This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json) Hash identifier: LpzC7jBgMYYFDqMa1DqYp1EWhFAoNCNrK7iMQmL8DpU= Subject key identifier: 1D:6F:D7:A9:56:EE:7B:84:CB:21:B7:4B:82:A4:8D:D3:53:64:ED:06 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 51DBB9CD3DA99199E58FED40C57D26EC3894B0A8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa Signing time: Wed 10 Dec 2025 05:41:19 +0000 ROA not before: Wed 10 Dec 2025 05:41:19 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:db:b9:cd:3d:a9:91:99:e5:8f:ed:40:c5:7d:26:ec:38:94:b0:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:19 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f77e80929b6e0baf7ab2f81373b88b15acfcf3d11b7497be8a1ca421f4b7732e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c2:cd:36:c9:2c:8d:43:40:5c:8e:d8:0c:0f: e2:e8:7e:c3:6a:a7:c4:11:76:4c:ef:04:51:34:93: 88:7f:d3:9d:d8:52:4a:8e:4f:f6:c5:3b:54:03:73: d1:3e:b3:41:10:74:dd:c3:ba:f0:1d:95:0a:a5:5b: a9:19:4a:59:7c:69:ab:e7:6d:a9:dd:2c:2f:7f:70: 39:a0:2b:c4:35:36:11:e0:61:76:eb:13:ea:5b:fe: c5:d1:cb:26:cb:ff:1e:a7:66:8e:6c:7f:04:77:ba: 67:f4:ae:9e:35:c8:bd:56:76:70:16:80:61:7e:88: 92:35:02:80:b5:a2:4f:d8:90:6a:eb:31:8f:e7:c0: fb:f1:d8:8b:72:b9:ab:48:1a:3f:7c:1b:9e:d2:bf: 4b:fb:06:e0:e8:7b:19:a7:c4:cd:33:29:70:4a:eb: 4f:73:72:f5:fa:72:45:cc:c8:5d:db:6e:fe:94:f0: 65:01:d1:5c:5d:7e:0b:73:97:cd:ad:53:37:65:8d: 08:92:a3:5a:87:d7:f8:ce:a3:2e:d9:20:7e:56:01: bf:ac:44:1a:cb:83:ee:e0:a7:b1:a1:e3:d1:28:26: 95:5f:f9:b1:ca:3b:ed:85:00:6f:67:63:d5:80:92: 9c:a5:04:33:b5:db:f0:a1:60:0e:ba:c4:7b:f5:82: d0:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:6F:D7:A9:56:EE:7B:84:CB:21:B7:4B:82:A4:8D:D3:53:64:ED:06 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014:800::/38 Signature Algorithm: sha256WithRSAEncryption a8:2f:ac:8e:61:8d:92:1e:0e:de:6f:c4:07:a4:bb:8b:d4:7e: f6:e0:56:93:23:66:8c:79:7e:af:12:bb:43:1b:62:e5:f5:23: 3f:2a:e6:dc:19:3c:3f:b7:a7:78:c7:77:a1:fa:b3:c9:a5:ff: 9e:f3:54:4a:fc:3b:40:da:cc:93:22:a1:37:7b:62:bf:dd:6a: 30:7a:b8:25:0f:74:35:17:43:9f:38:39:4e:d9:59:25:6c:83: 3c:23:25:f0:2f:a5:f3:ef:27:ed:4a:30:ae:25:ff:4f:a3:94: c5:6b:28:2b:38:e7:94:47:67:73:bd:7f:67:6a:d4:26:4e:f5: f5:8b:4e:d2:33:da:6f:5d:fd:3f:5d:d4:a3:82:36:0d:96:35: ab:0c:24:82:16:07:8a:7b:bc:ea:55:74:5f:cc:81:eb:49:56: c9:61:cd:b6:ff:22:1e:03:cd:11:96:08:d7:a9:67:92:78:4b: 06:b6:df:8b:97:da:7f:77:b1:57:9c:ff:fc:75:9e:e3:ff:cc: 24:45:a0:b0:15:50:5f:78:c3:ee:f8:49:01:94:7d:6c:05:d4: a0:34:b7:cd:7a:09:08:a5:f4:9d:5e:f5:a9:71:6b:9f:a4:42: 35:8c:95:0b:1a:b9:50:41:56:f2:dc:34:52:f0:71:06:97:ae: 17:e9:80:34 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUUdu5zT2pkZnlj+1AxX0m7DiUsKgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMTlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY3N2U4MDkyOWI2ZTBiYWY3YWIyZjgxMzczYjg4YjE1YWNmY2YzZDExYjc0 OTdiZThhMWNhNDIxZjRiNzczMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/CzTbJLI1DQFyO2AwP4uh+w2qnxBF2TO8EUTSTiH/TndhSSo5P9sU7VANz 0T6zQRB03cO68B2VCqVbqRlKWXxpq+dtqd0sL39wOaArxDU2EeBhdusT6lv+xdHL Jsv/Hqdmjmx/BHe6Z/SunjXIvVZ2cBaAYX6IkjUCgLWiT9iQausxj+fA+/HYi3K5 q0gaP3wbntK/S/sG4Oh7GafEzTMpcErrT3Ny9fpyRczIXdtu/pTwZQHRXF1+C3OX za1TN2WNCJKjWofX+M6jLtkgflYBv6xEGsuD7uCnsaHj0SgmlV/5sco77YUAb2dj 1YCSnKUEM7Xb8KFgDrrEe/WC0O8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdb9ep Vu57hMsht0uCpI3TU2TtBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI MA0GCSqGSIb3DQEBCwUAA4IBAQCoL6yOYY2SHg7eb8QHpLuL1H724FaTI2aMeX6v ErtDG2Ll9SM/KubcGTw/t6d4x3eh+rPJpf+e81RK/DtA2syTIqE3e2K/3Wowergl D3Q1F0OfODlO2VklbIM8IyXwL6Xz7yftSjCuJf9Po5TFaygrOOeUR2dzvX9natQm TvX1i07SM9pvXf0/XdSjgjYNljWrDCSCFgeKe7zqVXRfzIHrSVbJYc22/yIeA80R lgjXqWeSeEsGtt+Ll9p/d7FXnP/8dZ7j/8wkRaCwFVBfeMPu+EkBlH1sBdSgNLfN egkIpfSdXvWpcWufpEI1jJULGrlQQVby3DRS8HEGl64X6YA0 -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:19 2026 by rpki-client