This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json) Hash identifier: cnyKHuzYsJN993vuXcy/N5dlVkABpK/Pv63kuseiuX8= Subject key identifier: 9B:2C:54:24:80:6A:5B:22:20:F1:BB:46:54:3E:BC:C8:19:88:5B:2C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 627DEDE39A512A6E662E9F53C6E2F54BF034D60E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa Signing time: Wed 10 Dec 2025 06:10:08 +0000 ROA not before: Wed 10 Dec 2025 06:10:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:7d:ed:e3:9a:51:2a:6e:66:2e:9f:53:c6:e2:f5:4b:f0:34:d6:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9708ff579abd1d5efd5a0179a7c0b67ea228f906973c22de93fa1da355553da0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ff:44:0d:50:75:aa:e8:01:9e:50:d9:60:31: 13:a1:38:b0:08:83:45:c0:68:4d:f7:dd:83:86:b7: ea:1b:25:6d:1c:98:2f:a5:87:6b:18:18:ec:74:94: d7:38:84:b9:bb:5e:9c:d9:7c:20:b3:65:d8:d5:b1: 9d:07:16:bd:5b:0d:56:38:73:d1:29:14:bf:d2:1a: 8f:62:3e:fc:84:5e:b1:c8:96:cb:9a:05:23:70:51: ed:9e:ec:8e:66:8e:8d:8e:f7:53:05:dc:29:fe:ee: ef:99:98:33:aa:e5:bb:0c:79:28:0e:a1:11:92:fc: 94:b3:83:fa:de:1e:1b:95:6f:8c:52:3f:0f:9a:d1: 54:bd:ea:c7:a7:b1:14:42:fd:1d:55:49:7a:b2:72: 39:ee:4b:00:9f:ee:cc:0a:1c:fa:97:68:7d:06:c6: 3f:fa:05:d5:26:af:80:77:6e:68:02:d6:31:86:95: 4b:54:52:c2:24:06:c4:8f:e0:42:d4:c3:e6:66:14: 76:d7:eb:01:84:ec:b9:cd:1f:11:3a:6a:cb:58:79: 75:51:8a:7c:c5:95:0c:c4:10:c6:c5:88:92:2b:65: f6:0c:a0:4e:0e:0e:eb:67:62:c4:4a:58:d5:0e:9f: 1a:92:95:63:85:aa:49:9b:03:8e:47:8f:a6:7a:0f: 72:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:2C:54:24:80:6A:5B:22:20:F1:BB:46:54:3E:BC:C8:19:88:5B:2C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 8b:67:09:5d:c4:de:8b:ab:ea:a2:1b:f9:a5:54:fe:52:69:e2: 4d:d1:02:7a:c2:dd:2b:2d:1d:e2:36:ee:73:e7:41:f6:0b:ae: 86:1c:14:41:9f:fa:91:c2:18:f7:b1:76:da:fa:1c:4f:d9:a0: 2c:fe:ea:bc:98:db:e7:29:d5:80:6c:e4:ff:58:ff:eb:11:db: 7a:e9:f8:77:6b:c2:ca:a2:8c:c0:2e:9e:81:ea:ee:b7:86:1e: 07:92:a2:8a:37:68:ff:85:02:1b:59:0e:be:e4:aa:3e:64:ff: dc:f6:fe:78:97:66:98:87:df:d3:54:36:5a:59:64:c6:28:9d: b5:21:79:ba:9e:c6:51:c6:a7:5e:e1:02:65:4e:c7:b1:aa:0c: 77:0b:26:14:43:8e:5e:a5:38:bc:00:80:55:a6:a8:54:30:cd: bf:1a:8c:e8:43:47:bb:2c:63:6a:de:92:48:ff:22:85:93:a4: be:9b:b3:79:e5:ff:d0:ad:39:9f:5a:5d:f7:e6:94:3c:ca:ee: 3c:00:ac:72:ef:f5:57:6e:a4:ab:7a:b4:3b:c3:4d:83:97:3e: de:5b:4f:c0:29:d0:44:3d:cd:d8:f7:ac:8e:00:e4:5f:33:14: c5:d2:35:d1:74:1f:16:f5:ef:bb:f7:f4:01:c6:b7:ce:a0:14: f5:88:c5:ea -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUYn3t45pRKm5mLp9TxuL1S/A01g4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDk3MDhmZjU3OWFiZDFkNWVmZDVhMDE3OWE3YzBiNjdlYTIyOGY5MDY5NzNj MjJkZTkzZmExZGEzNTU1NTNkYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANr/RA1QdaroAZ5Q2WAxE6E4sAiDRcBoTffdg4a36hslbRyYL6WHaxgY7HSU 1ziEubtenNl8ILNl2NWxnQcWvVsNVjhz0SkUv9Iaj2I+/IResciWy5oFI3BR7Z7s jmaOjY73UwXcKf7u75mYM6rluwx5KA6hEZL8lLOD+t4eG5VvjFI/D5rRVL3qx6ex FEL9HVVJerJyOe5LAJ/uzAoc+pdofQbGP/oF1SavgHduaALWMYaVS1RSwiQGxI/g QtTD5mYUdtfrAYTsuc0fETpqy1h5dVGKfMWVDMQQxsWIkitl9gygTg4O62dixEpY 1Q6fGpKVY4WqSZsDjkePpnoPco8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSbLFQk gGpbIiDxu0ZUPrzIGYhbLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA wDANBgkqhkiG9w0BAQsFAAOCAQEAi2cJXcTei6vqohv5pVT+UmniTdECesLdKy0d 4jbuc+dB9guuhhwUQZ/6kcIY97F22vocT9mgLP7qvJjb5ynVgGzk/1j/6xHbeun4 d2vCyqKMwC6egerut4YeB5Kiijdo/4UCG1kOvuSqPmT/3Pb+eJdmmIff01Q2Wllk xiidtSF5up7GUcanXuECZU7HsaoMdwsmFEOOXqU4vACAVaaoVDDNvxqM6ENHuyxj at6SSP8ihZOkvpuzeeX/0K05n1pd9+aUPMruPACscu/1V26kq3q0O8NNg5c+3ltP wCnQRD3N2PesjgDkXzMUxdI10XQfFvXvu/f0Aca3zqAU9YjF6g== -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:10 2026 by rpki-client