This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa File: 4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa (raw, json) Hash identifier: uUwSJWX/3a9DlPc/8lA8woVQXxKOZ0o99x7RbW21EyA= Subject key identifier: 17:BC:5F:90:F4:F4:59:C8:FF:BE:C1:C5:BF:A7:3D:03:66:D1:92:6C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7A997DA4125EC76A5CB99A305E54188C3A19133E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa Signing time: Wed 10 Dec 2025 06:20:12 +0000 ROA not before: Wed 10 Dec 2025 06:20:12 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:99:7d:a4:12:5e:c7:6a:5c:b9:9a:30:5e:54:18:8c:3a:19:13:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:12 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=62b0c2df70357e2e47e122f4b9ea683b5b3813eedb0886bf41ee312bfcba3357, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f2:cc:4a:f2:9a:c3:1a:36:66:e2:c8:b3:c9: 84:6c:73:ac:8e:7f:be:37:2d:77:7a:9e:34:19:4b: 57:76:97:14:95:a2:df:37:e9:a2:22:4f:13:0e:81: 10:65:a9:db:03:6e:f8:b2:8d:e2:ed:3f:a5:79:cc: 25:e2:74:f4:ca:4a:a4:39:19:0d:10:d0:76:cc:cd: 01:40:c0:1f:30:1a:1f:ef:95:31:46:e4:a9:b3:0e: 3c:3c:14:21:1b:b9:b2:89:13:1c:4b:f0:82:fe:eb: 2d:9a:ae:0a:72:02:ca:c4:72:88:17:bd:b5:2c:2f: 3a:d0:e6:18:ec:de:12:0d:31:38:64:36:bc:dc:d5: be:2e:64:f4:36:22:0c:f3:ff:0b:23:32:28:e1:31: 19:66:40:f3:0c:6f:53:18:fe:80:f6:1c:65:88:4e: 5a:9a:cc:83:62:7e:f1:ca:9c:47:be:86:b5:06:17: 39:7f:75:c6:b4:cc:b3:77:a7:de:83:f3:1c:3a:6a: e4:53:99:56:34:e9:cc:8b:2a:63:9d:95:71:c8:6b: ef:47:28:6d:c9:e1:22:10:9d:52:f3:c1:10:fe:e9: 81:fe:1d:33:00:bf:4c:4c:de:21:3d:ba:7b:98:cf: b7:37:84:5a:96:12:1d:40:da:c7:17:e4:71:de:c8: 4a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:BC:5F:90:F4:F4:59:C8:FF:BE:C1:C5:BF:A7:3D:03:66:D1:92:6C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014:400::/38 Signature Algorithm: sha256WithRSAEncryption 94:36:39:35:ae:77:13:b9:ad:8e:80:0a:28:6f:ff:10:a2:28: 1e:36:f0:b8:0f:3b:d7:46:a1:61:9b:6a:fd:af:4e:63:c0:97: a1:a9:10:55:7e:c1:c1:c3:72:fa:e1:dc:9f:26:4d:7b:8a:f3: 7d:0e:69:86:a1:ef:4b:a0:17:b6:d1:42:a0:cd:50:04:ae:c0: 4b:59:d5:cc:b5:99:bd:2e:a1:ea:af:43:b3:b3:a0:20:f5:0a: 8c:6e:69:00:da:c6:12:6d:52:7f:c7:52:45:17:48:1c:b5:dd: 36:69:40:86:45:8d:07:bd:91:00:99:4e:f9:4e:12:25:bb:c1: e4:05:e0:6f:4e:08:b9:f1:c7:ca:1b:2a:f6:a7:a1:2c:7f:4b: ff:37:79:30:e5:62:b6:5b:19:4f:e8:00:32:25:be:f4:22:a3: 9b:10:56:b2:06:e7:92:12:95:e0:d2:71:34:20:96:27:65:96: 43:59:6e:ce:eb:7b:2e:48:b0:6e:9c:a9:b1:a8:1e:5d:db:7f: b7:cd:98:f6:71:e0:c2:05:47:11:e8:ff:5e:49:be:0d:35:14: f2:a8:99:54:37:c4:12:50:82:63:15:f3:84:9d:3c:d3:79:e4: 7f:4c:2f:91:5e:ef:ff:bf:76:ba:7f:df:77:65:d3:dc:10:60: 13:d7:e6:4d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUepl9pBJex2pcuZowXlQYjDoZEz4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwMTJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDYyYjBjMmRmNzAzNTdlMmU0N2UxMjJmNGI5ZWE2ODNiNWIzODEzZWVkYjA4 ODZiZjQxZWUzMTJiZmNiYTMzNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/yzErymsMaNmbiyLPJhGxzrI5/vjctd3qeNBlLV3aXFJWi3zfpoiJPEw6B EGWp2wNu+LKN4u0/pXnMJeJ09MpKpDkZDRDQdszNAUDAHzAaH++VMUbkqbMOPDwU IRu5sokTHEvwgv7rLZquCnICysRyiBe9tSwvOtDmGOzeEg0xOGQ2vNzVvi5k9DYi DPP/CyMyKOExGWZA8wxvUxj+gPYcZYhOWprMg2J+8cqcR76GtQYXOX91xrTMs3en 3oPzHDpq5FOZVjTpzIsqY52Vcchr70cobcnhIhCdUvPBEP7pgf4dMwC/TEzeIT26 e5jPtzeEWpYSHUDaxxfkcd7ISqkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXvF+Q 9PRZyP++wcW/pz0DZtGSbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGEwNzc2OTktNDhjYi00MmExLTlmMWItMWU3YzlhM2FlODA4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQE MA0GCSqGSIb3DQEBCwUAA4IBAQCUNjk1rncTua2OgAoob/8QoigeNvC4DzvXRqFh m2r9r05jwJehqRBVfsHBw3L64dyfJk17ivN9DmmGoe9LoBe20UKgzVAErsBLWdXM tZm9LqHqr0Ozs6Ag9QqMbmkA2sYSbVJ/x1JFF0gctd02aUCGRY0HvZEAmU75ThIl u8HkBeBvTgi58cfKGyr2p6Esf0v/N3kw5WK2WxlP6AAyJb70IqObEFayBueSEpXg 0nE0IJYnZZZDWW7O63suSLBunKmxqB5d23+3zZj2ceDCBUcR6P9eSb4NNRTyqJlU N8QSUIJjFfOEnTzTeeR/TC+RXu//v3a6f993ZdPcEGAT1+ZN -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:27 2026 by rpki-client