This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa File: 7d5bbe6e-da67-4af0-af12-c86f93a16721.roa (raw, json) Hash identifier: Surock92GjVgj8MwBwpxl5V8mg7XLmBKRZqioi+d1sY= Subject key identifier: 8A:9C:EC:AD:F2:5B:9B:EE:0D:53:8E:08:88:88:24:26:F5:70:69:D3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2B6376470F387262962BBF1498E58D5B1B7BCD4E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa Signing time: Wed 10 Dec 2025 05:20:28 +0000 ROA not before: Wed 10 Dec 2025 05:20:28 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:63:76:47:0f:38:72:62:96:2b:bf:14:98:e5:8d:5b:1b:7b:cd:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:28 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c2ea7c0fa41614cddfe00fc334786a5ccdf53436d0f219ab6269943b38630896, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ab:ca:a3:04:ac:f0:83:7a:c9:12:61:11:8d: 1f:9f:7b:2e:a0:cb:22:0b:f0:ca:40:a2:71:e3:2b: 4b:61:6d:16:e3:e3:0e:ee:e5:4e:d0:bd:cd:57:68: 14:7a:bd:4d:f4:6b:2e:cb:07:f1:a4:a7:77:e5:3d: c0:4a:9f:41:f6:92:5b:6a:f9:ab:5a:06:b2:12:32: a1:88:eb:b8:7a:af:c2:d9:bb:28:cb:40:09:e0:4c: 93:53:dd:93:75:df:06:42:aa:10:7f:b6:80:b8:a2: ba:51:e6:70:2c:80:88:51:e0:2b:a1:2f:40:a2:13: 63:4c:ec:31:62:78:f1:e7:2e:9a:20:88:89:a4:a6: a1:6c:d7:8c:0c:1a:fc:1b:5a:9d:5a:a7:fe:a0:b7: 60:9e:d0:3a:7c:85:3e:9d:33:aa:f8:af:68:bd:b5: f3:8b:b2:fa:7a:e3:7a:f5:b4:a7:46:79:c5:6c:25: 39:05:c0:7c:55:c4:97:70:4d:02:29:93:af:27:df: d3:c9:1e:7a:6f:2b:91:5b:21:17:6e:fc:7b:ae:eb: c2:a3:ac:f8:92:b4:1f:09:a9:99:53:8b:2d:ce:4b: 3d:64:08:91:9c:7c:4a:fe:00:ae:b5:35:61:ae:38: 67:b3:65:79:5f:87:16:89:f7:c1:12:e5:7e:6f:78: ae:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:9C:EC:AD:F2:5B:9B:EE:0D:53:8E:08:88:88:24:26:F5:70:69:D3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5bbe6e-da67-4af0-af12-c86f93a16721.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:6000::/40 Signature Algorithm: sha256WithRSAEncryption 40:17:ea:ef:aa:8a:ad:6f:15:41:77:cc:96:20:cb:c5:67:a6: f7:b7:3b:d2:01:89:45:9a:02:d0:5b:5b:86:38:10:18:d5:54: c6:45:de:15:5b:61:68:a1:18:f1:d1:f4:68:8f:cd:8e:be:65: 84:38:31:d8:f5:61:71:27:df:84:83:9e:a2:88:41:01:47:f6: ce:0b:0f:14:97:bc:af:1f:9e:68:d4:ba:2c:9b:93:ad:39:b3: 2a:70:7c:66:12:36:87:ea:74:6a:ed:8e:72:22:ab:ae:93:6f: 80:34:c4:88:f3:6a:a7:3b:db:e7:9e:50:e9:07:99:1d:25:f9: 07:4c:4e:27:c6:26:4c:29:35:51:d1:d1:af:b2:5d:3e:5f:99: 38:54:33:68:7b:64:fe:e4:4c:01:a6:a8:d7:aa:0b:c7:ce:ca: 56:aa:66:a5:83:26:4e:ab:44:2b:1d:d6:ce:23:57:d7:31:39: f0:6b:41:19:cd:95:69:27:db:a5:d3:61:f3:4c:e4:22:9d:a4: a2:f8:d6:b2:9a:14:0b:21:ef:e6:2c:7e:f8:f7:92:9e:51:c1: 2b:c5:d7:08:7e:f8:93:46:e8:e7:be:ee:13:9e:96:32:ce:7a: d7:c5:2f:35:21:f3:fd:05:ee:3d:e1:58:41:12:a4:34:30:5e: 6f:90:9b:55 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUK2N2Rw84cmKWK78UmOWNWxt7zU4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMjhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGMyZWE3YzBmYTQxNjE0Y2RkZmUwMGZjMzM0Nzg2YTVjY2RmNTM0MzZkMGYy MTlhYjYyNjk5NDNiMzg2MzA4OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuryqMErPCDeskSYRGNH597LqDLIgvwykCiceMrS2FtFuPjDu7lTtC9zVdo FHq9TfRrLssH8aSnd+U9wEqfQfaSW2r5q1oGshIyoYjruHqvwtm7KMtACeBMk1Pd k3XfBkKqEH+2gLiiulHmcCyAiFHgK6EvQKITY0zsMWJ48ecumiCIiaSmoWzXjAwa /BtanVqn/qC3YJ7QOnyFPp0zqvivaL2184uy+nrjevW0p0Z5xWwlOQXAfFXEl3BN AimTryff08keem8rkVshF278e67rwqOs+JK0HwmpmVOLLc5LPWQIkZx8Sv4ArrU1 Ya44Z7NleV+HFon3wRLlfm94rl0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKnOyt 8lub7g1TjgiIiCQm9XBp0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2Q1YmJlNmUtZGE2Ny00YWYwLWFmMTItYzg2ZjkzYTE2NzIxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g MA0GCSqGSIb3DQEBCwUAA4IBAQBAF+rvqoqtbxVBd8yWIMvFZ6b3tzvSAYlFmgLQ W1uGOBAY1VTGRd4VW2FooRjx0fRoj82OvmWEODHY9WFxJ9+Eg56iiEEBR/bOCw8U l7yvH55o1Losm5OtObMqcHxmEjaH6nRq7Y5yIquuk2+ANMSI82qnO9vnnlDpB5kd JfkHTE4nxiZMKTVR0dGvsl0+X5k4VDNoe2T+5EwBpqjXqgvHzspWqmalgyZOq0Qr HdbOI1fXMTnwa0EZzZVpJ9ul02HzTOQinaSi+NaymhQLIe/mLH7495KeUcErxdcI fviTRujnvu4TnpYyznrXxS81IfP9Be494VhBEqQ0MF5vkJtV -----END CERTIFICATE-----Generated at Fri Jan 9 00:51:59 2026 by rpki-client