This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa File: 5fae084a-25bc-483a-9a0a-2dc71c247184.roa (raw, json) Hash identifier: RznmK8/ey3uTL8C0bdWUCi5B8GYWzDOZIlv5De8kC1c= Subject key identifier: 23:C6:3E:EF:5B:BB:A9:5E:31:66:C8:77:F6:17:CB:28:D6:E7:76:ED Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 59D183547A3E91A4AEEDAFD00A8B252FAA797D8E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa Signing time: Mon 08 Dec 2025 02:10:15 +0000 ROA not before: Mon 08 Dec 2025 02:10:15 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:d1:83:54:7a:3e:91:a4:ae:ed:af:d0:0a:8b:25:2f:aa:79:7d:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 8 02:10:15 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=af488c7a66c97228bf298e865c6d0d6fbfe503c1168d30ca232b4a865009939d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f4:92:cb:ea:06:58:62:a1:ec:0a:a0:97:b8: 47:29:e8:0b:d4:91:09:46:fe:04:c1:22:07:85:01: 2a:a3:cd:91:65:ee:29:b3:fe:a9:0a:97:70:f0:3d: cf:45:34:fc:12:15:0a:56:b0:e3:11:ce:e1:ab:65: 8f:ac:cc:a7:06:5a:4b:66:22:d4:aa:e5:c2:6f:27: 9c:23:9d:79:ed:3d:3e:89:4d:cb:6b:7d:af:84:a4: b4:ed:a5:5d:e5:47:85:75:a1:32:59:cc:b3:c7:d4: a8:f4:51:87:9c:cf:8d:94:98:f4:91:2f:48:2e:93: d0:fc:ab:02:0b:35:b0:85:5e:1e:39:1c:c6:ec:7c: 2a:3e:a8:5e:e6:5e:95:ae:79:98:70:fc:e1:46:17: 3f:9d:d4:33:d4:7f:c8:cb:f2:be:89:33:f2:22:4a: 7e:c5:8c:69:2e:7c:b6:41:8a:1a:17:84:bb:b0:4d: 8c:bb:75:28:fd:c8:36:40:e8:13:24:61:d4:71:49: 02:25:1a:8f:ad:52:a4:77:ec:50:e9:6a:2e:c3:1e: 99:5a:51:7f:82:13:d4:8f:d8:63:93:bc:09:96:a4: f7:52:35:6c:81:2f:f2:f7:68:e3:c2:b6:49:bc:cd: f6:38:25:6b:d3:7a:c8:ed:49:1b:43:10:7b:e7:87: fe:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:C6:3E:EF:5B:BB:A9:5E:31:66:C8:77:F6:17:CB:28:D6:E7:76:ED X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:800::/40 Signature Algorithm: sha256WithRSAEncryption 35:e0:4f:ef:43:2b:67:b7:21:a0:ab:12:ed:ce:4e:71:d4:1b: 20:96:a5:65:33:4c:34:a0:03:77:23:74:68:2d:ab:9c:0f:35: 63:01:a0:62:e7:30:ef:e2:81:16:4e:ae:0e:11:cf:ef:1a:0a: 78:98:64:12:72:58:45:5c:2e:c3:16:f6:4f:3e:67:a7:1a:ef: d3:93:74:8c:c7:23:78:6f:44:10:12:eb:78:71:dc:6f:9a:f5: 07:04:58:12:33:07:71:48:2c:8c:76:cd:b6:69:d9:30:d3:6f: 22:a6:a3:57:55:ea:cb:5c:8b:72:22:ec:06:d2:bc:0e:5c:73: be:73:a5:a5:d3:bf:e8:65:4a:c9:60:85:dc:83:da:08:d1:5a: 97:b7:bd:85:fb:55:9a:11:02:7b:9e:93:bf:61:01:3d:14:81: 10:50:71:9c:ba:3f:a5:55:ee:ba:93:2a:c4:33:ee:c9:d7:40: 43:67:fc:35:08:65:fb:3b:db:3f:81:8c:e4:34:5a:d8:30:a9: 9b:36:7e:02:2e:e3:88:cf:f5:18:79:33:ba:bb:8d:01:f2:24: 95:e3:02:05:5d:55:a0:1b:16:3c:d0:72:b7:dd:1d:2c:4c:e4: b2:63:fe:b7:e9:01:32:c7:4e:fa:de:a8:18:99:bf:27:19:eb: 9d:ec:7a:0b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWdGDVHo+kaSu7a/QCoslL6p5fY4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDgwMjEwMTVaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQGFmNDg4YzdhNjZjOTcyMjhiZjI5OGU4NjVjNmQwZDZmYmZlNTAzYzExNjhk MzBjYTIzMmI0YTg2NTAwOTkzOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALX0ksvqBlhioewKoJe4RynoC9SRCUb+BMEiB4UBKqPNkWXuKbP+qQqXcPA9 z0U0/BIVClaw4xHO4atlj6zMpwZaS2Yi1Krlwm8nnCOdee09PolNy2t9r4SktO2l XeVHhXWhMlnMs8fUqPRRh5zPjZSY9JEvSC6T0PyrAgs1sIVeHjkcxux8Kj6oXuZe la55mHD84UYXP53UM9R/yMvyvokz8iJKfsWMaS58tkGKGheEu7BNjLt1KP3INkDo EyRh1HFJAiUaj61SpHfsUOlqLsMemVpRf4IT1I/YY5O8CZak91I1bIEv8vdo48K2 SbzN9jgla9N6yO1JG0MQe+eH/tsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjxj7v W7upXjFmyHf2F8so1ud27TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWZhZTA4NGEtMjViYy00ODNhLTlhMGEtMmRjNzFjMjQ3MTg0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8I MA0GCSqGSIb3DQEBCwUAA4IBAQA14E/vQytntyGgqxLtzk5x1BsglqVlM0w0oAN3 I3RoLaucDzVjAaBi5zDv4oEWTq4OEc/vGgp4mGQSclhFXC7DFvZPPmenGu/Tk3SM xyN4b0QQEut4cdxvmvUHBFgSMwdxSCyMds22adkw028ipqNXVerLXItyIuwG0rwO XHO+c6Wl07/oZUrJYIXcg9oI0VqXt72F+1WaEQJ7npO/YQE9FIEQUHGcuj+lVe66 kyrEM+7J10BDZ/w1CGX7O9s/gYzkNFrYMKmbNn4CLuOIz/UYeTO6u40B8iSV4wIF XVWgGxY80HK33R0sTOSyY/636QEyx0763qgYmb8nGeud7HoL -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:13 2026 by rpki-client