This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa File: 4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa (raw, json) Hash identifier: TOk0ISOYlq6bIxnBT1h3IssZG3iuM/ToDLTLkOfoz5w= Subject key identifier: ED:4C:4F:8E:AE:E9:0F:B1:24:02:35:A5:7D:A5:D4:B6:07:07:54:F6 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 653E586AB548863C318928C6EA9E9198691EC0B8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa Signing time: Wed 10 Dec 2025 05:50:05 +0000 ROA not before: Wed 10 Dec 2025 05:50:05 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d075:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:3e:58:6a:b5:48:86:3c:31:89:28:c6:ea:9e:91:98:69:1e:c0:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:05 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9d123b87b81e628afd94bec7c3457a72046c3ac21b06143c3b2fb1dfff124d8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:27:b6:24:52:11:67:81:82:0d:31:52:eb:5f: 72:56:f4:6f:92:dc:59:60:b0:6e:12:d1:37:a8:b2: db:9a:6c:e6:09:1e:1b:c4:5e:eb:99:2b:a9:bf:8f: 6e:11:97:46:e2:a3:fe:25:49:9f:e0:14:72:f5:a8: 20:7f:66:d7:5d:d7:56:1e:ac:48:d2:a0:81:cd:71: 6d:aa:2e:df:37:41:db:6c:46:4e:9f:61:d7:a9:9b: 1b:79:43:e0:5d:8a:1e:63:b3:53:97:dd:f4:08:16: eb:4c:1f:0e:77:ce:fa:e2:e0:50:ba:1e:05:7b:a6: 00:84:3a:87:42:ac:e7:cb:ce:31:7a:e3:54:14:4d: c2:68:3a:6d:34:a8:a2:ca:5f:f8:54:e5:f9:25:e3: a0:09:7e:32:1c:96:f4:2d:3b:94:2b:02:cb:a0:5d: 77:f0:01:8a:62:4a:c8:43:c8:da:c9:a6:98:ca:be: 36:42:95:58:fd:c5:0b:42:e0:66:e3:12:e6:0b:43: 35:36:a3:00:0a:4e:de:0a:01:30:a7:2a:86:06:2c: 7a:26:cf:3d:5f:2c:d9:89:c0:35:6e:3b:ac:d0:47: f8:30:1c:eb:bf:4b:c8:ac:85:7d:45:bf:ad:1d:16: 97:44:3e:19:c8:bf:9f:61:6a:b9:62:70:c0:84:2c: fd:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:4C:4F:8E:AE:E9:0F:B1:24:02:35:A5:7D:A5:D4:B6:07:07:54:F6 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6ddca7-172f-4f0e-9a83-9a359f62c43d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d075:4000::/40 Signature Algorithm: sha256WithRSAEncryption 53:a3:d1:0d:94:77:84:e9:39:b0:21:ac:c1:4d:01:18:2c:0b: 96:b8:ab:4e:a7:bf:c1:77:90:6b:97:52:0c:79:3e:3e:ab:eb: e8:4b:2a:81:21:fb:1d:62:4b:09:47:a0:12:27:ab:40:4d:14: fb:28:fb:e6:cc:31:f4:f5:ca:20:d6:a9:c5:db:b0:04:df:d2: 31:20:98:ac:4d:68:e6:27:8f:86:de:5f:90:f4:f1:50:fd:2a: a5:2f:f5:6f:a1:10:04:f6:ec:1b:f5:83:47:06:05:05:2a:46: 5c:86:b0:33:21:4d:30:2d:ff:8a:33:e0:b2:6d:67:ab:e2:7e: a7:91:08:ae:6d:f2:f5:65:5f:54:c3:61:2e:d8:12:1b:97:da: 2c:b4:28:ce:a0:3b:f1:58:91:a0:cc:d8:cb:4d:49:07:43:41: 04:7c:67:90:7f:f5:2f:21:5d:99:7d:18:94:15:41:a6:7b:b1: ba:a3:bd:3d:62:ba:fd:0f:e5:af:9d:7e:b2:eb:22:6e:b6:00: b0:0e:a4:b5:d0:11:5e:e8:78:14:b7:77:a5:5a:d8:5b:1b:79: f9:27:b7:e8:8f:fb:56:55:d4:87:f7:b4:d6:f8:3c:ac:af:05: 49:6a:9a:4e:37:09:f9:9e:37:38:b7:96:48:da:ed:63:4f:13: 47:3f:8f:c3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZT5YarVIhjwxiSjG6p6RmGkewLgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDlkMTIzYjg3YjgxZTYyOGFmZDk0YmVjN2MzNDU3YTcyMDQ2YzNhYzIxYjA2 MTQzYzNiMmZiMWRmZmYxMjRkOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPAntiRSEWeBgg0xUutfclb0b5LcWWCwbhLRN6iy25ps5gkeG8Re65krqb+P bhGXRuKj/iVJn+AUcvWoIH9m113XVh6sSNKggc1xbaou3zdB22xGTp9h16mbG3lD 4F2KHmOzU5fd9AgW60wfDnfO+uLgULoeBXumAIQ6h0Ks58vOMXrjVBRNwmg6bTSo ospf+FTl+SXjoAl+MhyW9C07lCsCy6Bdd/ABimJKyEPI2smmmMq+NkKVWP3FC0Lg ZuMS5gtDNTajAApO3goBMKcqhgYseibPPV8s2YnANW47rNBH+DAc679LyKyFfUW/ rR0Wl0Q+Gci/n2FquWJwwIQs/S0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtTE+O rukPsSQCNaV9pdS2BwdU9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGI2ZGRjYTctMTcyZi00ZjBlLTlhODMtOWEzNTlmNjJjNDNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVA MA0GCSqGSIb3DQEBCwUAA4IBAQBTo9ENlHeE6TmwIazBTQEYLAuWuKtOp7/Bd5Br l1IMeT4+q+voSyqBIfsdYksJR6ASJ6tATRT7KPvmzDH09cog1qnF27AE39IxIJis TWjmJ4+G3l+Q9PFQ/SqlL/VvoRAE9uwb9YNHBgUFKkZchrAzIU0wLf+KM+CybWer 4n6nkQiubfL1ZV9Uw2Eu2BIbl9ostCjOoDvxWJGgzNjLTUkHQ0EEfGeQf/UvIV2Z fRiUFUGme7G6o709Yrr9D+WvnX6y6yJutgCwDqS10BFe6HgUt3elWthbG3n5J7fo j/tWVdSH97TW+DysrwVJappONwn5njc4t5ZI2u1jTxNHP4/D -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:49 2026 by rpki-client