This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa File: 5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa (raw, json) Hash identifier: gkjQ86cnVVupj+oujvFgPXA9+IawVmSXmNzRje82jg0= Subject key identifier: 57:08:59:BC:12:2F:85:64:B4:B7:E7:EE:D2:28:05:86:19:59:AE:8A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 51B522756A682CD7F5E88B377B557D2BCD017D64 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa Signing time: Wed 10 Dec 2025 05:30:46 +0000 ROA not before: Wed 10 Dec 2025 05:30:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d016:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:b5:22:75:6a:68:2c:d7:f5:e8:8b:37:7b:55:7d:2b:cd:01:7d:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ea01062ec4567426fbd8d7d649b7295fb35a421846ac23773836f260bc654899, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:af:54:a2:28:ed:a8:80:e2:5b:a7:5f:a8:f7: a3:68:aa:6a:8c:d2:2b:91:6e:a4:e6:1c:25:fd:9b: 29:8b:f1:02:6d:de:e6:b4:73:58:75:87:7d:e7:06: 62:4d:5b:47:4c:9d:28:f8:20:57:49:e9:c9:26:41: fe:6d:0f:d8:4c:3a:30:5a:30:eb:97:34:b4:4a:b4: 42:9d:ea:99:06:f1:53:5b:43:d5:2f:6c:b9:fa:37: bf:a5:22:0b:ec:f5:5d:c6:f2:51:30:0a:79:80:5e: 2c:d2:fa:e8:1e:e7:58:a9:52:25:61:a1:8a:f9:20: 1b:4e:3a:b8:24:20:d9:51:f4:61:d6:fa:7c:56:ef: 06:f9:f6:fd:15:4e:ee:3d:ca:8e:48:f5:e4:f0:b9: 05:3c:1f:51:0f:54:79:0b:c9:6b:10:f5:cf:40:b3: 59:db:b6:1b:ba:6b:1c:ec:2e:de:02:56:6f:65:50: b9:5f:1c:dd:b4:4a:bd:9f:d2:94:4f:9d:13:a9:16: da:30:2f:36:53:74:b5:03:21:8a:55:3a:ec:79:e3: c0:34:94:7f:00:bc:b5:a3:ac:dc:cd:1a:a5:a2:50: bc:8a:da:e1:f8:08:24:ec:38:3a:d9:89:34:ac:81: fb:07:dc:9a:39:f4:a7:e3:3c:a5:89:ce:5a:81:79: d4:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:08:59:BC:12:2F:85:64:B4:B7:E7:EE:D2:28:05:86:19:59:AE:8A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d016:c00::/38 Signature Algorithm: sha256WithRSAEncryption 85:40:06:cd:8f:90:93:54:99:93:56:89:b3:af:e4:8d:47:f1: 89:07:e6:98:18:29:6b:90:36:59:04:bf:8f:d2:43:07:0e:9e: 21:bd:8e:b4:89:3f:44:b6:da:f6:bf:10:79:b3:46:b5:20:65: 4a:31:db:c5:e9:f1:df:fa:63:f1:fe:d7:4c:c1:2b:67:27:d8: 5c:91:07:2e:ab:e6:17:98:8b:a4:ba:a9:9a:09:54:f0:2b:d8: 62:cc:93:6c:ae:65:71:9e:0b:a0:f5:3b:07:d5:7a:b1:60:6e: 23:58:41:b9:e3:8e:6e:d8:1c:51:5a:ca:5f:8d:a1:2b:70:61: a5:6c:e5:e2:8e:55:5a:9a:34:ce:a6:0f:1a:73:58:1d:33:d0: db:fe:d9:f1:b8:10:a8:35:95:9c:1b:ec:50:b6:a3:12:d9:c2: 4d:11:8b:38:b6:9a:b0:8f:86:74:46:da:aa:4e:08:8a:4b:d1: c2:24:5e:eb:6c:5e:64:5f:6d:a4:5a:8b:a6:a7:8d:ce:f5:73: 72:87:27:27:fb:53:f1:53:81:0d:d4:c8:d4:39:a3:f6:d2:2f: 9c:86:61:58:35:d0:16:4e:a6:1f:49:bd:4a:53:9b:89:e1:68: 41:f6:9a:b2:6e:7c:0c:fa:91:6b:c2:f6:e6:a3:68:e2:1e:5d: 3a:41:53:33 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUUbUidWpoLNf16Is3e1V9K80BfWQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVhMDEwNjJlYzQ1Njc0MjZmYmQ4ZDdkNjQ5YjcyOTVmYjM1YTQyMTg0NmFj MjM3NzM4MzZmMjYwYmM2NTQ4OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANuvVKIo7aiA4lunX6j3o2iqaozSK5FupOYcJf2bKYvxAm3e5rRzWHWHfecG Yk1bR0ydKPggV0npySZB/m0P2Ew6MFow65c0tEq0Qp3qmQbxU1tD1S9sufo3v6Ui C+z1XcbyUTAKeYBeLNL66B7nWKlSJWGhivkgG046uCQg2VH0Ydb6fFbvBvn2/RVO 7j3Kjkj15PC5BTwfUQ9UeQvJaxD1z0CzWdu2G7prHOwu3gJWb2VQuV8c3bRKvZ/S lE+dE6kW2jAvNlN0tQMhilU67HnjwDSUfwC8taOs3M0apaJQvIra4fgIJOw4OtmJ NKyB+wfcmjn0p+M8pYnOWoF51B8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXCFm8 Ei+FZLS35+7SKAWGGVmuijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTg1NGUwNmEtYzgyNS00MGZlLWJmNTEtNWI3N2QzYmE0ZDAyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYM MA0GCSqGSIb3DQEBCwUAA4IBAQCFQAbNj5CTVJmTVomzr+SNR/GJB+aYGClrkDZZ BL+P0kMHDp4hvY60iT9Ettr2vxB5s0a1IGVKMdvF6fHf+mPx/tdMwStnJ9hckQcu q+YXmIukuqmaCVTwK9hizJNsrmVxngug9TsH1XqxYG4jWEG5445u2BxRWspfjaEr cGGlbOXijlVamjTOpg8ac1gdM9Db/tnxuBCoNZWcG+xQtqMS2cJNEYs4tpqwj4Z0 RtqqTgiKS9HCJF7rbF5kX22kWoump43O9XNyhycn+1PxU4EN1MjUOaP20i+chmFY NdAWTqYfSb1KU5uJ4WhB9pqybnwM+pFrwvbmo2jiHl06QVMz -----END CERTIFICATE-----Generated at Sun Dec 14 00:01:11 2025 by rpki-client