This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json) Hash identifier: KXIxBJ3Ap0yQJe+aIFPN6/f637r+5IKFKvg+YVRGczY= Subject key identifier: D7:EF:A4:5D:CA:BA:BE:E3:8B:14:D5:E1:2F:4D:20:2E:0D:3B:FF:01 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 24EA41E81A96922B28FEF03860880F81AC437756 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa Signing time: Wed 10 Dec 2025 06:10:43 +0000 ROA not before: Wed 10 Dec 2025 06:10:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:ea:41:e8:1a:96:92:2b:28:fe:f0:38:60:88:0f:81:ac:43:77:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=29bf86e78b874fe7f813315a7bc99f281f0dabdca675680f7f8d77d197b1996d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7a:e6:95:d0:69:4f:92:e0:0b:98:58:ee:51: f3:b9:84:9f:0d:d8:3e:e2:5c:a9:21:1c:63:fd:a6: a0:46:ed:82:81:39:a9:86:36:9c:55:71:30:54:4d: c5:c6:19:5b:6f:93:fc:c1:3b:51:a9:4b:21:b1:4e: f4:17:ef:85:57:e3:35:01:1e:85:b3:c1:44:73:15: 04:74:ec:67:85:db:f9:bb:c6:e5:82:1b:7d:9c:e6: 70:93:77:45:e5:53:84:a7:57:7b:f9:c9:1f:a1:c6: 82:9e:17:ee:d2:95:83:8a:4f:97:2c:db:88:57:03: 7f:8c:f3:d5:88:93:bf:0b:56:7d:95:e1:e4:07:e3: bc:30:9c:af:6d:db:09:7d:d5:b5:33:ed:81:98:e5: 3b:61:c3:b6:39:ca:bd:6f:92:f0:ed:91:12:46:f3: 60:0d:38:c9:11:b6:bd:75:ae:e5:ab:76:bb:ab:8c: 97:d5:ea:a1:76:34:ec:20:a1:34:84:91:c6:7d:3f: 54:e3:6f:8b:fd:7a:06:ad:37:40:24:c2:b0:99:1b: 2e:5f:92:e1:f9:fc:99:0f:cb:93:0a:99:51:5e:1d: 5f:c6:8e:18:28:73:85:64:38:0d:b3:e0:f9:c6:7f: 8e:d3:fe:34:59:6e:0f:6d:0f:df:25:8e:41:5b:a1: 9c:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:EF:A4:5D:CA:BA:BE:E3:8B:14:D5:E1:2F:4D:20:2E:0D:3B:FF:01 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:60c0::/48 Signature Algorithm: sha256WithRSAEncryption c7:76:69:57:68:1d:b9:96:e0:70:a2:d2:c8:65:b6:f5:dd:55: c3:7b:65:da:d7:f0:82:45:7d:19:c7:6f:5f:48:bb:e1:d7:b8: f9:09:90:df:f2:26:6c:b1:aa:11:b0:98:d8:c4:dc:15:97:64: 13:70:43:09:14:73:c2:9a:bb:73:bb:36:f2:e0:4a:6a:98:22: 2d:f3:59:86:66:fd:c7:da:1c:3f:51:ae:d9:e8:1c:3b:75:53: 76:21:bc:bc:d8:99:d1:20:fa:a5:fc:ca:17:3f:06:f7:64:b6: 2b:82:8e:d8:0b:fa:0e:cb:32:60:aa:5f:3c:00:68:fb:99:0c: 59:b6:b4:21:de:36:d2:f9:f1:77:e5:bc:79:b8:e5:aa:8d:41: c2:7e:d1:44:1d:9b:d0:93:4d:91:da:e1:91:6c:e1:64:fc:05: 68:16:8f:2a:5c:fc:61:4c:03:c1:d3:07:6e:e7:5d:e0:30:d9: c8:7f:dc:5f:5f:ef:bc:90:39:06:9e:1e:92:6a:4d:fb:b2:d2: e0:24:02:a2:f3:7b:fd:84:22:c3:6c:30:32:14:3f:c5:52:dd: 9a:f5:80:29:4c:af:db:77:45:21:e0:14:aa:03:dd:5d:20:d7: 9f:89:06:76:8d:af:95:50:ef:08:d2:af:43:b7:b5:d5:4f:e9: 6d:31:88:c3 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJOpB6BqWkiso/vA4YIgPgaxDd1YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI5YmY4NmU3OGI4NzRmZTdmODEzMzE1YTdiYzk5ZjI4MWYwZGFiZGNhNjc1 NjgwZjdmOGQ3N2QxOTdiMTk5NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK965pXQaU+S4AuYWO5R87mEnw3YPuJcqSEcY/2moEbtgoE5qYY2nFVxMFRN xcYZW2+T/ME7UalLIbFO9BfvhVfjNQEehbPBRHMVBHTsZ4Xb+bvG5YIbfZzmcJN3 ReVThKdXe/nJH6HGgp4X7tKVg4pPlyzbiFcDf4zz1YiTvwtWfZXh5AfjvDCcr23b CX3VtTPtgZjlO2HDtjnKvW+S8O2REkbzYA04yRG2vXWu5at2u6uMl9XqoXY07CCh NISRxn0/VONvi/16Bq03QCTCsJkbLl+S4fn8mQ/LkwqZUV4dX8aOGChzhWQ4DbPg +cZ/jtP+NFluD20P3yWOQVuhnNsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTX76Rd yrq+44sU1eEvTSAuDTv/ATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g wDANBgkqhkiG9w0BAQsFAAOCAQEAx3ZpV2gduZbgcKLSyGW29d1Vw3tl2tfwgkV9 GcdvX0i74de4+QmQ3/ImbLGqEbCY2MTcFZdkE3BDCRRzwpq7c7s28uBKapgiLfNZ hmb9x9ocP1Gu2egcO3VTdiG8vNiZ0SD6pfzKFz8G92S2K4KO2Av6DssyYKpfPABo +5kMWba0Id420vnxd+W8ebjlqo1Bwn7RRB2b0JNNkdrhkWzhZPwFaBaPKlz8YUwD wdMHbudd4DDZyH/cX1/vvJA5Bp4ekmpN+7LS4CQCovN7/YQiw2wwMhQ/xVLdmvWA KUyv23dFIeAUqgPdXSDXn4kGdo2vlVDvCNKvQ7e11U/pbTGIww== -----END CERTIFICATE-----Generated at Sun Dec 14 00:04:54 2025 by rpki-client