This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa File: 5fe931ae-e353-437d-9738-79004c5e9188.roa (raw, json) Hash identifier: B5/6A9U0joLzWkDJYfxpM9Wi/CVbI6N/uOgYoS6iOYA= Subject key identifier: 26:7C:C2:CC:8A:5D:9E:01:D1:EE:E7:32:8F:98:BC:44:76:23:12:99 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 493A3DC5974746944D68C88A56AAD9B57D557536 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa Signing time: Sat 15 Nov 2025 06:30:30 +0000 ROA not before: Sat 15 Nov 2025 06:30:30 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 22 Nov 2025 09:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:3a:3d:c5:97:47:46:94:4d:68:c8:8a:56:aa:d9:b5:7d:55:75:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:30 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=67b8cf846a05edd250821e556b2a49bb2ee9787af97a6e8d86241984943e9e1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:73:c8:89:6f:91:f2:df:4b:9a:fd:1c:cd:38: 5d:cb:02:08:7f:f0:5b:a9:fb:81:9e:d5:fd:85:5f: 30:99:17:96:45:d8:30:59:f3:e3:dc:d8:ad:11:bb: 9a:13:aa:75:aa:88:f3:14:61:a0:6c:be:93:f9:b3: ef:48:6a:83:4e:04:d7:88:31:79:8c:db:87:8e:7e: 90:12:5d:96:fa:fb:df:46:31:d3:75:0d:e7:ab:67: b6:1b:c2:cc:00:74:fc:17:1a:3b:c0:53:6c:41:84: d8:cc:91:ad:8c:16:60:ef:a7:a7:b8:77:f8:93:00: 70:78:49:42:e1:f9:5b:03:26:6e:7f:bd:10:3c:e1: 03:d1:0e:47:3d:05:b1:64:6a:3b:19:79:9d:b7:79: d1:d2:f7:22:41:b9:52:2d:38:5f:5f:c2:05:f1:1c: a1:7e:3d:e8:e5:79:0e:61:49:0f:bb:34:88:b5:d4: d0:f3:d8:ea:69:fc:0c:ec:e1:11:8d:05:1b:52:1f: 5c:ac:82:23:75:cf:86:c4:39:92:bd:15:3a:b7:d6: d3:95:c4:20:1a:78:3b:3b:6a:32:44:f5:d8:ac:d6: 7e:ba:ac:b4:34:d8:fa:1a:24:0d:8b:6f:19:48:29: 66:50:cb:fd:b5:47:83:54:e2:fe:08:93:8e:4c:1a: 21:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:7C:C2:CC:8A:5D:9E:01:D1:EE:E7:32:8F:98:BC:44:76:23:12:99 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:c000::/40 Signature Algorithm: sha256WithRSAEncryption 34:b8:0f:5b:af:e2:dc:57:12:19:97:be:af:1d:5c:d8:0a:00: 84:d9:d0:9b:ad:33:01:f6:35:9d:bb:c7:8f:3f:3f:7a:6b:8c: 4a:9b:bf:9c:96:b0:9b:4a:70:c0:bb:5f:28:05:43:57:f0:77: 92:e9:ed:f5:95:b0:4a:ba:77:d1:10:73:4b:ea:b5:d8:a9:25: 51:5e:e6:36:36:28:fa:76:fd:56:91:2c:cc:f3:d5:80:94:2d: d7:e9:fc:3f:e3:b5:62:f5:e0:7b:53:ae:43:98:47:44:59:2d: 30:33:74:60:8c:81:5c:b4:45:49:55:19:35:03:45:7e:02:4d: a5:23:5e:22:cb:0f:d5:b0:3f:65:5a:67:e0:84:1a:1b:12:3e: 68:45:ad:92:b0:24:c4:1d:f9:03:64:da:91:b5:d4:ee:f9:d3: ec:11:fd:11:9f:f0:b5:a4:4f:5d:5e:a6:37:ba:d5:57:8e:54: 91:69:cb:e2:e5:03:1c:59:86:fe:ef:ad:4b:08:de:0b:1d:0f: 7b:8b:0b:35:19:13:c8:ef:58:f7:77:17:10:a0:47:fe:92:86: 29:a8:62:72:90:67:36:3e:2c:31:9a:e8:73:83:04:01:c9:88: 23:d8:83:d4:4b:33:3d:0a:0e:07:a1:7e:2e:c5:08:c5:d4:0e: 65:6a:8d:e3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUSTo9xZdHRpRNaMiKVqrZtX1VdTYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMzBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDY3YjhjZjg0NmEwNWVkZDI1MDgyMWU1NTZiMmE0OWJiMmVlOTc4N2FmOTdh NmU4ZDg2MjQxOTg0OTQzZTllMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1zyIlvkfLfS5r9HM04XcsCCH/wW6n7gZ7V/YVfMJkXlkXYMFnz49zYrRG7 mhOqdaqI8xRhoGy+k/mz70hqg04E14gxeYzbh45+kBJdlvr730Yx03UN56tnthvC zAB0/BcaO8BTbEGE2MyRrYwWYO+np7h3+JMAcHhJQuH5WwMmbn+9EDzhA9EORz0F sWRqOxl5nbd50dL3IkG5Ui04X1/CBfEcoX496OV5DmFJD7s0iLXU0PPY6mn8DOzh EY0FG1IfXKyCI3XPhsQ5kr0VOrfW05XEIBp4OztqMkT12KzWfrqstDTY+hokDYtv GUgpZlDL/bVHg1Ti/giTjkwaIZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmfMLM il2eAdHu5zKPmLxEdiMSmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWZlOTMxYWUtZTM1My00MzdkLTk3MzgtNzkwMDRjNWU5MTg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTA MA0GCSqGSIb3DQEBCwUAA4IBAQA0uA9br+LcVxIZl76vHVzYCgCE2dCbrTMB9jWd u8ePPz96a4xKm7+clrCbSnDAu18oBUNX8HeS6e31lbBKunfREHNL6rXYqSVRXuY2 Nij6dv1WkSzM89WAlC3X6fw/47Vi9eB7U65DmEdEWS0wM3RgjIFctEVJVRk1A0V+ Ak2lI14iyw/VsD9lWmfghBobEj5oRa2SsCTEHfkDZNqRtdTu+dPsEf0Rn/C1pE9d XqY3utVXjlSRacvi5QMcWYb+761LCN4LHQ97iws1GRPI71j3dxcQoEf+koYpqGJy kGc2PiwxmuhzgwQByYgj2IPUSzM9Cg4HoX4uxQjF1A5lao3j -----END CERTIFICATE-----Generated at Fri Nov 21 12:03:08 2025 by rpki-client