This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa File: 868cbba8-4804-4fbd-b9b8-7e9402c44956.roa (raw, json) Hash identifier: 1Wv/a1ENcmMidT62h3CIleSxLX5rDjwFIxlYJ04+/NE= Subject key identifier: D3:96:1B:E2:39:B1:E4:46:51:2C:7C:5E:4F:97:5D:91:71:82:E7:A4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 31978A1FBCBB285319BE9154C8F4AD1E50B9E903 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa Signing time: Wed 10 Dec 2025 05:50:58 +0000 ROA not before: Wed 10 Dec 2025 05:50:58 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:97:8a:1f:bc:bb:28:53:19:be:91:54:c8:f4:ad:1e:50:b9:e9:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:58 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a08c3717ee3f7e106b935e4c939beae36405a056026b75179ee09d3c7f5b94b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:4f:19:e4:f1:14:4f:ec:6b:a2:06:db:91:48: b6:75:95:a1:31:f4:0d:01:31:a6:89:bb:d5:3f:7d: 4b:b0:44:99:3b:e3:57:58:73:62:c4:83:3f:2e:e8: 4c:c1:47:14:90:bc:f2:47:7a:f4:f0:02:89:2a:b5: 43:db:10:67:f8:a4:d2:cb:66:e9:cf:ef:d8:bb:3b: 42:c7:55:7b:e6:8e:d3:7e:41:58:4a:f3:cf:79:54: 47:1e:f6:74:ee:cb:97:ef:b3:9a:5e:9c:3b:e2:2f: 69:b2:86:22:34:c0:35:01:0f:52:3c:92:c8:ce:7b: f4:ce:d3:c0:28:eb:1b:a2:d2:23:c3:08:35:75:29: f1:4e:64:2b:cc:10:f6:e0:ea:53:4a:03:a4:6b:ba: a3:8f:91:3d:2c:60:ad:8e:b6:af:ac:f6:c3:90:01: 2a:e9:e7:7c:c3:11:d6:90:b0:ad:4b:2d:55:4c:5b: 17:f8:7a:1d:94:22:36:71:a2:9f:97:6e:6f:2d:fc: a6:8e:45:6d:2f:cf:c7:e6:32:dc:b4:ff:f5:61:e7: ce:c9:d6:a7:9b:b6:23:ba:68:ae:0d:91:bc:55:2d: 7d:eb:56:4d:57:2a:5a:f8:df:d5:a9:fb:53:c0:c6: da:1c:bd:ce:df:a9:bb:25:94:77:b4:80:15:c4:d9: d1:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:96:1B:E2:39:B1:E4:46:51:2C:7C:5E:4F:97:5D:91:71:82:E7:A4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:9000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:8a:9f:6f:68:ad:d3:6d:a9:01:76:82:23:43:bf:f6:94:6e: d2:6c:97:b3:63:3a:7e:67:52:a4:2f:01:cd:65:40:15:4b:f2: d5:8d:b3:60:bf:01:ad:40:65:6a:8c:bb:db:f2:79:ed:3e:19: d9:5c:8b:a9:b8:07:d1:13:55:1f:18:64:c2:a7:d4:eb:e7:09: 38:c1:d5:d9:72:a3:24:38:96:28:0b:31:7e:35:a7:01:ec:e9: 62:08:a0:03:f3:aa:7a:c2:b4:db:eb:d9:ec:5e:6e:2e:d8:3c: 7e:8b:01:d1:71:82:59:1c:d9:8a:ec:7b:3b:d3:19:47:ae:48: 30:28:69:b8:ce:ed:a5:cb:64:89:8c:77:57:d1:ba:e8:e5:b6: 89:45:6c:b4:03:4e:3a:01:cd:2e:c5:c1:4b:49:40:79:4d:0d: 44:ef:c7:2e:3c:1a:31:1d:a5:3d:ac:72:69:03:25:31:f1:48: 8b:93:46:0c:5e:18:96:98:bb:33:4f:8c:eb:5f:7a:c7:26:4e: 6a:ac:7c:4b:39:2f:82:4a:0c:71:41:89:4f:d7:cf:37:01:1d: 10:61:30:cb:d3:91:67:29:97:55:f2:88:3f:2a:48:b5:c3:64: 8e:55:23:77:47:88:3d:14:6f:a4:f8:77:af:61:8d:f7:b3:91: 27:53:5a:57 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMZeKH7y7KFMZvpFUyPStHlC56QMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNThaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGEwOGMzNzE3ZWUzZjdlMTA2YjkzNWU0YzkzOWJlYWUzNjQwNWEwNTYwMjZi NzUxNzllZTA5ZDNjN2Y1Yjk0YjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ9PGeTxFE/sa6IG25FItnWVoTH0DQExpom71T99S7BEmTvjV1hzYsSDPy7o TMFHFJC88kd69PACiSq1Q9sQZ/ik0stm6c/v2Ls7QsdVe+aO035BWErzz3lURx72 dO7Ll++zml6cO+IvabKGIjTANQEPUjySyM579M7TwCjrG6LSI8MINXUp8U5kK8wQ 9uDqU0oDpGu6o4+RPSxgrY62r6z2w5ABKunnfMMR1pCwrUstVUxbF/h6HZQiNnGi n5duby38po5FbS/Px+Yy3LT/9WHnzsnWp5u2I7porg2RvFUtfetWTVcqWvjf1an7 U8DG2hy9zt+puyWUd7SAFcTZ0b8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTlhvi ObHkRlEsfF5Pl12RcYLnpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODY4Y2JiYTgtNDgwNC00ZmJkLWI5YjgtN2U5NDAyYzQ0OTU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q MA0GCSqGSIb3DQEBCwUAA4IBAQAOip9vaK3TbakBdoIjQ7/2lG7SbJezYzp+Z1Kk LwHNZUAVS/LVjbNgvwGtQGVqjLvb8nntPhnZXIupuAfRE1UfGGTCp9Tr5wk4wdXZ cqMkOJYoCzF+NacB7OliCKAD86p6wrTb69nsXm4u2Dx+iwHRcYJZHNmK7Hs70xlH rkgwKGm4zu2ly2SJjHdX0bro5baJRWy0A046Ac0uxcFLSUB5TQ1E78cuPBoxHaU9 rHJpAyUx8UiLk0YMXhiWmLszT4zrX3rHJk5qrHxLOS+CSgxxQYlP1883AR0QYTDL 05FnKZdV8og/Kki1w2SOVSN3R4g9FG+k+HevYY33s5EnU1pX -----END CERTIFICATE-----Generated at Fri Jan 9 00:52:25 2026 by rpki-client