This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json) Hash identifier: +2BfJuPsrJXRrvURjHyKZnvpD/+0v6+eUBJfpFii5J4= Subject key identifier: 8A:5D:A8:3B:74:C6:57:49:5D:38:AE:25:2A:80:C9:FE:2B:1C:17:94 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3C90F836385B4E4F6022D5C5F67F990340114BE8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa Signing time: Wed 10 Dec 2025 05:41:06 +0000 ROA not before: Wed 10 Dec 2025 05:41:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:90:f8:36:38:5b:4e:4f:60:22:d5:c5:f6:7f:99:03:40:11:4b:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f514a9d83a004ad1f3383ef6d8b755d57408931165dd38e97036d2921dead453, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f8:93:8d:68:37:b8:a6:10:6a:ba:2d:2d:bc: 38:28:dd:88:00:da:18:ee:4f:61:a3:bf:ce:b5:ec: 10:d2:79:c9:0c:3c:a4:88:59:53:ce:db:74:39:1b: f1:33:d7:16:b6:d7:dd:79:ba:42:88:cf:5d:5c:24: f5:41:de:25:99:10:07:73:17:a7:7e:f5:f8:6c:48: cc:c0:f6:f2:d4:85:63:b0:3f:b9:35:3d:0e:97:4d: 77:8f:c3:e1:fc:9a:35:48:ce:81:78:40:d4:85:fa: fb:c0:b3:ed:4a:8d:23:ff:5d:b5:86:72:5a:85:51: d5:1c:bb:ac:ad:77:a7:f7:46:70:93:37:e4:8b:03: 75:1f:a4:ce:64:cb:56:9b:93:c6:a9:50:8c:0d:90: 57:d4:2d:16:9c:08:b8:30:c3:22:e7:99:35:ce:e0: e8:a4:b1:22:cf:ce:b6:cc:1e:e8:ab:9e:b4:92:d6: a3:43:1a:42:93:00:eb:95:3e:7a:a6:16:20:56:97: de:a4:da:62:7a:05:53:c6:99:12:92:18:80:d8:ad: 65:f6:f4:c7:99:67:0a:56:81:19:45:9d:fb:32:c7: 97:c7:e2:65:49:b9:1f:a6:52:1f:d3:38:92:58:6d: 5e:1e:8a:3f:02:2a:95:63:38:6a:b3:0a:b4:d4:9c: 28:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:5D:A8:3B:74:C6:57:49:5D:38:AE:25:2A:80:C9:FE:2B:1C:17:94 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:8000::/40 Signature Algorithm: sha256WithRSAEncryption a6:b9:bf:48:df:31:35:c8:32:2f:8c:fd:4d:a1:2f:4a:a9:be: e3:d3:6b:0c:63:3b:f4:82:4c:22:a4:bb:f6:29:a6:e1:9f:2a: f0:aa:c0:cf:3e:42:0b:01:c1:f6:84:86:21:0a:3f:e8:65:f1: be:3c:62:40:77:f5:32:10:07:5e:80:f6:da:17:ae:4c:08:f4: a0:d0:73:f9:e9:66:60:5f:ad:96:13:ec:00:78:ae:28:aa:5a: 1f:f9:b5:28:57:02:c2:2b:b4:6e:e1:4b:be:f5:c1:10:a8:e1: 5f:9a:c5:39:9b:9d:89:db:7b:b5:31:40:ea:11:ca:27:e2:d9: 20:fb:19:3c:63:fd:db:94:16:77:83:37:ec:1b:09:67:6e:10: 18:65:eb:8c:62:fc:4c:7c:9c:ce:c9:c2:89:f4:38:e9:d7:2c: a3:f2:95:5d:64:87:a1:0d:62:3f:fc:23:02:7b:0a:bc:2f:72: 69:39:fc:e7:82:cc:bb:49:12:2d:72:3c:8e:7b:9f:f7:42:1d: e1:f4:ff:23:13:d0:a8:28:86:52:07:f2:12:71:d7:d3:08:d1: cc:4b:cb:2a:23:12:08:a8:d1:be:50:c3:39:1a:02:60:e5:60: 1c:44:ad:f0:83:43:64:43:32:e1:14:5c:51:c2:10:77:75:f3: be:79:1e:1b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPJD4NjhbTk9gItXF9n+ZA0ARS+gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY1MTRhOWQ4M2EwMDRhZDFmMzM4M2VmNmQ4Yjc1NWQ1NzQwODkzMTE2NWRk MzhlOTcwMzZkMjkyMWRlYWQ0NTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALj4k41oN7imEGq6LS28OCjdiADaGO5PYaO/zrXsENJ5yQw8pIhZU87bdDkb 8TPXFrbX3Xm6QojPXVwk9UHeJZkQB3MXp371+GxIzMD28tSFY7A/uTU9DpdNd4/D 4fyaNUjOgXhA1IX6+8Cz7UqNI/9dtYZyWoVR1Ry7rK13p/dGcJM35IsDdR+kzmTL VpuTxqlQjA2QV9QtFpwIuDDDIueZNc7g6KSxIs/Otswe6KuetJLWo0MaQpMA65U+ eqYWIFaX3qTaYnoFU8aZEpIYgNitZfb0x5lnClaBGUWd+zLHl8fiZUm5H6ZSH9M4 klhtXh6KPwIqlWM4arMKtNScKMsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKXag7 dMZXSV04riUqgMn+KxwXlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA MA0GCSqGSIb3DQEBCwUAA4IBAQCmub9I3zE1yDIvjP1NoS9Kqb7j02sMYzv0gkwi pLv2KabhnyrwqsDPPkILAcH2hIYhCj/oZfG+PGJAd/UyEAdegPbaF65MCPSg0HP5 6WZgX62WE+wAeK4oqlof+bUoVwLCK7Ru4Uu+9cEQqOFfmsU5m52J23u1MUDqEcon 4tkg+xk8Y/3blBZ3gzfsGwlnbhAYZeuMYvxMfJzOycKJ9Djp1yyj8pVdZIehDWI/ /CMCewq8L3JpOfzngsy7SRItcjyOe5/3Qh3h9P8jE9CoKIZSB/IScdfTCNHMS8sq IxIIqNG+UMM5GgJg5WAcRK3wg0NkQzLhFFxRwhB3dfO+eR4b -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:22 2026 by rpki-client