:45 +0000 ROA not before: Wed 10 Dec 2025 05:30:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:93:18:f0:4c:20:66:64:77:f4:ce:cb:4e:e3:64:ee:46:36:d7:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1dc9c232c47264dcf036660b8069e9e277db11b891b2dffcf9bfdfcf93128d93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:1d:df:ea:f1:7c:f6:d1:b5:c3:e1:77:a6:f2: 72:95:62:a0:ed:ba:43:96:6a:3e:35:53:5c:2d:5b: f8:b6:02:82:c3:c9:2f:62:00:19:a8:df:79:c7:0d: a3:df:1a:3a:f2:55:cf:9f:ae:cd:3e:d7:84:1a:b2: 9e:01:b8:38:fb:82:e2:93:e4:38:a4:2e:0a:38:20: 1d:01:79:f5:f7:e0:ee:03:9f:33:38:4b:99:06:b4: bd:a7:d8:b4:ec:00:c2:89:a9:cc:34:c3:2b:cf:8c: 8a:68:03:b8:ea:83:67:2e:b2:9c:a4:73:06:92:a9: 58:cc:62:95:1a:5a:ac:cb:30:ec:4f:24:bc:d9:13: 4d:f7:b0:93:d0:d4:d1:79:8e:5b:f4:2b:43:1e:f4: 18:b3:44:84:4b:ac:4e:7e:b5:3d:de:f7:b7:be:ac: 4a:bd:eb:75:68:55:f8:7e:6d:43:c0:36:84:81:5f: 47:50:2f:19:33:e5:b6:5f:82:ae:27:c9:4d:87:a6: 75:73:f0:33:b5:39:d3:55:68:b9:9f:81:68:f2:a2: 03:dd:d4:42:f5:88:a2:34:45:d1:b1:28:13:b1:cc: ec:19:eb:4b:f7:a4:bc:8d:7d:c8:e0:dd:cc:1f:1d: 6c:da:c9:1b:9f:51:45:e3:a7:ea:7e:e0:8f:8c:53: 66:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:26:1D:57:A7:0B:D8:23:4E:67:63:6B:A4:79:59:26:9F:AB:40:B2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:b000::/40 Signature Algorithm: sha256WithRSAEncryption 00:9b:8c:2a:64:74:5d:57:6f:04:90:c1:94:4d:af:f5:b0:83: b2:e5:58:a0:44:7c:c6:0d:5e:cc:42:b9:13:2e:93:f7:7f:b7: 19:c7:51:e4:9b:43:a8:3b:e0:6f:b7:a5:83:cf:48:fb:80:cd: 98:10:7c:f5:27:a4:1a:9e:43:0d:a3:08:d2:49:21:cf:f8:68: e9:15:5e:d7:ea:70:71:d8:12:1c:1e:08:94:a8:98:f5:d9:eb: ee:c9:34:50:44:2a:b2:24:96:29:f6:55:6e:d3:3d:88:7b:aa: ab:d3:78:71:5e:21:8f:b9:d1:31:e8:89:14:11:59:78:ba:71: b0:e3:77:15:6c:1d:07:0d:3d:48:b0:33:44:95:8c:cb:ad:34: 22:11:09:10:9c:31:07:d1:b2:5d:4b:01:a1:4a:8d:a8:db:ae: 05:91:5f:43:fb:b9:df:10:e1:52:3e:52:ad:f3:27:97:85:61: 3c:2d:a9:e3:a6:4a:02:d0:90:b1:7e:88:5f:67:73:5a:09:46: cc:a6:f5:3f:74:21:c7:68:08:63:1e:48:13:1d:b6:26:fa:f1: 4f:c4:8c:3d:1a:f1:06:64:b8:d3:9d:d9:41:da:06:31:32:5c: 93:31:3c:25:99:b8:fc:1b:a6:d8:53:30:c4:7b:fd:bc:dc:86: fa:79:bd:85 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPpMY8EwgZmR39M7LTuNk7kY21+YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFkYzljMjMyYzQ3MjY0ZGNmMDM2NjYwYjgwNjllOWUyNzdkYjExYjg5MWIy ZGZmY2Y5YmZkZmNmOTMxMjhkOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJcd3+rxfPbRtcPhd6bycpVioO26Q5ZqPjVTXC1b+LYCgsPJL2IAGajfeccN o98aOvJVz5+uzT7XhBqyngG4OPuC4pPkOKQuCjggHQF59ffg7gOfMzhLmQa0vafY tOwAwompzDTDK8+MimgDuOqDZy6ynKRzBpKpWMxilRparMsw7E8kvNkTTfewk9DU 0XmOW/QrQx70GLNEhEusTn61Pd73t76sSr3rdWhV+H5tQ8A2hIFfR1AvGTPltl+C rifJTYemdXPwM7U501VouZ+BaPKiA93UQvWIojRF0bEoE7HM7BnrS/ekvI19yODd zB8dbNrJG59RReOn6n7gj4xTZrcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHJh1X pwvYI05nY2ukeVkmn6tAsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w MA0GCSqGSIb3DQEBCwUAA4IBAQAAm4wqZHRdV28EkMGUTa/1sIOy5VigRHzGDV7M QrkTLpP3f7cZx1Hkm0OoO+Bvt6WDz0j7gM2YEHz1J6QankMNowjSSSHP+GjpFV7X 6nBx2BIcHgiUqJj12evuyTRQRCqyJJYp9lVu0z2Ie6qr03hxXiGPudEx6IkUEVl4 unGw43cVbB0HDT1IsDNElYzLrTQiEQkQnDEH0bJdSwGhSo2o264FkV9D+7nfEOFS PlKt8yeXhWE8LanjpkoC0JCxfohfZ3NaCUbMpvU/dCHHaAhjHkgTHbYm+vFPxIw9 GvEGZLjTndlB2gYxMlyTMTwlmbj8G6bYUzDEe/283Ib6eb2F -----END CERTIFICATE-----Generated at Fri Jan 2 12:22:40 2026 by rpki-client