This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa File: 599e0695-4b67-4a37-994a-8c71d61260b3.roa (raw, json) Hash identifier: E9LJVy/YlUqLn5I8l9NNKYZAv1SqHK70poSEAvYXN1E= Subject key identifier: 48:B8:70:7D:59:92:A3:60:16:19:CB:BE:5C:05:EA:F7:46:06:40:DE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7C393DE85EC0F5378E98B8A7F43881E7CD18F588 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa Signing time: Wed 10 Dec 2025 06:10:42 +0000 ROA not before: Wed 10 Dec 2025 06:10:42 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:a0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:39:3d:e8:5e:c0:f5:37:8e:98:b8:a7:f4:38:81:e7:cd:18:f5:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:42 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=5244035d2e18a097be9800299f352aa41d266cb685097482c63d49c463fc457c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:85:81:1f:2a:0b:19:64:77:6f:bd:21:77:9d: 61:1f:d9:61:3b:d0:fa:36:4b:79:a1:81:03:a3:dd: 50:5b:24:67:86:73:46:cc:8b:68:ff:ec:fe:51:46: 26:5b:7b:72:80:5d:21:85:9f:7f:bb:5f:5d:1b:c1: 41:38:d0:3d:f2:e3:11:e5:f4:33:96:95:49:2e:85: bd:83:c8:d7:ed:4e:1e:17:4e:5f:ed:77:97:3c:d2: 17:14:c3:fb:59:7e:22:0f:f4:90:4f:7f:2b:61:67: 85:df:9c:eb:a0:ab:84:b6:1f:39:51:39:68:b7:13: f2:cd:b0:b9:79:6e:0e:b3:bc:41:7d:33:e8:ff:d5: 87:48:ef:e0:1d:95:86:a8:3d:39:81:a2:78:f0:df: 7c:3b:41:a1:84:b8:2a:37:ba:8a:e8:45:b4:f4:f6: 42:99:ba:33:e8:cb:d1:ae:c1:f9:1a:33:9b:55:3a: ee:d8:ee:c6:48:c8:50:83:1b:25:56:a1:3d:af:3c: 4e:7f:cd:8d:95:08:4a:07:16:fd:f5:6e:d6:e7:e6: 35:69:ee:3e:12:74:4f:45:70:5f:42:8f:8a:31:8b: 50:bc:36:f6:d6:31:d5:6a:df:3d:e7:8c:11:d0:65: d9:c0:5e:8e:55:67:77:4f:d4:14:9c:c8:0a:8b:2d: 4b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:B8:70:7D:59:92:A3:60:16:19:CB:BE:5C:05:EA:F7:46:06:40:DE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/599e0695-4b67-4a37-994a-8c71d61260b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:a0c0::/48 Signature Algorithm: sha256WithRSAEncryption 6e:96:1a:c4:42:c4:08:5f:e6:4f:6d:71:eb:2d:c6:17:3c:fa: f7:f8:59:1a:34:64:b5:f1:95:7e:17:93:b3:a5:6e:cc:4d:aa: eb:2c:a2:96:f7:31:6e:8f:62:d1:b9:d5:fe:32:4b:b7:e4:fc: 0a:97:63:ed:4b:5d:93:72:4b:c0:91:dd:63:44:69:8e:ba:25: 60:f7:d2:e0:8b:0b:6c:2c:6c:ef:51:43:0b:00:d6:4b:8c:da: bb:53:5e:96:a8:cf:22:90:40:01:9b:37:0d:05:f6:5c:b9:09: 21:28:d0:ba:92:ea:a7:f6:07:20:32:cc:2c:95:1d:a2:b1:5b: 1e:bb:0a:cd:59:9a:c3:6c:2e:0a:50:9b:db:8b:c8:8b:ca:8f: bf:67:f8:f6:38:6a:3e:6a:34:5c:d6:7e:b2:b5:8d:7a:94:3b: 33:94:75:e8:73:74:59:6a:ef:f8:c5:ac:66:f3:af:4c:ef:28: e1:24:ac:38:bf:fb:b5:d9:f9:49:1f:28:24:25:dd:f7:4a:f6: d2:5b:35:90:00:0e:21:58:7a:57:ed:70:75:bd:cc:fc:32:43: 67:3d:4d:54:6c:4b:c5:55:cd:47:de:cf:e0:f3:ef:fb:f4:51: 1d:f8:21:8f:37:11:f2:92:2a:33:9f:da:08:fb:cc:6b:d3:75: 90:46:d8:5c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUfDk96F7A9TeOmLin9DiB580Y9YgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwNDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDUyNDQwMzVkMmUxOGEwOTdiZTk4MDAyOTlmMzUyYWE0MWQyNjZjYjY4NTA5 NzQ4MmM2M2Q0OWM0NjNmYzQ1N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+FgR8qCxlkd2+9IXedYR/ZYTvQ+jZLeaGBA6PdUFskZ4ZzRsyLaP/s/lFG Jlt7coBdIYWff7tfXRvBQTjQPfLjEeX0M5aVSS6FvYPI1+1OHhdOX+13lzzSFxTD +1l+Ig/0kE9/K2Fnhd+c66CrhLYfOVE5aLcT8s2wuXluDrO8QX0z6P/Vh0jv4B2V hqg9OYGiePDffDtBoYS4Kje6iuhFtPT2Qpm6M+jL0a7B+Rozm1U67tjuxkjIUIMb JVahPa88Tn/NjZUISgcW/fVu1ufmNWnuPhJ0T0VwX0KPijGLULw29tYx1WrfPeeM EdBl2cBejlVnd0/UFJzICostSz0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRIuHB9 WZKjYBYZy75cBer3RgZA3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTk5ZTA2OTUtNGI2Ny00YTM3LTk5NGEtOGM3MWQ2MTI2MGIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg wDANBgkqhkiG9w0BAQsFAAOCAQEAbpYaxELECF/mT21x6y3GFzz69/hZGjRktfGV fheTs6VuzE2q6yyilvcxbo9i0bnV/jJLt+T8Cpdj7Utdk3JLwJHdY0RpjrolYPfS 4IsLbCxs71FDCwDWS4zau1NelqjPIpBAAZs3DQX2XLkJISjQupLqp/YHIDLMLJUd orFbHrsKzVmaw2wuClCb24vIi8qPv2f49jhqPmo0XNZ+srWNepQ7M5R16HN0WWrv +MWsZvOvTO8o4SSsOL/7tdn5SR8oJCXd90r20ls1kAAOIVh6V+1wdb3M/DJDZz1N VGxLxVXNR97P4PPv+/RRHfghjzcR8pIqM5/aCPvMa9N1kEbYXA== -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:21 2026 by rpki-client