This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa File: 48b510e0-0d59-48d3-96c5-ddb87c118e43.roa (raw, json) Hash identifier: yqE8DF07n5OGDYiMh0NU5OifbZf7sUhYZFfngHR5mDg= Subject key identifier: 6F:FA:8F:11:47:EF:5E:7F:FC:D8:4C:F4:80:CA:67:25:93:65:A4:91 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3EB52CA6EBE50A22DAD675981DE5A1E9D5FB6989 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa Signing time: Wed 10 Dec 2025 05:31:02 +0000 ROA not before: Wed 10 Dec 2025 05:31:02 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:b5:2c:a6:eb:e5:0a:22:da:d6:75:98:1d:e5:a1:e9:d5:fb:69:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:02 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2d7219b10538da13d7950d5bbed3a6cbd204d72b7b9b8809396e45595d353c0d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:38:a5:ee:b7:ad:de:02:f6:dd:3c:4c:7f:f6: 87:8c:68:4d:6b:29:fd:2e:b6:fd:7b:67:e6:7e:62: ee:ef:d3:94:0d:71:ca:4b:89:c6:0f:e1:95:27:06: 9d:cd:71:df:4a:2a:d5:7f:e5:58:aa:b3:af:ff:20: a2:fd:e2:03:d0:af:46:a6:48:f1:27:24:e3:af:cf: ad:90:51:29:01:5f:f4:0d:e4:7a:47:20:52:83:8e: 3f:f6:1f:05:b5:be:49:24:83:11:0d:79:0c:67:18: 51:e1:20:19:18:0a:66:c4:b4:1a:17:40:7e:c3:d6: 66:72:f1:b7:40:0a:35:38:cd:1d:a0:92:73:59:2d: e2:51:af:7c:8f:80:bf:2c:c5:1c:23:a8:ab:64:9e: 6f:34:3f:4d:fa:f6:d0:6f:8f:9d:f7:09:95:82:ad: a5:bd:71:63:b1:af:e6:eb:80:e1:4c:57:5b:4c:31: 6f:73:6b:e1:df:89:eb:30:4f:3e:96:aa:1a:c6:cc: 27:f2:43:d5:be:6b:3f:41:57:19:94:b4:3f:11:9c: 69:09:8b:31:70:04:a0:32:a5:37:7f:e1:50:1a:d6: 94:4a:36:db:4f:9d:7a:86:d6:36:58:32:ef:5a:57: e3:d6:9d:b4:cd:51:7e:60:3e:92:10:64:78:fc:11: db:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:FA:8F:11:47:EF:5E:7F:FC:D8:4C:F4:80:CA:67:25:93:65:A4:91 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:4020::/48 Signature Algorithm: sha256WithRSAEncryption 82:87:f6:9f:91:b6:5f:5a:0d:4d:d6:69:95:de:0c:3f:4f:7d: f9:ef:2d:1a:33:26:52:fb:5a:ba:b4:e4:97:9d:77:74:1f:f4: fc:12:bf:e2:de:c6:d2:d9:63:1f:75:97:87:7e:b6:52:6e:e5: 18:d4:95:02:8a:8d:7d:3c:09:ec:fe:07:9e:b3:b3:f0:b8:8f: 05:4e:d1:24:44:ce:12:d0:bb:e2:6e:75:c0:9a:df:3d:66:3f: 52:33:4b:aa:46:60:1c:2f:89:b7:14:df:a4:07:f8:17:9a:5a: 76:ff:65:99:69:af:67:bc:32:c3:a7:ee:26:a3:fb:d3:28:85: e2:cd:d9:27:84:21:9b:eb:9e:61:25:2c:cc:5c:c7:50:a4:7a: 7a:da:48:c5:ca:20:bb:4e:17:88:a8:a1:dc:c7:fa:80:65:f7: 67:2a:00:18:a7:96:9a:ff:ad:18:a2:22:ef:2f:3f:49:d0:24: f5:db:2c:bd:fb:2a:d7:d6:0b:b8:20:05:f3:61:bd:9d:82:cc: 1e:dd:11:73:dc:90:1b:62:cb:b3:13:f4:8c:a3:ff:98:22:70: e1:a9:4d:98:1e:07:87:88:7c:4a:a3:de:77:44:0b:52:c2:e8: 1c:52:e2:33:7f:91:20:e3:33:72:f1:06:e1:44:e7:aa:ad:26: 0d:8b:fd:09 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUPrUspuvlCiLa1nWYHeWh6dX7aYkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJkNzIxOWIxMDUzOGRhMTNkNzk1MGQ1YmJlZDNhNmNiZDIwNGQ3MmI3Yjli ODgwOTM5NmU0NTU5NWQzNTNjMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKA4pe63rd4C9t08TH/2h4xoTWsp/S62/Xtn5n5i7u/TlA1xykuJxg/hlScG nc1x30oq1X/lWKqzr/8gov3iA9CvRqZI8Sck46/PrZBRKQFf9A3kekcgUoOOP/Yf BbW+SSSDEQ15DGcYUeEgGRgKZsS0GhdAfsPWZnLxt0AKNTjNHaCSc1kt4lGvfI+A vyzFHCOoq2SebzQ/Tfr20G+PnfcJlYKtpb1xY7Gv5uuA4UxXW0wxb3Nr4d+J6zBP PpaqGsbMJ/JD1b5rP0FXGZS0PxGcaQmLMXAEoDKlN3/hUBrWlEo220+deobWNlgy 71pX49adtM1RfmA+khBkePwR24UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRv+o8R R+9ef/zYTPSAymclk2WkkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDhiNTEwZTAtMGQ1OS00OGQzLTk2YzUtZGRiODdjMTE4ZTQzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA IDANBgkqhkiG9w0BAQsFAAOCAQEAgof2n5G2X1oNTdZpld4MP099+e8tGjMmUvta urTkl513dB/0/BK/4t7G0tljH3WXh362Um7lGNSVAoqNfTwJ7P4HnrOz8LiPBU7R JETOEtC74m51wJrfPWY/UjNLqkZgHC+JtxTfpAf4F5padv9lmWmvZ7wyw6fuJqP7 0yiF4s3ZJ4Qhm+ueYSUszFzHUKR6etpIxcogu04XiKih3Mf6gGX3ZyoAGKeWmv+t GKIi7y8/SdAk9dssvfsq19YLuCAF82G9nYLMHt0Rc9yQG2LLsxP0jKP/mCJw4alN mB4Hh4h8SqPed0QLUsLoHFLiM3+RIOMzcvEG4UTnqq0mDYv9CQ== -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:33 2026 by rpki-client