This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa File: 3f8d2f8f-3d48-47ce-8524-66406f0de004.roa (raw, json) Hash identifier: C1V3qveicGHC0C/J0nd+vcEmnATOZ3JhNUcgwRmrVk0= Subject key identifier: 3E:5C:63:57:0E:75:22:05:C4:CF:1B:EF:4A:B8:A4:87:0F:E8:04:E1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 236A94BB26AE0122730C9EDF919B4BC0520D3B22 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa Signing time: Wed 10 Dec 2025 06:00:41 +0000 ROA not before: Wed 10 Dec 2025 06:00:41 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:6a:94:bb:26:ae:01:22:73:0c:9e:df:91:9b:4b:c0:52:0d:3b:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:41 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2b26f36353a31d8ddd1ff3cc2a95886459c1ac712e056be804197143cec08372, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:0b:6a:cb:fd:67:5c:3d:08:87:76:0a:cb:96: d8:19:33:70:16:b3:88:c9:36:ac:19:63:27:d4:31: 0e:57:56:88:6d:ee:21:31:90:52:14:0d:19:68:f1: 66:fc:65:d8:e9:6c:4e:3c:a7:8c:1a:2f:fe:1f:64: 7e:e6:62:bf:dc:0c:ac:59:e1:b3:9f:f3:d5:1e:59: 71:a0:15:f4:c3:0e:13:9b:49:52:96:a7:47:e3:0d: 49:1b:8a:42:fd:a6:78:05:f4:ed:e7:e0:af:94:07: 64:23:a7:19:c0:40:b1:12:e5:fc:ba:e7:bf:4f:e5: c1:af:ab:2b:1e:a8:38:60:4f:bb:2c:47:e6:3d:62: 4e:0d:3e:c1:12:3b:03:eb:8c:4e:d8:f8:db:14:ad: bc:c0:f1:10:83:52:01:7f:57:37:de:2f:bd:9a:10: 0f:c4:ab:c7:0e:c2:58:18:55:f2:22:7b:27:05:36: 39:a8:ae:67:bb:89:37:1c:a4:ef:9f:df:13:73:2f: b8:bf:ce:e8:5f:97:e4:ba:70:cc:8a:97:dc:d3:70: ed:b8:08:36:ea:21:29:6e:73:2e:d2:d4:87:c2:61: 80:d7:b9:4c:57:ee:de:da:03:e8:9a:98:5a:78:c9: a4:8c:27:53:f5:ed:25:03:14:9f:8c:82:1b:f4:3c: cb:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:5C:63:57:0E:75:22:05:C4:CF:1B:EF:4A:B8:A4:87:0F:E8:04:E1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f8d2f8f-3d48-47ce-8524-66406f0de004.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:b000::/40 Signature Algorithm: sha256WithRSAEncryption 2e:a1:20:c1:c8:bf:51:80:4d:26:3b:ce:c5:17:d7:97:85:73: 69:4b:02:80:74:c1:36:3b:97:9f:32:de:f8:4b:75:42:f2:31: f6:45:05:60:4b:e5:59:82:2a:cd:e7:79:f4:33:31:4e:65:90: de:b5:eb:b8:a1:40:1c:c7:43:96:7a:7d:69:22:d3:ca:2a:af: 75:7a:fe:46:4f:a3:ae:5a:48:a3:2e:06:e1:0e:75:31:79:e6: 70:b5:10:b0:19:d4:bf:a4:ec:77:89:9e:91:e2:b2:0d:dc:e3: 11:0c:d0:60:9a:15:67:b5:ab:b0:58:9d:ec:73:82:58:d7:48: e9:de:ef:a3:e5:61:ca:b4:34:74:e3:58:66:64:82:12:a6:5d: 31:27:44:7e:16:bc:06:82:fe:b5:62:e5:11:7a:ce:97:6f:f6: 20:5c:0e:4e:38:d0:71:f8:98:a2:f1:e4:0c:57:e5:bc:2f:4c: 05:89:44:cd:4f:4f:68:3a:fe:65:e1:d6:3e:d5:7e:54:6f:bf: 13:15:60:8d:fb:54:aa:91:03:25:ca:28:fa:fc:eb:5c:e5:72: 3c:4c:27:35:fe:da:a5:b9:0a:2a:28:aa:3c:b9:25:1f:0b:e6: 04:16:73:f0:f2:72:aa:8f:8e:61:ab:1f:a6:f1:8c:de:4f:44: 68:7a:7c:d9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUI2qUuyauASJzDJ7fkZtLwFINOyIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwNDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJiMjZmMzYzNTNhMzFkOGRkZDFmZjNjYzJhOTU4ODY0NTljMWFjNzEyZTA1 NmJlODA0MTk3MTQzY2VjMDgzNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOQLasv9Z1w9CId2CsuW2BkzcBaziMk2rBljJ9QxDldWiG3uITGQUhQNGWjx Zvxl2OlsTjynjBov/h9kfuZiv9wMrFnhs5/z1R5ZcaAV9MMOE5tJUpanR+MNSRuK Qv2meAX07efgr5QHZCOnGcBAsRLl/Lrnv0/lwa+rKx6oOGBPuyxH5j1iTg0+wRI7 A+uMTtj42xStvMDxEINSAX9XN94vvZoQD8Srxw7CWBhV8iJ7JwU2OaiuZ7uJNxyk 75/fE3MvuL/O6F+X5LpwzIqX3NNw7bgINuohKW5zLtLUh8JhgNe5TFfu3toD6JqY WnjJpIwnU/XtJQMUn4yCG/Q8yyUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+XGNX DnUiBcTPG+9KuKSHD+gE4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2Y4ZDJmOGYtM2Q0OC00N2NlLTg1MjQtNjY0MDZmMGRlMDA0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSw MA0GCSqGSIb3DQEBCwUAA4IBAQAuoSDByL9RgE0mO87FF9eXhXNpSwKAdME2O5ef Mt74S3VC8jH2RQVgS+VZgirN53n0MzFOZZDeteu4oUAcx0OWen1pItPKKq91ev5G T6OuWkijLgbhDnUxeeZwtRCwGdS/pOx3iZ6R4rIN3OMRDNBgmhVntauwWJ3sc4JY 10jp3u+j5WHKtDR041hmZIISpl0xJ0R+FrwGgv61YuURes6Xb/YgXA5OONBx+Jii 8eQMV+W8L0wFiUTNT09oOv5l4dY+1X5Ub78TFWCN+1SqkQMlyij6/Otc5XI8TCc1 /tqluQoqKKo8uSUfC+YEFnPw8nKqj45hqx+m8YzeT0RoenzZ -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:51 2026 by rpki-client