This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json) Hash identifier: MMDPA31ZIqBNmu+s5ConzakWhLU3WC+xUjuQ0JH8CBA= Subject key identifier: 4C:56:84:DF:53:EA:40:A3:19:26:6C:9B:84:F3:D1:98:6D:40:86:3E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 24AE609AE78D48D59AA3521C1FEB3367696276C6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa Signing time: Wed 10 Dec 2025 05:20:53 +0000 ROA not before: Wed 10 Dec 2025 05:20:53 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:ae:60:9a:e7:8d:48:d5:9a:a3:52:1c:1f:eb:33:67:69:62:76:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:53 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2b2bef02027aa7f5f107545a74dcc089e45122c6f005862f4a3fa7604ee5ef84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:a4:69:6b:00:ae:0b:a5:d5:27:ea:bb:f2:98: c4:28:f8:37:9e:ff:60:c7:41:78:1e:62:5a:2b:51: 6a:30:bd:ab:19:e3:b7:78:a3:d5:47:9c:95:5f:5f: 31:6d:9f:11:84:44:c7:7a:f3:74:56:d2:69:91:84: 84:86:04:f5:b7:d0:43:6b:df:aa:0a:19:dd:0e:13: 11:63:40:c0:96:75:0f:d9:15:44:60:0a:ee:8b:db: ec:11:2c:01:11:5b:f3:9f:02:87:38:43:17:c8:c8: 18:6b:47:2d:a5:ad:8d:6e:0c:59:79:9c:2c:27:c0: 8f:c8:6b:93:89:ca:3d:bb:5a:c9:f7:df:f3:1d:1b: 68:9f:1c:c8:81:6f:a2:73:08:c7:9c:4c:a2:1b:c6: a7:87:ea:68:ff:5a:ad:2a:b0:fa:e2:ac:7f:2d:8b: 51:ac:12:30:7b:a6:18:5e:5f:ac:71:92:3c:4e:bf: 6d:8a:ef:6b:7a:65:b3:13:06:d3:dd:53:87:3b:e3: 5c:dc:2d:f1:1d:07:41:a4:56:31:25:de:c2:63:a6: 4a:0d:fd:e0:dc:7f:1c:4c:ec:03:ca:dc:0e:7d:8f: a8:5b:43:9f:39:cf:fa:8e:0e:16:37:45:72:63:72: 02:e4:1c:a1:a6:e4:fe:0f:26:e9:d5:3d:b2:dc:7b: 28:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:56:84:DF:53:EA:40:A3:19:26:6C:9B:84:F3:D1:98:6D:40:86:3E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:1040::/48 Signature Algorithm: sha256WithRSAEncryption 58:84:53:b0:82:c7:8a:28:01:1a:7c:a7:d4:0b:f3:fc:e9:b1: 16:32:2a:11:7b:85:f1:49:41:a8:4a:1f:b5:ec:bf:20:f7:68: 80:1e:b9:a3:01:3a:34:52:c7:6f:1e:e0:18:3d:a3:15:a3:13: db:84:c2:5e:1c:3f:60:fe:64:e0:30:bb:ff:be:25:4b:50:5f: ee:de:ca:0a:06:0c:09:8d:be:ca:80:67:ad:06:2c:5c:6c:0d: 4c:a1:cb:7d:8f:6b:02:54:15:b7:ad:94:35:29:f3:35:1f:b1: da:99:13:64:5b:3a:79:f3:f1:51:94:12:f2:a9:7c:35:3f:b2: 2f:4f:72:86:4a:52:c6:83:e3:41:9f:c7:b9:6b:18:4f:df:bc: 67:20:4b:f2:b2:65:b9:fc:b8:db:28:65:e9:46:e4:9f:ed:cc: f8:a2:02:58:7a:f0:f2:76:af:a7:af:0c:c2:3d:74:06:54:2d: 3d:30:8b:c1:54:70:df:42:2a:aa:ee:c3:b4:86:92:dd:97:02: d5:6c:41:69:78:e3:d9:4a:00:ec:86:de:04:c3:46:0e:3c:75: 52:3f:56:96:d2:4c:cb:31:9c:cc:73:61:84:66:4e:e5:49:58: 65:7e:36:63:7e:94:94:3b:ac:08:1d:ee:21:4b:c8:a7:ed:76: 11:d2:43:58 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJK5gmueNSNWao1IcH+szZ2lidsYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwNTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJiMmJlZjAyMDI3YWE3ZjVmMTA3NTQ1YTc0ZGNjMDg5ZTQ1MTIyYzZmMDA1 ODYyZjRhM2ZhNzYwNGVlNWVmODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAImkaWsArgul1Sfqu/KYxCj4N57/YMdBeB5iWitRajC9qxnjt3ij1UeclV9f MW2fEYREx3rzdFbSaZGEhIYE9bfQQ2vfqgoZ3Q4TEWNAwJZ1D9kVRGAK7ovb7BEs ARFb858ChzhDF8jIGGtHLaWtjW4MWXmcLCfAj8hrk4nKPbtayfff8x0baJ8cyIFv onMIx5xMohvGp4fqaP9arSqw+uKsfy2LUawSMHumGF5frHGSPE6/bYrva3plsxMG 091ThzvjXNwt8R0HQaRWMSXewmOmSg394Nx/HEzsA8rcDn2PqFtDnznP+o4OFjdF cmNyAuQcoabk/g8m6dU9stx7KC8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMVoTf U+pAoxkmbJuE89GYbUCGPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q QDANBgkqhkiG9w0BAQsFAAOCAQEAWIRTsILHiigBGnyn1Avz/OmxFjIqEXuF8UlB qEoftey/IPdogB65owE6NFLHbx7gGD2jFaMT24TCXhw/YP5k4DC7/74lS1Bf7t7K CgYMCY2+yoBnrQYsXGwNTKHLfY9rAlQVt62UNSnzNR+x2pkTZFs6efPxUZQS8ql8 NT+yL09yhkpSxoPjQZ/HuWsYT9+8ZyBL8rJlufy42yhl6Ubkn+3M+KICWHrw8nav p68Mwj10BlQtPTCLwVRw30Iqqu7DtIaS3ZcC1WxBaXjj2UoA7IbeBMNGDjx1Uj9W ltJMyzGczHNhhGZO5UlYZX42Y36UlDusCB3uIUvIp+12EdJDWA== -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:34 2026 by rpki-client