This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json) Hash identifier: 8jexGaCXVEZOPGzpl/u7+aju/T16CSTRRfi+WpyzA78= Subject key identifier: 85:28:EE:FD:A3:48:36:F2:7F:3E:C5:C1:C2:0B:51:2B:F0:42:0C:22 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 01C940B407D63461A91CDBE3167DA6C2B34FF48C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa Signing time: Wed 10 Dec 2025 06:31:08 +0000 ROA not before: Wed 10 Dec 2025 06:31:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:c9:40:b4:07:d6:34:61:a9:1c:db:e3:16:7d:a6:c2:b3:4f:f4:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:31:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=81bc4a74ca50304e13a1561f790e2c52f9cb1cca15623ec0a12659f7a7d09581, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b1:7d:82:08:2b:ec:7e:ea:d6:71:50:1e:72: 95:4a:46:67:9d:62:07:57:36:0d:6b:5c:24:92:6d: f7:34:5a:5c:73:1d:18:bf:4c:93:59:fc:18:2a:dc: 4f:fc:24:fb:34:65:b5:aa:ac:e5:a9:a5:86:8f:34: 4d:f4:8a:f8:b9:e3:2e:f4:8f:76:8c:44:4c:ac:0d: 3a:42:23:d5:a1:32:68:2c:9c:f4:10:04:ef:94:78: 63:63:b4:ea:e3:bc:fe:3c:81:aa:29:60:1d:01:a4: 58:cf:ba:03:33:d4:ac:81:b6:73:e7:76:7e:a0:74: ba:d2:36:0f:a2:3c:b0:c4:e2:99:f5:89:60:0a:db: d1:2a:7b:9e:49:59:3e:de:f5:90:6b:a6:86:f3:4c: b6:4e:58:1f:cf:ba:fc:5f:c5:03:5f:b7:04:0c:e8: 7d:91:46:27:ad:00:ba:82:dd:4f:0f:80:b5:06:51: 44:fd:82:d7:fd:b9:51:ea:68:a6:76:0b:57:bb:04: 94:8f:fb:5d:e0:a1:93:f8:18:3b:6a:63:71:3f:32: 2a:74:e0:4e:31:e9:f7:78:03:ae:4b:1e:68:49:e3: d2:f0:a7:e6:82:61:04:45:b8:09:fe:5f:4c:8f:c6: 3f:6c:e0:89:29:b3:52:eb:23:78:f5:2f:ba:25:71: 92:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:28:EE:FD:A3:48:36:F2:7F:3E:C5:C1:C2:0B:51:2B:F0:42:0C:22 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:c000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:71:90:12:42:48:f7:14:09:4c:16:18:b8:b7:8b:d3:4c:49: 43:f8:35:1d:9b:71:82:a1:64:3b:73:97:f3:c9:b7:4f:17:2d: 12:6e:63:d0:e3:84:fd:6c:d5:dd:72:f4:44:40:3c:7f:d3:42: 68:e7:69:2a:15:27:af:5c:4d:d7:cf:a6:c3:7d:cc:7a:47:9c: a1:0c:88:29:d7:2c:69:19:5b:98:d6:56:e3:63:12:ea:9b:b1: 5c:74:c8:f9:27:10:62:d2:11:5e:cb:5b:9a:f6:27:59:3c:c8: 26:fc:0a:0f:94:c6:ac:e4:4e:e3:f1:af:d9:97:3d:66:8d:69: fa:f3:9c:52:d8:c3:75:e8:0f:a4:fc:d8:16:b5:07:77:56:de: 00:b3:99:c6:c4:0c:c9:b4:1f:14:b9:d6:76:91:8d:93:c4:5f: 19:37:84:5c:dc:f8:6d:14:5f:5e:3d:e9:70:87:53:0d:74:ec: bb:e3:8d:9a:b4:41:c6:0f:7a:ba:d6:bc:bd:28:54:66:58:47: 86:03:02:11:4b:e5:c6:34:35:f2:9d:72:ea:94:b2:e4:97:02: 04:31:20:cc:fd:1d:d5:dd:cc:11:98:4a:4c:de:1d:35:e1:82: 98:f4:9b:27:ad:94:79:ac:ce:f3:6e:3d:48:89:bf:4a:92:87: e1:74:74:6b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAclAtAfWNGGpHNvjFn2mwrNP9IwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMxMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDgxYmM0YTc0Y2E1MDMwNGUxM2ExNTYxZjc5MGUyYzUyZjljYjFjY2ExNTYy M2VjMGExMjY1OWY3YTdkMDk1ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6xfYIIK+x+6tZxUB5ylUpGZ51iB1c2DWtcJJJt9zRaXHMdGL9Mk1n8GCrc T/wk+zRltaqs5amlho80TfSK+LnjLvSPdoxETKwNOkIj1aEyaCyc9BAE75R4Y2O0 6uO8/jyBqilgHQGkWM+6AzPUrIG2c+d2fqB0utI2D6I8sMTimfWJYArb0Sp7nklZ Pt71kGumhvNMtk5YH8+6/F/FA1+3BAzofZFGJ60AuoLdTw+AtQZRRP2C1/25Uepo pnYLV7sElI/7XeChk/gYO2pjcT8yKnTgTjHp93gDrkseaEnj0vCn5oJhBEW4Cf5f TI/GP2zgiSmzUusjePUvuiVxki0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFKO79 o0g28n8+xcHCC1Er8EIMIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA MA0GCSqGSIb3DQEBCwUAA4IBAQBscZASQkj3FAlMFhi4t4vTTElD+DUdm3GCoWQ7 c5fzybdPFy0SbmPQ44T9bNXdcvREQDx/00Jo52kqFSevXE3Xz6bDfcx6R5yhDIgp 1yxpGVuY1lbjYxLqm7FcdMj5JxBi0hFey1ua9idZPMgm/AoPlMas5E7j8a/Zlz1m jWn685xS2MN16A+k/NgWtQd3Vt4As5nGxAzJtB8UudZ2kY2TxF8ZN4Rc3PhtFF9e Pelwh1MNdOy7442atEHGD3q61ry9KFRmWEeGAwIRS+XGNDXynXLqlLLklwIEMSDM /R3V3cwRmEpM3h014YKY9JsnrZR5rM7zbj1Iib9KkofhdHRr -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:33 2026 by rpki-client