This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json) Hash identifier: aV7ohTPbW0whB2NO7PFGHRwNpzHP6mRCrmJHbW5/p3E= Subject key identifier: 4B:45:EA:17:86:8D:7D:EF:BE:6A:67:C4:50:E2:9A:0F:AD:C4:2F:E4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4DDC881E411BA398AE76FEFE2857E34E7DE82577 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa Signing time: Wed 10 Dec 2025 06:00:06 +0000 ROA not before: Wed 10 Dec 2025 06:00:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:dc:88:1e:41:1b:a3:98:ae:76:fe:fe:28:57:e3:4e:7d:e8:25:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=0809932fba45a7931de035da60499e8f4712f74a5d39ec6b812b5a494092a769, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f9:87:86:b3:56:2e:11:b1:4d:43:e0:cb:29: f5:ad:3f:45:5b:22:78:d8:ef:f1:49:96:0c:96:17: ab:6f:1d:b6:c1:1d:0f:12:47:e3:9e:cc:71:c4:df: ff:ef:53:53:1f:8c:d6:6a:68:ff:75:51:d4:e1:f7: 40:a2:20:96:7e:15:88:42:28:71:cd:ec:ef:1f:6d: 6c:31:2d:f4:bc:40:27:83:29:a1:ce:f0:9a:70:9f: bc:c2:0e:1b:4b:16:4c:14:dc:09:fd:af:40:39:99: 23:d0:3e:fd:67:c9:49:af:52:d7:36:9c:6e:30:0c: d4:c9:ee:e9:23:cd:99:48:7b:6d:eb:ac:cb:b8:24: 4f:5d:1a:cf:db:48:bb:e8:ff:b5:e0:b9:4c:f1:71: e4:8a:d2:60:63:cb:03:fb:17:31:ed:b1:f3:e4:76: 97:e2:fc:10:02:b6:b2:ad:2f:fa:8f:2f:48:36:77: 9d:92:9b:93:04:0c:34:0e:9f:e2:be:c6:55:2a:4f: 3e:54:65:7a:6a:f9:10:f7:9c:93:24:b7:94:e9:36: ad:35:a0:51:11:70:c4:d5:5c:c5:f3:b6:ce:67:73: 18:77:f3:fa:81:e4:e8:28:42:1d:3f:d3:04:f2:b4: 78:cf:6e:0b:99:5a:72:bd:be:cc:7c:f3:68:11:24: 66:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:45:EA:17:86:8D:7D:EF:BE:6A:67:C4:50:E2:9A:0F:AD:C4:2F:E4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 44:03:0b:34:33:ac:4c:12:6b:c8:0e:a1:63:a8:67:4f:b1:93: 7f:e5:3a:0d:bd:e6:84:bc:b3:8f:b5:9e:39:c8:84:80:d2:1f: fc:6e:a7:c3:b5:45:fe:e5:79:17:30:69:37:29:d7:3a:25:62: e2:8a:f3:b9:c1:ba:88:b2:64:0d:8b:5c:a5:ef:d1:b8:1d:17: 7c:62:e2:8c:c3:64:b9:36:93:1b:16:29:46:5d:2d:e9:3f:d2: 60:43:ea:ff:2e:c6:19:ce:5e:36:11:b5:15:01:91:94:ac:19: be:8f:57:19:f7:e3:3b:2a:54:25:5b:53:6e:c6:c2:9a:dd:61: b3:e1:ec:11:35:65:77:e7:4f:66:6a:90:96:9e:04:c1:ba:1b: 35:5f:c6:58:cb:bc:82:d0:5c:8f:f3:52:5b:a6:b4:ea:ac:44: 41:07:de:61:c8:96:56:d7:ae:37:78:e8:13:96:4b:9a:af:cd: 88:87:dd:7f:47:f4:42:3e:93:39:8a:f6:f3:d6:82:15:27:0d: 5a:38:6e:1b:6c:f0:df:b6:11:4a:0f:66:46:72:ea:54:64:9f: 7e:ec:69:58:d7:cd:85:d9:33:ab:60:6e:c1:23:74:27:60:9a: 39:4e:b0:02:e0:2b:cc:e0:89:78:6b:f9:09:cf:25:28:3d:11: 5a:89:f9:25 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUTdyIHkEbo5iudv7+KFfjTn3oJXcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA4MDk5MzJmYmE0NWE3OTMxZGUwMzVkYTYwNDk5ZThmNDcxMmY3NGE1ZDM5 ZWM2YjgxMmI1YTQ5NDA5MmE3NjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMj5h4azVi4RsU1D4Msp9a0/RVsieNjv8UmWDJYXq28dtsEdDxJH457MccTf /+9TUx+M1mpo/3VR1OH3QKIgln4ViEIocc3s7x9tbDEt9LxAJ4Mpoc7wmnCfvMIO G0sWTBTcCf2vQDmZI9A+/WfJSa9S1zacbjAM1Mnu6SPNmUh7beusy7gkT10az9tI u+j/teC5TPFx5IrSYGPLA/sXMe2x8+R2l+L8EAK2sq0v+o8vSDZ3nZKbkwQMNA6f 4r7GVSpPPlRlemr5EPeckyS3lOk2rTWgURFwxNVcxfO2zmdzGHfz+oHk6ChCHT/T BPK0eM9uC5lacr2+zHzzaBEkZr0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRLReoX ho19775qZ8RQ4poPrcQv5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA wDANBgkqhkiG9w0BAQsFAAOCAQEARAMLNDOsTBJryA6hY6hnT7GTf+U6Db3mhLyz j7WeOciEgNIf/G6nw7VF/uV5FzBpNynXOiVi4orzucG6iLJkDYtcpe/RuB0XfGLi jMNkuTaTGxYpRl0t6T/SYEPq/y7GGc5eNhG1FQGRlKwZvo9XGffjOypUJVtTbsbC mt1hs+HsETVld+dPZmqQlp4EwbobNV/GWMu8gtBcj/NSW6a06qxEQQfeYciWVteu N3joE5ZLmq/NiIfdf0f0Qj6TOYr289aCFScNWjhuG2zw37YRSg9mRnLqVGSffuxp WNfNhdkzq2BuwSN0J2CaOU6wAuArzOCJeGv5Cc8lKD0RWon5JQ== -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:04 2026 by rpki-client