This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa File: 60b690d0-a362-4547-bf57-d14f49f40869.roa (raw, json) Hash identifier: h/55z6xi1gWJditMKtMHInPwMUgaXY8eC1l3DmJHbDo= Subject key identifier: 5C:49:8C:94:CB:28:37:23:DB:AB:89:58:F2:0E:E5:DD:12:09:2F:11 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 18CBB69D8059F3062509C6DFACF82A0E86390449 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa Signing time: Wed 10 Dec 2025 05:30:44 +0000 ROA not before: Wed 10 Dec 2025 05:30:44 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d018:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:cb:b6:9d:80:59:f3:06:25:09:c6:df:ac:f8:2a:0e:86:39:04:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:44 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=bf9b9a7dfe3daef52eb4bd9c9983732dc5b69536bb7970ce21d3c89014ac13e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:1a:8b:81:5d:6a:44:51:d3:c2:bd:c6:f3:a8: a3:4a:57:64:39:34:0c:8e:fa:ea:bf:07:85:2c:02: 6a:a1:b0:20:55:38:6d:cc:ba:93:07:d7:36:18:b0: de:e2:23:ab:b3:4f:80:8a:9d:a9:3f:38:80:57:3b: 6c:63:16:fa:0a:1f:63:94:16:58:cf:fe:d8:ac:0d: 4d:62:7b:93:36:f5:b9:eb:3a:12:1b:5b:1c:1b:18: b9:65:f8:19:03:5b:ba:24:5e:09:75:38:f1:a6:5e: 0e:3a:af:5b:52:b6:c2:0a:8b:94:b0:c7:88:59:ce: c1:9e:3c:f6:09:1c:d1:da:a7:d1:0c:95:00:3e:17: a3:57:f0:f9:26:69:5c:13:31:2e:b3:4b:39:59:42: 67:77:8b:7b:31:f2:af:25:32:42:53:72:e0:bc:2a: 5b:1d:30:07:e3:54:15:64:e2:d5:7b:18:ef:e9:fa: 20:d5:ee:2e:a3:63:6e:2c:e2:22:b9:65:95:ee:93: ac:5e:53:07:3c:0b:e3:25:04:cc:ab:1f:4f:b9:75: 1d:4f:7e:32:6d:be:2c:0e:ee:f6:49:7d:1c:98:c8: 89:44:60:b2:30:34:87:eb:26:05:27:88:c7:5c:d3: 31:5b:c9:b2:17:96:93:1e:62:22:55:55:4e:10:bc: 0d:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:49:8C:94:CB:28:37:23:DB:AB:89:58:F2:0E:E5:DD:12:09:2F:11 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d018:400::/38 Signature Algorithm: sha256WithRSAEncryption 4b:71:e8:4c:23:ef:aa:0b:c0:b7:90:a6:10:80:d1:23:18:02: 89:2d:81:3d:d1:b9:f9:ba:98:b0:9b:84:4c:92:0f:18:26:b3: d6:46:02:84:1f:58:d2:7a:67:b9:b3:1c:1e:f6:3c:dd:17:61: 55:ee:c6:09:42:46:9b:32:5c:24:b0:a7:81:fe:f4:c6:c4:1d: 81:12:0f:00:4b:0c:2a:58:cc:bb:8d:99:fe:c0:e5:b5:04:c2: 95:c8:e8:ea:69:18:46:ea:a1:66:ee:d6:79:db:56:ed:0e:78: 7d:41:f6:5f:9d:e3:a3:51:f5:0b:02:bd:63:b9:1f:5d:9e:07: 3d:ce:a1:c8:f3:93:73:4c:bd:0c:8b:0a:d4:4d:67:f1:c5:71: ce:a0:92:6d:e7:44:91:f2:c8:66:c1:f7:fe:43:21:8e:7f:77: d9:f6:f9:b4:0c:0b:6b:8c:9f:a4:98:13:d0:5e:9d:dd:a9:65: b7:2c:a6:8e:0a:37:e4:a9:da:a3:4a:3b:b7:d2:b7:74:df:9b: fa:e2:97:a8:1d:d7:70:d2:a2:12:cf:ed:01:c5:c2:71:89:0a: e1:35:92:a3:ad:82:08:85:e1:0d:00:ed:ee:92:f5:c6:df:48: ad:17:7e:a5:88:20:7a:9d:1b:00:cb:4c:20:7b:84:5d:14:f1: 7b:19:d1:c6 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGMu2nYBZ8wYlCcbfrPgqDoY5BEkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJmOWI5YTdkZmUzZGFlZjUyZWI0YmQ5Yzk5ODM3MzJkYzViNjk1MzZiYjc5 NzBjZTIxZDNjODkwMTRhYzEzZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4ai4FdakRR08K9xvOoo0pXZDk0DI766r8HhSwCaqGwIFU4bcy6kwfXNhiw 3uIjq7NPgIqdqT84gFc7bGMW+gofY5QWWM/+2KwNTWJ7kzb1ues6EhtbHBsYuWX4 GQNbuiReCXU48aZeDjqvW1K2wgqLlLDHiFnOwZ489gkc0dqn0QyVAD4Xo1fw+SZp XBMxLrNLOVlCZ3eLezHyryUyQlNy4LwqWx0wB+NUFWTi1XsY7+n6INXuLqNjbizi Irllle6TrF5TBzwL4yUEzKsfT7l1HU9+Mm2+LA7u9kl9HJjIiURgsjA0h+smBSeI x1zTMVvJsheWkx5iIlVVThC8DQsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcSYyU yyg3I9uriVjyDuXdEgkvETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjBiNjkwZDAtYTM2Mi00NTQ3LWJmNTctZDE0ZjQ5ZjQwODY5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgE MA0GCSqGSIb3DQEBCwUAA4IBAQBLcehMI++qC8C3kKYQgNEjGAKJLYE90bn5upiw m4RMkg8YJrPWRgKEH1jSeme5sxwe9jzdF2FV7sYJQkabMlwksKeB/vTGxB2BEg8A SwwqWMy7jZn+wOW1BMKVyOjqaRhG6qFm7tZ521btDnh9QfZfneOjUfULAr1juR9d ngc9zqHI85NzTL0MiwrUTWfxxXHOoJJt50SR8shmwff+QyGOf3fZ9vm0DAtrjJ+k mBPQXp3dqWW3LKaOCjfkqdqjSju30rd035v64peoHddw0qISz+0BxcJxiQrhNZKj rYIIheENAO3ukvXG30itF36liCB6nRsAy0wge4RdFPF7GdHG -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:38 2026 by rpki-client