This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json) Hash identifier: S19U97oKMfUeddjKiqLF2G7NS5RcH0nVNCfp+PAR0ao= Subject key identifier: 05:CA:96:62:91:BA:C4:58:1D:E0:5B:AF:69:E4:41:50:1D:0A:81:11 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 135A659B97EB199FD0DFD983AF8AAC2F93FC33C6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa Signing time: Wed 10 Dec 2025 05:50:55 +0000 ROA not before: Wed 10 Dec 2025 05:50:55 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07a:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:5a:65:9b:97:eb:19:9f:d0:df:d9:83:af:8a:ac:2f:93:fc:33:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:55 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b7ca6623c1dfe904568dcba8c18c820df50a1295959beac28dd1ceca12459c08, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:6f:2b:27:6f:24:61:7e:1a:cb:c3:9e:e6:f8: 2f:c6:1f:eb:77:7c:be:3b:88:ec:5e:4f:e6:99:e4: 59:d7:36:86:3c:80:8a:b2:06:03:af:05:29:af:6d: d9:c8:21:62:e4:56:e4:74:0c:11:30:ee:22:21:31: 72:37:f9:fe:71:84:a6:08:2a:93:bf:44:b8:f7:34: bc:d1:d5:3f:30:98:a5:a1:a9:b7:bb:65:c3:ee:4d: 23:1b:61:56:3f:8c:91:8a:6b:22:a7:4b:e9:e1:93: fd:52:04:44:80:f8:20:bf:d9:1e:58:42:be:36:8f: 75:45:b4:b3:f0:90:28:fd:cb:93:8c:76:1c:18:5f: be:91:88:15:e0:28:23:e9:94:ab:6a:6d:d3:5c:03: ce:ec:1e:98:d8:da:aa:af:8e:5d:86:b9:09:c2:17: 35:ee:30:3e:39:d5:fa:41:e5:07:88:f9:65:50:37: c4:fc:19:3f:b1:55:f6:ae:93:44:e1:af:ed:fb:a1: 54:c5:e1:df:08:8e:e2:1f:89:0b:ee:a8:16:58:77: 2e:f1:be:d9:79:d5:ae:70:42:58:14:23:5d:e3:0e: c2:e2:3b:1d:79:d1:11:10:40:fc:cb:0e:11:03:13: be:c0:a2:bb:da:49:58:57:5e:6a:ee:73:19:52:58: da:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:CA:96:62:91:BA:C4:58:1D:E0:5B:AF:69:E4:41:50:1D:0A:81:11 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07a:a000::/40 Signature Algorithm: sha256WithRSAEncryption 74:20:05:59:27:87:4e:5f:0b:2f:07:be:e4:4b:3c:12:a2:f5: e5:98:8e:76:54:6e:d3:8e:b1:4e:4c:ae:56:9a:e0:74:f4:f8: 4b:dc:9c:f0:49:bb:84:0c:a8:79:78:d9:39:0b:3e:f7:90:23: a4:bd:79:f3:07:8d:dd:0d:47:38:79:7e:46:e1:f1:17:d1:4e: 98:56:50:21:27:7f:9a:92:d9:68:5f:03:f1:00:af:b2:90:57: d7:b0:9b:57:66:46:2f:c1:94:ef:be:be:2a:7e:5c:4e:ca:fd: c9:c3:a9:72:14:5f:49:20:f4:09:9a:6c:28:00:6b:3f:e7:c0: aa:77:a6:08:43:f3:d7:d1:52:af:d8:04:a9:a9:1a:6b:cf:9a: e5:30:b1:f0:ab:99:48:82:f7:2f:63:5b:4b:69:6b:5f:30:7b: ca:cd:69:50:da:c4:64:4a:52:42:97:73:51:1b:b3:66:80:a9: b9:12:e5:83:af:fa:d2:f6:44:7d:8d:09:a2:67:5c:66:cd:43: 5c:f3:66:eb:da:4b:6c:46:aa:c6:92:bb:94:8e:1f:9b:68:ac: 2e:cd:f0:33:ca:3a:75:87:c5:64:b4:e9:d7:45:a2:5a:a6:db: eb:48:80:61:d2:da:13:84:5e:b9:17:b3:10:43:c9:5b:ea:db: 44:24:15:aa -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUE1plm5frGZ/Q39mDr4qsL5P8M8YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNTVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGI3Y2E2NjIzYzFkZmU5MDQ1NjhkY2JhOGMxOGM4MjBkZjUwYTEyOTU5NTli ZWFjMjhkZDFjZWNhMTI0NTljMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN5vKydvJGF+GsvDnub4L8Yf63d8vjuI7F5P5pnkWdc2hjyAirIGA68FKa9t 2cghYuRW5HQMETDuIiExcjf5/nGEpggqk79EuPc0vNHVPzCYpaGpt7tlw+5NIxth Vj+MkYprIqdL6eGT/VIERID4IL/ZHlhCvjaPdUW0s/CQKP3Lk4x2HBhfvpGIFeAo I+mUq2pt01wDzuwemNjaqq+OXYa5CcIXNe4wPjnV+kHlB4j5ZVA3xPwZP7FV9q6T ROGv7fuhVMXh3wiO4h+JC+6oFlh3LvG+2XnVrnBCWBQjXeMOwuI7HXnRERBA/MsO EQMTvsCiu9pJWFdeau5zGVJY2jUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFypZi kbrEWB3gW69p5EFQHQqBETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg MA0GCSqGSIb3DQEBCwUAA4IBAQB0IAVZJ4dOXwsvB77kSzwSovXlmI52VG7TjrFO TK5WmuB09PhL3JzwSbuEDKh5eNk5Cz73kCOkvXnzB43dDUc4eX5G4fEX0U6YVlAh J3+aktloXwPxAK+ykFfXsJtXZkYvwZTvvr4qflxOyv3Jw6lyFF9JIPQJmmwoAGs/ 58Cqd6YIQ/PX0VKv2ASpqRprz5rlMLHwq5lIgvcvY1tLaWtfMHvKzWlQ2sRkSlJC l3NRG7NmgKm5EuWDr/rS9kR9jQmiZ1xmzUNc82br2ktsRqrGkruUjh+baKwuzfAz yjp1h8VktOnXRaJaptvrSIBh0toThF65F7MQQ8lb6ttEJBWq -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:39 2026 by rpki-client