This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa File: 3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa (raw, json) Hash identifier: bRTAXYpLL/bSd5bWrh/t1H352Oh7UZgzccwsvStAdCQ= Subject key identifier: E0:6B:F0:3B:F7:61:0F:F1:09:FE:EE:A3:F3:51:16:F5:68:FE:06:08 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 46342BA572F2AE8C9F10C1813888836005134AF4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa Signing time: Wed 10 Dec 2025 05:50:57 +0000 ROA not before: Wed 10 Dec 2025 05:50:57 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:40a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:34:2b:a5:72:f2:ae:8c:9f:10:c1:81:38:88:83:60:05:13:4a:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:57 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d8015fc7469f6438aa4ad9fb954221c6188c9a2b049b8fa4169787a8b2f0800c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:06:b5:51:af:6f:03:5d:0a:dd:de:62:7c:73: d4:76:8f:16:d0:95:6e:58:05:d6:6b:14:35:59:0d: 51:8a:64:21:20:80:0a:8e:e2:2b:a9:43:4b:5c:d9: 60:ed:77:75:e9:80:32:1a:8c:dc:19:78:94:6b:59: eb:46:fc:fd:08:a3:b3:fe:d3:42:a2:51:22:03:a6: 7d:d3:50:b0:fe:f5:25:87:70:df:c9:d1:72:c2:51: 15:7a:7d:d5:a6:03:01:d9:d4:a3:bf:1f:4f:81:87: ea:48:c6:72:c4:c1:48:b5:38:61:9a:8d:6f:f3:2d: 2e:8f:0e:49:7c:bc:46:6a:9a:bb:27:4f:69:80:6f: eb:94:16:9b:7e:f8:f7:18:00:29:d6:3a:07:df:4f: 27:9e:f8:89:10:58:6b:ec:83:ef:8d:6e:b2:3a:c2: fe:a3:ea:ae:34:60:df:59:5a:84:9a:38:7c:e2:34: e3:16:eb:91:a0:3d:0b:1f:6b:c8:a6:75:f9:8d:f4: 6a:ff:55:fb:b2:b4:f2:88:33:66:50:1b:f3:35:9a: 03:06:c0:b8:ce:02:37:0c:74:12:bd:94:03:0e:9f: 68:a1:30:88:ce:63:88:7c:44:1b:06:1e:dd:f0:0c: fd:83:4f:f3:86:0c:e1:06:24:cf:e0:fd:d3:23:e2: 7c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:6B:F0:3B:F7:61:0F:F1:09:FE:EE:A3:F3:51:16:F5:68:FE:06:08 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:40a0::/48 Signature Algorithm: sha256WithRSAEncryption a5:a8:10:f3:f6:31:a3:29:27:89:2f:28:a0:cc:e8:6e:8b:f0: 04:eb:5a:08:63:c8:fa:4e:68:29:23:83:b4:be:30:84:69:e9: c9:5f:9f:df:34:a3:c0:5a:68:7c:8e:c5:24:9e:c2:a7:89:5d: 48:5c:2a:44:5b:ea:6f:78:68:38:59:e0:11:68:59:8a:81:29: 16:32:c9:aa:bd:96:26:5f:ca:d2:d4:b3:e8:78:82:33:33:83: d2:11:0c:ae:52:48:7c:49:f3:02:88:65:10:84:37:72:4b:19: 99:59:d6:d5:ee:46:07:32:dd:d7:49:53:65:96:3c:bd:2a:b1: 39:22:ea:7e:1b:76:a5:07:99:aa:04:45:14:17:87:34:de:5e: af:e7:5f:7e:17:3f:0c:25:ca:eb:42:9f:60:d4:03:0b:09:a9: 71:fb:5a:83:c8:4f:62:d1:6a:c0:e1:fc:18:93:48:15:df:98: ee:d0:a9:3e:8c:f9:1a:df:dc:82:22:99:c4:8b:7e:d3:16:90: f6:66:f7:7a:15:43:b6:28:95:54:12:9e:79:20:f1:70:20:c2: 2d:96:17:b7:33:a4:c7:df:12:69:3e:e2:2e:c1:26:c4:bf:2d: e4:d7:61:ce:b5:53:ed:a5:2f:d7:76:aa:f9:bd:e9:6f:8e:96: 79:b8:a3:c8 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIURjQrpXLyroyfEMGBOIiDYAUTSvQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNTdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ4MDE1ZmM3NDY5ZjY0MzhhYTRhZDlmYjk1NDIyMWM2MTg4YzlhMmIwNDli OGZhNDE2OTc4N2E4YjJmMDgwMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYGtVGvbwNdCt3eYnxz1HaPFtCVblgF1msUNVkNUYpkISCACo7iK6lDS1zZ YO13demAMhqM3Bl4lGtZ60b8/Qijs/7TQqJRIgOmfdNQsP71JYdw38nRcsJRFXp9 1aYDAdnUo78fT4GH6kjGcsTBSLU4YZqNb/MtLo8OSXy8RmqauydPaYBv65QWm374 9xgAKdY6B99PJ574iRBYa+yD741usjrC/qPqrjRg31lahJo4fOI04xbrkaA9Cx9r yKZ1+Y30av9V+7K08ogzZlAb8zWaAwbAuM4CNwx0Er2UAw6faKEwiM5jiHxEGwYe 3fAM/YNP84YM4QYkz+D90yPifCkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTga/A7 92EP8Qn+7qPzURb1aP4GCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2RiNjZjODgtMGJiMC00NGQ2LWI2YTAtYWQ3ZGQwODczYzU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA oDANBgkqhkiG9w0BAQsFAAOCAQEApagQ8/YxoykniS8ooMzobovwBOtaCGPI+k5o KSODtL4whGnpyV+f3zSjwFpofI7FJJ7Cp4ldSFwqRFvqb3hoOFngEWhZioEpFjLJ qr2WJl/K0tSz6HiCMzOD0hEMrlJIfEnzAohlEIQ3cksZmVnW1e5GBzLd10lTZZY8 vSqxOSLqfht2pQeZqgRFFBeHNN5er+dffhc/DCXK60KfYNQDCwmpcftag8hPYtFq wOH8GJNIFd+Y7tCpPoz5Gt/cgiKZxIt+0xaQ9mb3ehVDtiiVVBKeeSDxcCDCLZYX tzOkx98SaT7iLsEmxL8t5NdhzrVT7aUv13aq+b3pb46WebijyA== -----END CERTIFICATE-----Generated at Fri Jan 2 12:23:33 2026 by rpki-client