This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/593bb6f2-1ee0-4352-97de-e329502838f7.roa File: 593bb6f2-1ee0-4352-97de-e329502838f7.roa (raw, json) Hash identifier: UKan27pQlpKryeJsEBZt+VjsNyo7qt5q9fnUgUSy3Ug= Subject key identifier: 72:D0:14:AC:6C:6E:5B:F1:8A:F8:4F:FD:6A:29:CB:B6:AA:69:1C:E7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 06AD288058106794C71E70C1B2FE7FB6DC8D689B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/593bb6f2-1ee0-4352-97de-e329502838f7.roa Signing time: Mon 08 Dec 2025 02:10:25 +0000 ROA not before: Mon 08 Dec 2025 02:10:25 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:ad:28:80:58:10:67:94:c7:1e:70:c1:b2:fe:7f:b6:dc:8d:68:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 8 02:10:25 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=62b7bf10825026c76b944c3b7362854c390df7574e5b31766b7f36b6e3ac7157, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b3:b9:4f:6c:25:2c:f9:2c:b2:43:68:30:02: 6e:23:28:9b:f5:4d:c6:fa:df:a9:1e:c7:b7:73:a5: 1b:74:0f:77:71:37:45:3b:06:ed:3e:46:8f:7b:d7: 3c:8e:e3:ad:70:ba:d3:3f:bc:ad:92:d3:fc:32:27: 97:fd:a4:bc:b1:79:41:9b:91:31:f7:9b:1a:b3:90: 0d:a4:2a:13:d5:5d:e9:7b:af:f4:97:73:ea:2d:9e: f4:85:53:20:9c:9b:5d:8d:44:07:68:3d:e1:85:fe: 5f:2a:5c:15:3d:69:b1:80:3c:55:0b:47:98:58:c7: b9:cf:1d:36:ca:5e:a0:66:09:ef:fb:93:4b:a0:0b: a4:e9:b2:4f:af:ee:92:84:8d:88:dd:33:a3:c4:af: 9f:fc:c3:a5:14:22:6a:4b:17:0d:56:76:1e:52:02: 0b:86:ac:48:12:8b:dd:97:4a:70:1d:65:d8:f4:36: 4c:1e:89:d8:b4:6f:da:b8:9f:b4:59:33:0e:b6:8b: e9:70:90:9c:2d:bf:4a:ac:64:22:30:e7:59:5c:46: 0a:d3:01:7c:68:f7:93:77:cb:80:aa:b6:d9:80:0f: 49:9e:99:25:6f:b5:f2:a7:6f:2d:b4:c0:a2:de:6b: fc:18:25:8e:a0:88:09:2c:1a:68:67:6f:dc:75:e8: 3b:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:D0:14:AC:6C:6E:5B:F1:8A:F8:4F:FD:6A:29:CB:B6:AA:69:1C:E7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/593bb6f2-1ee0-4352-97de-e329502838f7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:800::/40 Signature Algorithm: sha256WithRSAEncryption a6:c4:9b:e6:8f:c2:f3:e2:ac:ca:d4:74:b5:c9:0b:aa:ec:ca: 8b:9a:2d:c4:d8:17:ac:f9:75:16:72:1c:c4:0e:2f:54:95:7c: 78:52:0d:73:cd:93:ea:0b:4e:76:af:b6:ad:df:48:56:80:6d: 33:04:47:46:19:57:b8:ed:0a:b9:1c:a7:28:e2:38:93:41:3d: 4c:06:74:13:92:97:86:b2:c4:0d:e5:d8:87:b8:0b:bd:76:c2: ea:3c:6c:51:9b:1d:af:a9:74:f5:a0:a2:4b:35:99:21:62:fc: 9e:83:c8:b5:12:0b:c5:18:cb:20:f8:3f:28:f1:f9:04:ab:f7: f5:a4:21:52:bf:ac:7c:98:b9:f8:3c:68:0e:df:58:af:4c:7d: c6:86:8b:24:87:a9:33:95:9e:f1:1d:c9:0e:dc:28:0e:ed:3d: fe:bc:f0:7f:22:f4:4d:57:a8:4d:c1:68:0e:c9:bc:51:62:6f: 18:d4:2e:41:cd:11:94:ff:28:16:9a:2c:ad:ea:1d:84:9b:0c: e4:be:e4:b8:1d:dc:04:68:3b:0c:e9:3a:a8:51:29:56:e9:4d: 20:5c:2a:ec:f8:91:0f:f4:d6:8b:44:4e:67:02:c4:02:ab:00: 2f:d5:77:91:2d:63:1c:a0:e8:70:35:de:d1:0b:cf:51:75:94: e3:e3:d3:41 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUBq0ogFgQZ5THHnDBsv5/ttyNaJswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDgwMjEwMjVaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDYyYjdiZjEwODI1MDI2Yzc2Yjk0NGMzYjczNjI4NTRjMzkwZGY3NTc0ZTVi MzE3NjZiN2YzNmI2ZTNhYzcxNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL2zuU9sJSz5LLJDaDACbiMom/VNxvrfqR7Ht3OlG3QPd3E3RTsG7T5Gj3vX PI7jrXC60z+8rZLT/DInl/2kvLF5QZuRMfebGrOQDaQqE9Vd6Xuv9Jdz6i2e9IVT IJybXY1EB2g94YX+XypcFT1psYA8VQtHmFjHuc8dNspeoGYJ7/uTS6ALpOmyT6/u koSNiN0zo8Svn/zDpRQiaksXDVZ2HlICC4asSBKL3ZdKcB1l2PQ2TB6J2LRv2rif tFkzDraL6XCQnC2/SqxkIjDnWVxGCtMBfGj3k3fLgKq22YAPSZ6ZJW+18qdvLbTA ot5r/BgljqCICSwaaGdv3HXoO6ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRy0BSs bG5b8Yr4T/1qKcu2qmkc5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTkzYmI2ZjItMWVlMC00MzUyLTk3ZGUtZTMyOTUwMjgzOGY3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQI MA0GCSqGSIb3DQEBCwUAA4IBAQCmxJvmj8Lz4qzK1HS1yQuq7MqLmi3E2Bes+XUW chzEDi9UlXx4Ug1zzZPqC052r7at30hWgG0zBEdGGVe47Qq5HKco4jiTQT1MBnQT kpeGssQN5diHuAu9dsLqPGxRmx2vqXT1oKJLNZkhYvyeg8i1EgvFGMsg+D8o8fkE q/f1pCFSv6x8mLn4PGgO31ivTH3Ghoskh6kzlZ7xHckO3CgO7T3+vPB/IvRNV6hN wWgOybxRYm8Y1C5BzRGU/ygWmiyt6h2EmwzkvuS4HdwEaDsM6TqoUSlW6U0gXCrs +JEP9NaLRE5nAsQCqwAv1XeRLWMcoOhwNd7RC89RdZTj49NB -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:38 2026 by rpki-client