This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa File: 7175e6ba-4879-48cc-b428-9cd0d88a156a.roa (raw, json) Hash identifier: vT9OfmrlTb7/sWkjtIcL5N0Lk9vUbDPdEDZjk/SHX44= Subject key identifier: C2:E7:70:69:20:D7:F1:5D:C1:FC:1F:BD:75:D0:8A:60:C3:30:E0:DC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 03DDE9C4AEA19C40B80D08015C6F3BC3AC461992 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa Signing time: Mon 08 Dec 2025 02:10:30 +0000 ROA not before: Mon 08 Dec 2025 02:10:30 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:dd:e9:c4:ae:a1:9c:40:b8:0d:08:01:5c:6f:3b:c3:ac:46:19:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 8 02:10:30 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=3d5723af5c4ea9458a6e5aaba48d46a424c134f565333e40e2e8b30c3bf65832, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:8c:07:87:6b:13:c7:78:65:2b:88:47:7e:eb: 6d:7b:ca:31:29:3e:73:01:24:00:be:b5:a9:94:d0: de:97:da:b1:3f:3a:ba:3d:df:cc:27:89:27:2e:0c: 69:b0:09:af:f4:cb:20:ba:aa:e6:10:6d:cd:ec:07: 3b:2c:ba:1d:25:f1:d5:77:7a:26:49:a9:b1:c5:a6: d8:27:c6:a2:9e:6d:0d:09:ec:a5:2d:81:f2:a5:97: 14:4a:80:df:89:75:ce:ae:b3:97:70:41:d6:c8:c8: 7b:de:14:58:80:ec:b3:23:cc:f9:25:3f:58:0e:71: 0d:7b:0d:1a:7a:bf:15:2f:e8:9c:f2:71:4f:a8:14: 2b:27:f1:65:6f:3e:a8:d6:6d:f0:90:33:33:e7:82: eb:95:88:e7:34:cf:2c:20:c1:4b:8d:14:50:ab:95: 30:6c:e2:88:dd:78:8f:f0:17:18:06:ac:04:cb:5f: df:b6:4d:d4:13:af:22:ea:20:99:16:d6:88:40:74: bf:5b:72:91:7f:a5:7b:04:15:35:08:46:5b:68:a2: 26:be:79:40:53:30:b7:21:d8:41:c6:f6:31:0c:b1: e2:b2:74:64:79:cd:46:6c:ac:1e:05:e3:c5:58:0b: c1:54:39:e1:9c:c9:a6:d3:8e:72:c2:62:03:fb:11: 4d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:E7:70:69:20:D7:F1:5D:C1:FC:1F:BD:75:D0:8A:60:C3:30:E0:DC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7175e6ba-4879-48cc-b428-9cd0d88a156a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:8c0::/48 Signature Algorithm: sha256WithRSAEncryption 01:36:d4:45:42:ea:b7:ec:fa:48:f6:07:73:6e:72:8a:72:0f: ba:9b:62:8d:32:4b:c1:c3:7f:17:89:41:de:30:ca:0a:a0:ed: 75:b9:64:62:be:0f:16:81:49:0f:68:82:af:12:79:51:64:0f: 37:0b:70:1b:f0:72:ac:86:7d:22:13:d7:cf:7a:1b:5f:d9:37: 7f:40:35:05:b9:fd:84:b4:12:5a:46:d2:98:0d:c4:23:88:7f: ce:85:bf:93:a8:bf:8b:4d:58:e8:9a:cc:2b:18:45:ed:23:33: f7:5c:35:53:db:ab:80:1c:be:9d:40:58:5f:6b:9f:04:5d:b1: 66:a5:1c:ba:3f:93:01:dd:5e:67:06:ff:6a:19:65:0c:99:5d: c0:9f:0c:d0:5d:9a:97:3f:b1:7f:57:78:1b:20:f5:f8:f3:44: 07:fd:de:0d:44:fd:19:2b:c9:4c:69:7b:a4:04:37:77:09:c7: 11:aa:0e:08:d0:2e:53:61:be:18:f4:55:43:ee:6c:83:d2:9b: 74:77:06:3c:b9:72:74:01:51:af:83:fe:7f:5b:e6:6c:d5:c1: a9:b1:39:be:b9:6e:70:48:db:c7:ac:82:47:f7:d4:85:6d:8e: 4d:c7:07:5e:67:83:85:83:c9:8c:83:17:7b:c5:b5:88:c5:50: 9d:51:9d:bc -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUA93pxK6hnEC4DQgBXG87w6xGGZIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDgwMjEwMzBaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDNkNTcyM2FmNWM0ZWE5NDU4YTZlNWFhYmE0OGQ0NmE0MjRjMTM0ZjU2NTMz M2U0MGUyZThiMzBjM2JmNjU4MzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOGMB4drE8d4ZSuIR37rbXvKMSk+cwEkAL61qZTQ3pfasT86uj3fzCeJJy4M abAJr/TLILqq5hBtzewHOyy6HSXx1Xd6JkmpscWm2CfGop5tDQnspS2B8qWXFEqA 34l1zq6zl3BB1sjIe94UWIDssyPM+SU/WA5xDXsNGnq/FS/onPJxT6gUKyfxZW8+ qNZt8JAzM+eC65WI5zTPLCDBS40UUKuVMGziiN14j/AXGAasBMtf37ZN1BOvIuog mRbWiEB0v1tykX+lewQVNQhGW2iiJr55QFMwtyHYQcb2MQyx4rJ0ZHnNRmysHgXj xVgLwVQ54ZzJptOOcsJiA/sRTckCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTC53Bp INfxXcH8H7110IpgwzDg3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzE3NWU2YmEtNDg3OS00OGNjLWI0MjgtOWNkMGQ4OGExNTZhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEI wDANBgkqhkiG9w0BAQsFAAOCAQEAATbURULqt+z6SPYHc25yinIPuptijTJLwcN/ F4lB3jDKCqDtdblkYr4PFoFJD2iCrxJ5UWQPNwtwG/ByrIZ9IhPXz3obX9k3f0A1 Bbn9hLQSWkbSmA3EI4h/zoW/k6i/i01Y6JrMKxhF7SMz91w1U9urgBy+nUBYX2uf BF2xZqUcuj+TAd1eZwb/ahllDJldwJ8M0F2alz+xf1d4GyD1+PNEB/3eDUT9GSvJ TGl7pAQ3dwnHEaoOCNAuU2G+GPRVQ+5sg9KbdHcGPLlydAFRr4P+f1vmbNXBqbE5 vrlucEjbx6yCR/fUhW2OTccHXmeDhYPJjIMXe8W1iMVQnVGdvA== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:17 2026 by rpki-client