This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa File: 5fe931ae-e353-437d-9738-79004c5e9188.roa (raw, json) Hash identifier: Jpfaq/MCaF/8WQyu81CG/sAFSUux2uRdgXwf6KXG2b8= Subject key identifier: B8:69:11:E0:17:C9:97:AB:21:71:CD:EC:8F:A9:EA:61:E5:92:4A:FF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5C8B34A116CE8F0E547BF1114D17A5843C2A051F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa Signing time: Wed 10 Dec 2025 06:30:41 +0000 ROA not before: Wed 10 Dec 2025 06:30:41 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:8b:34:a1:16:ce:8f:0e:54:7b:f1:11:4d:17:a5:84:3c:2a:05:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:41 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=06452296d1e3c6a228dc45292372c370ce9f97d2e8d746d25b632e9e67249cbf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:82:0b:b7:97:fb:2c:38:fc:e5:85:15:fc:6a: 90:af:4e:8e:b4:e2:d9:23:66:81:0a:ef:51:27:8e: 87:4b:a6:75:7d:8a:4d:b1:82:82:0a:b0:42:49:5d: 3b:51:e5:93:69:43:29:34:3b:73:fb:36:34:bf:a9: 52:25:2e:86:3f:3e:22:cb:b1:cb:be:75:9e:36:61: b5:2e:96:1a:d4:fb:4d:6c:02:ff:54:b2:9d:62:f6: ed:83:14:f2:a2:54:35:06:fb:ad:96:c3:ea:4b:90: c9:3f:86:dc:5d:c7:7e:72:b3:30:d3:55:e3:ff:ee: 7b:17:93:a9:c6:d2:63:fa:b7:54:28:35:5f:a2:e9: 3c:53:69:79:36:45:8e:b6:d1:58:ba:40:4b:d9:b1: 9f:cd:cb:dc:f7:dc:d1:8f:a1:fc:e4:59:e7:0e:1a: 57:75:be:3e:55:08:2e:25:6d:48:33:4c:7b:a7:7e: bb:fe:5b:31:87:f4:c0:12:c6:a7:a3:7a:e8:0a:e1: 12:4d:38:b3:be:6f:2e:23:f1:2f:7d:b7:9b:60:38: f7:4d:31:bb:fd:15:4e:85:d1:7c:6d:dc:85:47:50: 99:9d:a2:b1:d3:54:c6:0e:9b:e8:fb:b6:ce:e5:25: ac:78:cc:d8:7a:39:03:5c:b3:43:11:2d:cb:4a:37: 83:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:69:11:E0:17:C9:97:AB:21:71:CD:EC:8F:A9:EA:61:E5:92:4A:FF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:c000::/40 Signature Algorithm: sha256WithRSAEncryption 27:bf:9f:20:56:a4:c6:6a:fa:af:d7:d6:c5:ab:28:c2:93:29: 4b:91:d0:0f:e0:ad:06:c5:3a:c1:41:3a:e3:6f:cb:c3:ee:fa: f8:df:92:27:92:a7:7d:77:72:fa:f2:f3:d0:df:0b:a8:dc:27: e2:c3:6d:48:5b:6b:6d:04:b4:08:31:95:94:c2:01:66:73:2a: 00:83:f2:c7:2a:a2:3d:62:1e:8b:65:ac:0b:0b:be:65:14:3b: c4:51:7a:04:cf:61:40:f9:d8:cc:d5:04:03:08:fc:22:1b:8f: 23:98:5a:19:bd:8c:8d:ac:d8:01:ab:85:5a:2a:56:cc:fa:76: 81:3f:6a:c3:c1:ee:64:37:9a:f1:bb:aa:a5:65:ac:e0:4c:c7: 72:6f:a9:1c:98:67:8d:ad:7e:9a:8b:48:9b:f4:39:88:4f:90: 19:49:02:77:1e:d2:63:a6:fd:cc:ca:c5:6b:3b:07:8b:9c:66: 04:c1:9e:84:8f:f0:24:f5:7d:2a:4f:50:ea:ff:6b:75:f7:f6: 5c:5a:46:bb:9f:10:63:6a:98:3a:86:81:c5:d7:10:25:a7:ff: 94:99:b1:f9:50:34:03:1c:b4:85:40:57:8f:c0:5c:43:88:af: 3b:d5:b7:a7:23:43:a3:f2:8a:4e:30:43:0e:c4:bf:23:2d:7d: cc:ff:04:c4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXIs0oRbOjw5Ue/ERTRelhDwqBR8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA2NDUyMjk2ZDFlM2M2YTIyOGRjNDUyOTIzNzJjMzcwY2U5Zjk3ZDJlOGQ3 NDZkMjViNjMyZTllNjcyNDljYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJaCC7eX+yw4/OWFFfxqkK9OjrTi2SNmgQrvUSeOh0umdX2KTbGCggqwQkld O1Hlk2lDKTQ7c/s2NL+pUiUuhj8+Isuxy751njZhtS6WGtT7TWwC/1SynWL27YMU 8qJUNQb7rZbD6kuQyT+G3F3HfnKzMNNV4//uexeTqcbSY/q3VCg1X6LpPFNpeTZF jrbRWLpAS9mxn83L3Pfc0Y+h/ORZ5w4aV3W+PlUILiVtSDNMe6d+u/5bMYf0wBLG p6N66ArhEk04s75vLiPxL323m2A4900xu/0VToXRfG3chUdQmZ2isdNUxg6b6Pu2 zuUlrHjM2Ho5A1yzQxEty0o3g2kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4aRHg F8mXqyFxzeyPqeph5ZJK/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWZlOTMxYWUtZTM1My00MzdkLTk3MzgtNzkwMDRjNWU5MTg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTA MA0GCSqGSIb3DQEBCwUAA4IBAQAnv58gVqTGavqv19bFqyjCkylLkdAP4K0GxTrB QTrjb8vD7vr435Inkqd9d3L68vPQ3wuo3Cfiw21IW2ttBLQIMZWUwgFmcyoAg/LH KqI9Yh6LZawLC75lFDvEUXoEz2FA+djM1QQDCPwiG48jmFoZvYyNrNgBq4VaKlbM +naBP2rDwe5kN5rxu6qlZazgTMdyb6kcmGeNrX6ai0ib9DmIT5AZSQJ3HtJjpv3M ysVrOweLnGYEwZ6Ej/Ak9X0qT1Dq/2t19/ZcWka7nxBjapg6hoHF1xAlp/+UmbH5 UDQDHLSFQFePwFxDiK871benI0Oj8opOMEMOxL8jLX3M/wTE -----END CERTIFICATE-----Generated at Fri Dec 12 13:57:30 2025 by rpki-client