This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json) Hash identifier: H/1gYG5mAWZylBeOdRdgXJUJiuDp+G5HI3KuCxRFFPc= Subject key identifier: FB:A1:EF:53:43:90:D3:C5:C2:3A:C0:65:47:B6:B0:24:19:46:42:62 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 22C4BDC0FC9D14C6C7343D7433DED1573FBCC339 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa Signing time: Wed 10 Dec 2025 06:20:57 +0000 ROA not before: Wed 10 Dec 2025 06:20:57 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:c4:bd:c0:fc:9d:14:c6:c7:34:3d:74:33:de:d1:57:3f:bc:c3:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:57 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=fd1285023da774b9c06290cc9efdabb5c1b414cf5c803c5e76d8a5b14eddd15d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:03:66:49:02:4c:61:1e:09:22:49:ff:bb:56: 21:17:86:92:85:8b:64:0c:2d:37:e0:97:1d:4a:78: 7d:71:c8:0b:3a:c6:9f:b9:cb:2a:89:ec:3d:5f:86: 61:27:37:28:dc:b0:db:6e:ae:72:dc:cb:fb:f7:7f: 09:20:bf:c9:a1:52:76:45:91:0b:09:91:27:aa:62: 36:9e:3e:70:5d:a4:e1:a4:80:08:f4:b1:c0:e1:9b: f1:e6:e5:b3:fd:23:bf:41:78:5c:e3:c2:23:81:66: 7b:b5:6a:42:19:8a:f7:8a:e8:1b:91:1b:df:27:e5: f3:c3:f8:3b:d0:56:ba:3a:e3:05:d1:fc:ee:ac:b3: 21:4a:87:9b:1a:44:78:75:b3:c9:6a:8b:2d:ea:2c: dd:b0:fc:92:e7:9e:f1:d1:83:0f:95:b5:53:39:97: 78:31:5f:28:21:e9:85:27:8f:88:bd:48:32:f3:d6: 41:b0:14:8c:bf:eb:8b:5e:7f:b2:d7:4d:50:90:5c: 38:9f:6a:19:7f:dd:5c:95:46:1b:58:9e:a9:8e:50: 11:ea:66:b9:61:99:2d:d0:d0:f4:28:a5:de:a9:c1: e6:65:0d:25:6a:eb:4e:c2:23:66:7d:86:35:ab:b8: 70:99:cf:4a:c9:25:c1:89:4b:5c:8e:ea:de:a6:3b: 8c:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:A1:EF:53:43:90:D3:C5:C2:3A:C0:65:47:B6:B0:24:19:46:42:62 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:32:63:47:23:76:84:ab:90:60:57:eb:d0:b3:fa:3c:10:06: 83:5a:1d:38:f1:ea:6c:9d:34:12:f1:e4:bb:0b:32:af:27:1c: 88:ff:ce:7b:7d:8d:f8:89:43:72:ed:27:b8:16:b9:a7:34:7f: 8d:50:57:c8:81:51:2f:74:83:45:e0:48:99:c9:30:c2:ef:89: 9a:95:d4:3c:ed:e7:9d:bf:9c:90:85:ba:45:a4:26:58:f9:c6: 05:95:ca:55:e0:7c:2e:ad:40:38:e0:c7:5d:9a:36:3e:55:58: 17:7b:59:0a:ec:94:3f:a0:3a:7e:94:c1:0b:6d:a7:58:3a:83: 84:68:1e:b1:85:25:21:5f:29:bf:52:e7:c6:62:54:2e:a7:27: 8c:cd:f1:dd:74:fd:c0:2b:5a:02:7d:87:a7:64:5a:b0:7b:cd: dd:d0:d2:da:b3:4c:92:55:14:82:0a:e0:42:06:a7:7d:f3:1c: 37:fd:23:0a:63:48:00:eb:07:8b:e8:b4:9d:8d:91:a5:24:ac: 24:f8:1d:90:49:6e:b7:84:b6:f2:73:0d:9a:9d:02:49:f2:f2: 9a:98:fd:9e:d9:4b:86:02:0c:41:54:51:be:51:28:2a:3a:98: 7d:4c:a7:df:b5:e8:1b:c7:5b:8f:ec:3d:d3:6a:9e:dc:5f:4f: b4:5b:85:24 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIsS9wPydFMbHND10M97RVz+8wzkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNTdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGZkMTI4NTAyM2RhNzc0YjljMDYyOTBjYzllZmRhYmI1YzFiNDE0Y2Y1Yzgw M2M1ZTc2ZDhhNWIxNGVkZGQxNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYDZkkCTGEeCSJJ/7tWIReGkoWLZAwtN+CXHUp4fXHICzrGn7nLKonsPV+G YSc3KNyw226uctzL+/d/CSC/yaFSdkWRCwmRJ6piNp4+cF2k4aSACPSxwOGb8ebl s/0jv0F4XOPCI4Fme7VqQhmK94roG5Eb3yfl88P4O9BWujrjBdH87qyzIUqHmxpE eHWzyWqLLeos3bD8kuee8dGDD5W1UzmXeDFfKCHphSePiL1IMvPWQbAUjL/ri15/ stdNUJBcOJ9qGX/dXJVGG1ieqY5QEepmuWGZLdDQ9Cil3qnB5mUNJWrrTsIjZn2G Nau4cJnPSsklwYlLXI7q3qY7jDsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7oe9T Q5DTxcI6wGVHtrAkGUZCYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA MA0GCSqGSIb3DQEBCwUAA4IBAQAeMmNHI3aEq5BgV+vQs/o8EAaDWh048epsnTQS 8eS7CzKvJxyI/857fY34iUNy7Se4FrmnNH+NUFfIgVEvdINF4EiZyTDC74maldQ8 7eedv5yQhbpFpCZY+cYFlcpV4HwurUA44MddmjY+VVgXe1kK7JQ/oDp+lMELbadY OoOEaB6xhSUhXym/UufGYlQupyeMzfHddP3AK1oCfYenZFqwe83d0NLas0ySVRSC CuBCBqd98xw3/SMKY0gA6weL6LSdjZGlJKwk+B2QSW63hLbycw2anQJJ8vKamP2e 2UuGAgxBVFG+USgqOph9TKfftegbx1uP7D3Tap7cX0+0W4Uk -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:29 2026 by rpki-client