This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json) Hash identifier: PGfIsX9uhlRRWRZ0zcKESYyNT/YdNlxScTkGYGES/OU= Subject key identifier: EB:DB:76:EE:A0:A3:2D:F8:F1:45:9A:0B:1B:C6:35:3D:78:A8:78:F8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3A972E7C6DDCBB033348E1086322AA2FAD981965 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa Signing time: Wed 10 Dec 2025 06:10:43 +0000 ROA not before: Wed 10 Dec 2025 06:10:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:97:2e:7c:6d:dc:bb:03:33:48:e1:08:63:22:aa:2f:ad:98:19:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=5c89b52fad61c90cae8af8647bb5c51df9226dbe812661c8283e8d02f4efbeff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:02:c6:0a:21:be:76:b4:4f:9b:66:96:84:34: 0b:40:86:59:5b:99:7e:e9:ab:61:a2:af:3f:d3:c6: c7:94:1e:6a:d2:d0:91:bb:a9:91:60:a9:25:cd:38: 72:60:c3:8c:06:54:57:9c:a1:cf:ed:44:7f:1c:d0: e6:6b:e7:e3:b5:be:88:69:1d:53:cc:4f:c0:d6:ac: 8a:ee:1a:a5:f0:d6:88:00:50:63:af:aa:bf:94:bb: bd:cf:10:a3:6f:17:7d:a1:d7:a5:06:3a:d2:96:cd: bb:cb:15:af:61:b7:72:55:39:14:4c:5a:2d:55:72: c6:34:fa:f4:7d:19:ff:2f:58:bf:aa:19:df:bc:ef: 7d:65:d8:51:68:10:b2:fc:23:05:84:91:3b:22:2f: 64:f1:cc:86:42:29:cc:4b:cf:fa:cc:3f:49:02:9c: 86:d9:76:42:0e:17:15:da:96:fc:5f:fe:0a:87:53: c1:5f:f5:fe:de:ee:57:25:25:11:fa:63:c0:cb:69: ae:3a:31:fb:70:a0:c0:c4:6c:c1:76:74:f5:e6:1f: 93:aa:f1:f3:64:64:f0:6e:63:1b:07:a9:57:38:54: 6c:30:19:02:04:ab:40:ab:89:27:b8:7d:b8:66:d4: 31:50:23:fc:ec:04:87:1b:5f:79:cc:ac:33:fa:06: ca:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:DB:76:EE:A0:A3:2D:F8:F1:45:9A:0B:1B:C6:35:3D:78:A8:78:F8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:4000::/40 Signature Algorithm: sha256WithRSAEncryption c1:02:a2:a5:be:b6:3d:8f:a7:05:ec:2f:14:88:4b:e0:c8:68: 4d:3c:72:21:51:d0:d8:7f:3d:71:8d:9a:1c:83:b5:63:fd:6d: 07:49:4e:c2:9f:12:a7:db:1b:a5:5c:c4:12:45:54:66:cd:4b: dc:3c:91:68:a3:b2:b5:d7:86:bf:f8:34:bc:ee:80:a4:bc:9a: 84:0c:8f:ca:4f:7e:32:28:26:a1:fb:a4:2b:be:0d:56:38:e1: a1:91:7b:4f:44:76:ef:16:22:ec:03:32:52:f5:ef:1c:fc:8e: fc:3e:7b:fd:0d:f8:94:d0:56:8b:70:9a:ee:4a:d6:d3:3f:3c: 2f:30:62:48:ad:27:12:15:40:24:a9:7e:07:00:3f:c8:75:c3: b7:20:39:08:84:86:59:7c:38:97:97:7b:cb:56:39:d1:55:d8: 37:69:93:c8:19:a6:72:13:e5:e5:0a:4d:da:67:28:8b:e0:45: c8:36:27:0e:d3:6a:d1:df:eb:9f:55:b8:73:7f:1c:d1:4d:23: 98:d1:35:78:ef:d9:82:31:a5:5e:15:e8:44:42:e1:b4:0d:42: 96:92:9d:31:1e:3f:41:ee:be:3f:34:38:b5:0d:fc:64:6d:8e: 63:a1:e2:94:24:7e:3d:ec:d0:84:6d:f9:95:0b:2c:eb:1f:a4: e8:54:03:35 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOpcufG3cuwMzSOEIYyKqL62YGWUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDVjODliNTJmYWQ2MWM5MGNhZThhZjg2NDdiYjVjNTFkZjkyMjZkYmU4MTI2 NjFjODI4M2U4ZDAyZjRlZmJlZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKICxgohvna0T5tmloQ0C0CGWVuZfumrYaKvP9PGx5QeatLQkbupkWCpJc04 cmDDjAZUV5yhz+1EfxzQ5mvn47W+iGkdU8xPwNasiu4apfDWiABQY6+qv5S7vc8Q o28XfaHXpQY60pbNu8sVr2G3clU5FExaLVVyxjT69H0Z/y9Yv6oZ37zvfWXYUWgQ svwjBYSROyIvZPHMhkIpzEvP+sw/SQKchtl2Qg4XFdqW/F/+CodTwV/1/t7uVyUl EfpjwMtprjox+3CgwMRswXZ09eYfk6rx82Rk8G5jGwepVzhUbDAZAgSrQKuJJ7h9 uGbUMVAj/OwEhxtfecysM/oGym8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr23bu oKMt+PFFmgsbxjU9eKh4+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A MA0GCSqGSIb3DQEBCwUAA4IBAQDBAqKlvrY9j6cF7C8UiEvgyGhNPHIhUdDYfz1x jZocg7Vj/W0HSU7CnxKn2xulXMQSRVRmzUvcPJFoo7K114a/+DS87oCkvJqEDI/K T34yKCah+6Qrvg1WOOGhkXtPRHbvFiLsAzJS9e8c/I78Pnv9DfiU0FaLcJruStbT PzwvMGJIrScSFUAkqX4HAD/IdcO3IDkIhIZZfDiXl3vLVjnRVdg3aZPIGaZyE+Xl Ck3aZyiL4EXINicO02rR3+ufVbhzfxzRTSOY0TV479mCMaVeFehEQuG0DUKWkp0x Hj9B7r4/NDi1DfxkbY5joeKUJH497NCEbfmVCyzrH6ToVAM1 -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:35 2026 by rpki-client