This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa File: 87ec9982-c725-40e5-b829-ff0f06d939c8.roa (raw, json) Hash identifier: gEHhpNyhev2uxEKtm1Mk7CZs2cPn3UTSvgORtJ53rEA= Subject key identifier: 44:69:44:2E:E6:48:DC:30:AE:85:FE:2B:29:75:63:A0:A5:65:42:D8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 535212572C06C9EE86BA7DEA59E58D2AA18632BA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa Signing time: Wed 10 Dec 2025 05:20:09 +0000 ROA not before: Wed 10 Dec 2025 05:20:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:52:12:57:2c:06:c9:ee:86:ba:7d:ea:59:e5:8d:2a:a1:86:32:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=76a88f9348bcbe55c7df2fc25c5c61266b17037a054f401c10a82e9d20d40c76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9a:0c:14:54:82:8f:0c:51:50:7a:76:fc:5d: f2:c1:19:e8:f4:42:5d:ec:05:0b:dd:a9:97:82:cd: 5a:23:16:19:04:e8:e1:61:77:d1:94:54:9f:ce:47: d3:92:3f:c1:98:b5:c0:70:40:20:b8:e5:13:4c:1c: 0d:57:43:4b:c3:1c:11:1c:46:12:dd:74:97:22:f2: 4b:86:0b:f1:52:6f:9d:5e:e0:a0:e8:6a:da:97:88: 8c:17:85:e9:f2:03:08:a6:fd:a8:08:7d:b1:f1:f4: 95:71:90:69:1b:2e:04:ea:94:97:4a:14:c1:fc:7e: 3d:bf:02:f6:ac:3a:65:4c:af:01:d6:2f:f8:d5:2e: 4d:b2:5a:ed:b7:f8:ea:64:c3:02:61:0f:4a:68:e8: 26:01:42:4c:60:0d:b8:8f:e8:f1:bf:70:0d:ec:67: b5:10:1d:02:b5:3f:4c:b2:74:2d:77:5a:71:a8:a1: 16:43:5a:75:7f:1e:dd:93:c2:53:e4:1c:07:40:16: 94:46:51:3f:f7:9b:62:93:ec:ef:a9:6d:25:f9:88: 10:b2:fc:bc:44:dc:65:f5:a6:db:8c:2d:23:77:2d: 39:98:3c:4f:fc:1f:8c:f0:2a:65:a4:87:2e:c0:10: 76:06:5a:50:4a:c8:8a:c5:21:34:85:4d:a5:d5:55: 51:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:69:44:2E:E6:48:DC:30:AE:85:FE:2B:29:75:63:A0:A5:65:42:D8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87ec9982-c725-40e5-b829-ff0f06d939c8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:9000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:f6:85:27:c0:75:20:d4:70:cb:eb:fc:8c:a9:c3:da:88:89: 63:f2:f8:87:d7:e3:1e:ec:1d:a1:9b:6e:74:1d:2c:09:d8:48: e8:4c:86:f8:39:df:92:e2:25:66:23:1f:83:a2:bf:62:ed:cf: b7:0c:94:4f:89:5a:cc:1a:29:53:32:2b:67:83:42:5b:ba:26: 3e:05:7f:4d:18:54:9e:82:6c:8c:97:e9:c2:88:07:dc:82:d8: e8:97:e4:22:79:22:62:a6:a4:44:9f:5b:e7:db:9f:96:6c:e4: 59:99:65:a4:20:23:7a:2a:57:d3:6f:15:c6:92:d6:7d:cd:2e: 8f:7b:28:3d:dd:fe:f4:37:73:16:d7:9a:b3:8f:bf:66:fc:e6: 43:28:ab:82:67:6c:9f:0c:11:60:5a:70:64:ea:12:0d:fd:34: 2a:73:63:41:c9:da:67:0f:8e:21:d8:16:7a:19:53:1a:32:79: ad:3e:11:02:88:f2:fa:b8:c3:65:f5:20:c9:03:45:29:24:48: f5:c1:56:5d:8c:92:9e:0b:e8:a1:c5:bd:48:14:b0:49:33:46: 6e:02:ef:84:fc:14:a7:c2:4a:54:39:07:7d:ff:d2:32:3c:66: 1f:14:25:ac:71:71:ba:a9:37:78:f9:70:9d:08:ed:78:69:28: 81:d7:a4:13 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUU1ISVywGye6Gun3qWeWNKqGGMrowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDc2YTg4ZjkzNDhiY2JlNTVjN2RmMmZjMjVjNWM2MTI2NmIxNzAzN2EwNTRm NDAxYzEwYTgyZTlkMjBkNDBjNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALmaDBRUgo8MUVB6dvxd8sEZ6PRCXewFC92pl4LNWiMWGQTo4WF30ZRUn85H 05I/wZi1wHBAILjlE0wcDVdDS8McERxGEt10lyLyS4YL8VJvnV7goOhq2peIjBeF 6fIDCKb9qAh9sfH0lXGQaRsuBOqUl0oUwfx+Pb8C9qw6ZUyvAdYv+NUuTbJa7bf4 6mTDAmEPSmjoJgFCTGANuI/o8b9wDexntRAdArU/TLJ0LXdacaihFkNadX8e3ZPC U+QcB0AWlEZRP/ebYpPs76ltJfmIELL8vETcZfWm24wtI3ctOZg8T/wfjPAqZaSH LsAQdgZaUErIisUhNIVNpdVVUT8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREaUQu 5kjcMK6F/ispdWOgpWVC2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODdlYzk5ODItYzcyNS00MGU1LWI4MjktZmYwZjA2ZDkzOWM4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiQ MA0GCSqGSIb3DQEBCwUAA4IBAQAs9oUnwHUg1HDL6/yMqcPaiIlj8viH1+Me7B2h m250HSwJ2EjoTIb4Od+S4iVmIx+Dor9i7c+3DJRPiVrMGilTMitng0JbuiY+BX9N GFSegmyMl+nCiAfcgtjol+QieSJipqREn1vn25+WbORZmWWkICN6KlfTbxXGktZ9 zS6Peyg93f70N3MW15qzj79m/OZDKKuCZ2yfDBFgWnBk6hIN/TQqc2NBydpnD44h 2BZ6GVMaMnmtPhECiPL6uMNl9SDJA0UpJEj1wVZdjJKeC+ihxb1IFLBJM0ZuAu+E /BSnwkpUOQd9/9IyPGYfFCWscXG6qTd4+XCdCO14aSiB16QT -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:53 2026 by rpki-client