This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa File: 7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa (raw, json) Hash identifier: FCR8MrOr7zBW9b017pWRjwkDm80Iw+rRP7mAae95El0= Subject key identifier: 7A:7A:46:69:BC:94:CE:32:48:C6:AA:F9:4A:6A:65:56:46:FE:63:4D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 602B55555F8BE3D9D9365902D378E374A55D9D5B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa Signing time: Wed 10 Dec 2025 05:20:09 +0000 ROA not before: Wed 10 Dec 2025 05:20:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d027::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:2b:55:55:5f:8b:e3:d9:d9:36:59:02:d3:78:e3:74:a5:5d:9d:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1fc96a60da3f2909ec27f93e77f513ab725554d55f08b9a851b3437508cb6e1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:98:0b:50:ef:9d:b2:cf:86:e7:23:69:43:a7: 54:9c:33:3f:28:15:33:6f:62:9e:f9:ab:f7:c5:7b: 02:b7:cf:e8:21:6a:6b:77:ba:7f:de:f5:8b:b4:ec: 97:f2:a3:f1:77:06:8c:e2:e9:80:48:6e:d6:cd:2c: b6:0c:d5:fb:7a:a7:cd:e4:79:be:18:e8:c8:2e:63: 72:8d:72:7a:fb:a5:49:b6:1d:6b:07:2f:d8:75:6a: c4:35:09:5e:66:11:d1:d7:33:a6:b9:89:73:ef:66: 94:a7:88:9e:9d:96:8f:ac:69:54:74:18:e4:8b:43: f2:0f:56:b2:fc:6c:08:56:8f:00:6f:a8:ad:7f:e9: 27:4e:e1:1a:4c:bb:3d:f4:95:99:ab:1a:43:b1:99: 39:7a:e4:4a:91:e5:84:11:e7:9a:12:18:02:53:9f: 23:59:17:9b:20:4a:40:e6:20:b3:70:57:94:d9:08: df:b4:55:45:4a:bc:7c:52:21:9c:ce:b1:68:16:cc: 8c:59:ed:bd:84:c8:39:a3:d0:84:e6:e1:b1:59:b8: f0:a1:2a:aa:3b:a6:a2:b0:db:db:c1:9a:b6:91:5b: 48:06:f0:49:a9:41:c8:96:eb:42:86:d0:ce:c7:b8: ff:c4:3b:ea:ac:1e:69:ae:f3:43:c9:e6:54:b8:42: 33:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:7A:46:69:BC:94:CE:32:48:C6:AA:F9:4A:6A:65:56:46:FE:63:4D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7bcbf9f3-7a63-42a2-9b58-4c0c10fc34dc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d027::/36 Signature Algorithm: sha256WithRSAEncryption 4e:cf:a6:5b:d4:bd:3c:9c:9c:1a:bd:72:9a:3a:1c:96:a3:9a: d4:26:9a:a0:81:80:d6:ca:a2:70:bd:b5:40:a5:b1:bb:08:26: 84:7e:81:38:ec:ba:fd:01:a7:a8:23:ba:38:b3:0b:ff:70:83: 7e:7e:59:20:45:9e:cd:80:28:5a:40:1e:81:2e:e8:9e:cc:b3: 80:47:62:00:0f:e8:38:93:aa:ae:7a:d8:5f:22:2f:ae:ee:a0: 42:6b:86:64:a1:16:d3:e9:a9:83:80:14:5f:17:05:97:4c:fd: b1:11:40:9d:b2:c6:f2:42:b4:29:de:24:fa:ee:21:4c:d8:1f: d2:82:0e:20:01:d9:4a:7b:67:84:58:6b:35:b1:0e:53:ec:71: b3:8d:8b:f5:d7:5b:d4:f1:49:8b:80:28:97:40:4a:74:86:ae: 30:d5:44:c0:7b:2b:b3:f6:d4:d7:b7:c8:d4:4c:5a:f2:d9:f4: 82:e7:b4:0d:25:cf:66:30:3b:de:c3:85:78:12:b6:8f:9a:e3: c5:6d:8e:f0:20:42:cd:a9:b5:8e:5f:de:a2:ef:8b:86:1c:55: 4f:cb:c1:f6:68:8b:b4:73:05:b3:9e:52:94:3a:b3:a5:33:17: 94:79:f6:8d:8a:18:44:60:65:af:58:04:d9:2c:35:95:65:1f: a2:ce:2f:1b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYCtVVV+L49nZNlkC03jjdKVdnVswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFmYzk2YTYwZGEzZjI5MDllYzI3ZjkzZTc3ZjUxM2FiNzI1NTU0ZDU1ZjA4 YjlhODUxYjM0Mzc1MDhjYjZlMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuYC1DvnbLPhucjaUOnVJwzPygVM29invmr98V7ArfP6CFqa3e6f971i7Ts l/Kj8XcGjOLpgEhu1s0stgzV+3qnzeR5vhjoyC5jco1yevulSbYdawcv2HVqxDUJ XmYR0dczprmJc+9mlKeInp2Wj6xpVHQY5ItD8g9WsvxsCFaPAG+orX/pJ07hGky7 PfSVmasaQ7GZOXrkSpHlhBHnmhIYAlOfI1kXmyBKQOYgs3BXlNkI37RVRUq8fFIh nM6xaBbMjFntvYTIOaPQhObhsVm48KEqqjumorDb28GatpFbSAbwSalByJbrQobQ zse4/8Q76qweaa7zQ8nmVLhCM8MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6ekZp vJTOMkjGqvlKamVWRv5jTTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2JjYmY5ZjMtN2E2My00MmEyLTliNTgtNGMwYzEwZmMzNGRjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CcA MA0GCSqGSIb3DQEBCwUAA4IBAQBOz6Zb1L08nJwavXKaOhyWo5rUJpqggYDWyqJw vbVApbG7CCaEfoE47Lr9AaeoI7o4swv/cIN+flkgRZ7NgChaQB6BLuiezLOAR2IA D+g4k6quethfIi+u7qBCa4ZkoRbT6amDgBRfFwWXTP2xEUCdssbyQrQp3iT67iFM 2B/Sgg4gAdlKe2eEWGs1sQ5T7HGzjYv111vU8UmLgCiXQEp0hq4w1UTAeyuz9tTX t8jUTFry2fSC57QNJc9mMDvew4V4EraPmuPFbY7wIELNqbWOX96i74uGHFVPy8H2 aIu0cwWznlKUOrOlMxeUefaNihhEYGWvWATZLDWVZR+izi8b -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:28 2026 by rpki-client