This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa File: 7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa (raw, json) Hash identifier: FOQDNIwl4xfjj8hOUx5GpHHSgjA5U2zTiBrnEiUgQvI= Subject key identifier: 41:68:D7:4C:B3:42:7E:16:82:6A:EC:D8:F5:22:C9:D4:E3:17:55:32 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4D2C5B40588EBECFFF68375FA9F3EBCCB6AF23DC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa Signing time: Wed 10 Dec 2025 06:30:47 +0000 ROA not before: Wed 10 Dec 2025 06:30:47 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d012::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:2c:5b:40:58:8e:be:cf:ff:68:37:5f:a9:f3:eb:cc:b6:af:23:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:47 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=680ec367a49e58d239fcbd2cfe92b379c7c8325c64573d062d14d8b781f7cf1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ea:a4:d3:52:f3:8c:16:a8:9e:c3:ff:a9:73: 68:23:03:18:73:31:4b:76:c6:20:1d:0c:76:2a:dc: 56:fe:b6:61:cc:25:47:0e:09:48:76:e1:0d:b4:f6: 3e:a8:aa:fe:41:2c:03:c9:48:ff:4f:73:47:4c:75: b7:3e:e5:9d:ba:51:33:be:e7:86:e5:d6:51:df:e9: 81:7e:c2:f3:b7:83:76:ca:43:19:df:34:d2:65:42: 0b:4f:56:53:36:91:dc:f8:db:50:82:b1:8c:cd:08: 03:a3:63:01:1b:40:fb:8e:21:67:19:c1:d9:69:fb: 9d:f0:52:db:6b:4e:01:be:2b:b2:c1:71:e2:01:0b: bc:50:40:37:0c:8d:31:58:a7:06:a2:03:72:93:a1: a4:79:b8:c8:f6:8c:bc:ff:11:1f:f2:bc:3b:6b:1f: a2:7e:90:e8:88:aa:e8:66:d1:03:79:18:8d:91:43: dc:57:3c:60:f3:14:c3:04:c7:c2:8c:23:62:7c:66: 91:9c:42:9c:c5:b8:25:c7:b7:1e:10:87:85:76:b6: 3b:96:c8:06:1f:a0:c0:ec:ad:3f:66:18:69:86:e1: 0b:4e:70:0a:37:c4:03:61:9b:aa:b8:18:1e:b0:57: aa:d3:90:78:5d:e5:f4:d9:d6:a0:10:a8:4c:56:f8: ea:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:68:D7:4C:B3:42:7E:16:82:6A:EC:D8:F5:22:C9:D4:E3:17:55:32 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d012::/36 Signature Algorithm: sha256WithRSAEncryption 02:37:f4:50:e4:6f:c3:5f:31:cb:2a:d1:8f:7f:79:a1:73:10: 4a:59:46:8b:8e:79:a4:fc:c7:81:32:0b:07:df:1e:cb:56:66: 87:c3:9a:dd:e8:23:49:e4:30:09:78:3d:12:40:2b:0d:5b:bf: c9:8a:e2:d7:9d:a8:5e:d9:2a:19:bf:44:0c:6e:0c:04:26:25: 63:b2:25:a7:94:b4:fc:4c:29:dc:c9:93:9c:f4:8b:f3:bb:78: de:06:f0:ca:0f:de:21:b3:61:ce:c3:4e:18:2c:93:f8:1f:c3: 4d:86:3d:07:38:8a:21:c3:74:29:f0:23:4d:d8:8f:60:31:02: a6:3b:43:bf:49:30:80:6d:2b:59:e2:a4:fa:54:08:b3:aa:fc: 6c:58:dc:2f:c7:bf:06:43:b9:7c:28:fb:3d:93:6f:91:4c:ef: 8c:a7:a8:78:4d:f2:19:20:e7:00:5f:56:a5:c9:fe:da:05:d9: b6:2c:f1:6e:56:d4:93:59:cb:f4:09:b0:bd:86:dc:6c:74:b0: 8e:42:e6:f9:7a:61:4b:37:7e:60:a4:d0:4e:63:54:87:1f:52: c3:a4:4f:e7:e8:34:e8:bd:be:47:70:a1:31:82:82:96:d9:75: 60:03:2b:d4:bc:c3:e7:c2:2a:c2:4a:ae:04:65:dc:ae:77:60: a1:ca:b1:05 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTSxbQFiOvs//aDdfqfPrzLavI9wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDY4MGVjMzY3YTQ5ZTU4ZDIzOWZjYmQyY2ZlOTJiMzc5YzdjODMyNWM2NDU3 M2QwNjJkMTRkOGI3ODFmN2NmMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMnqpNNS84wWqJ7D/6lzaCMDGHMxS3bGIB0MdircVv62YcwlRw4JSHbhDbT2 Pqiq/kEsA8lI/09zR0x1tz7lnbpRM77nhuXWUd/pgX7C87eDdspDGd800mVCC09W UzaR3PjbUIKxjM0IA6NjARtA+44hZxnB2Wn7nfBS22tOAb4rssFx4gELvFBANwyN MVinBqIDcpOhpHm4yPaMvP8RH/K8O2sfon6Q6Iiq6GbRA3kYjZFD3Fc8YPMUwwTH wowjYnxmkZxCnMW4Jce3HhCHhXa2O5bIBh+gwOytP2YYaYbhC05wCjfEA2GbqrgY HrBXqtOQeF3l9NnWoBCoTFb46uUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBaNdM s0J+FoJq7Nj1IsnU4xdVMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2RmNzY2NDktZGNjMC00ZjhjLWJlNmItMTNmY2EyN2VjNGYyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA MA0GCSqGSIb3DQEBCwUAA4IBAQACN/RQ5G/DXzHLKtGPf3mhcxBKWUaLjnmk/MeB MgsH3x7LVmaHw5rd6CNJ5DAJeD0SQCsNW7/JiuLXnahe2SoZv0QMbgwEJiVjsiWn lLT8TCncyZOc9Ivzu3jeBvDKD94hs2HOw04YLJP4H8NNhj0HOIohw3Qp8CNN2I9g MQKmO0O/STCAbStZ4qT6VAizqvxsWNwvx78GQ7l8KPs9k2+RTO+Mp6h4TfIZIOcA X1alyf7aBdm2LPFuVtSTWcv0CbC9htxsdLCOQub5emFLN35gpNBOY1SHH1LDpE/n 6DTovb5HcKExgoKW2XVgAyvUvMPnwirCSq4EZdyud2ChyrEF -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:31 2026 by rpki-client