This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json) Hash identifier: pGaKIpQB3gq+YVSn9Ud20HnWBQyN7NpcLCZZFTJLHoE= Subject key identifier: AA:8A:4D:2B:75:E7:C6:A1:18:41:ED:25:C7:83:AE:CA:9F:16:75:CD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 22FA1B850027F12CE825598F8FF7A60AD597A40B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa Signing time: Wed 10 Dec 2025 05:20:51 +0000 ROA not before: Wed 10 Dec 2025 05:20:51 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07a:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:fa:1b:85:00:27:f1:2c:e8:25:59:8f:8f:f7:a6:0a:d5:97:a4:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:51 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c4cf2048e35865fe5ec2e2efcc56f7a5e2dcb5f3c08f93efabee9d16e94e320b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a5:55:60:57:8c:be:e4:87:df:24:fb:e9:c8: 02:03:4b:da:f1:81:77:3e:67:5b:b5:f9:a0:e0:72: 2c:75:0d:59:ce:a5:69:5a:b1:f5:a8:ae:9c:8e:9c: 4a:4c:cc:26:7a:2a:84:73:a2:d1:74:1e:64:11:e3: f2:24:da:8d:80:96:6c:74:c5:06:f4:7a:27:27:97: 43:e5:a7:ae:60:13:24:b2:de:d2:19:6d:54:b7:01: 3a:31:41:01:47:68:98:6b:49:d0:30:ee:00:ef:e6: ad:89:78:d2:66:03:23:62:01:54:eb:a0:f2:ed:a2: fb:b4:82:90:58:31:1f:be:6f:39:98:4c:a4:09:37: fc:0b:13:20:67:2e:7b:69:fe:c9:75:79:a9:92:27: fa:24:d6:16:d0:e2:e5:b7:f5:50:f4:e3:05:6c:b4: 39:9b:59:91:15:f0:81:c0:48:d0:0e:e8:c9:e4:33: f1:4d:2b:c2:bc:c4:cc:6c:2d:22:fc:c1:68:c1:6c: ee:a9:57:09:fb:22:4b:08:37:6c:36:9a:81:60:5e: 00:32:57:93:07:f1:02:36:1f:89:3b:c4:66:50:33: 18:14:f9:d8:13:d3:4c:eb:e5:8a:ae:6d:8c:73:74: e8:ab:56:fa:cc:77:fe:52:4b:84:03:91:4a:7f:d3: 79:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:8A:4D:2B:75:E7:C6:A1:18:41:ED:25:C7:83:AE:CA:9F:16:75:CD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07a:8000::/40 Signature Algorithm: sha256WithRSAEncryption b0:ee:42:5e:98:19:42:59:77:88:03:c1:a3:c6:6d:aa:7d:0a: 1c:19:88:f5:a9:f3:b1:11:8e:e9:b3:38:83:9f:9d:90:74:5f: 92:5f:e5:a0:7c:49:0a:53:22:15:f6:fb:53:ef:2e:72:f9:a6: 1c:83:55:db:c0:36:3b:88:ae:c6:37:c0:64:ca:43:26:6a:3a: db:30:59:90:dc:c7:e8:49:79:8e:7b:aa:b4:8c:04:25:98:0b: 19:e6:4e:8e:b7:6a:70:89:34:7c:b3:00:e4:00:71:8b:84:e6: 0a:68:73:5a:93:bd:e1:ac:8e:e5:71:2e:04:67:4b:ad:ae:6d: 88:29:17:c3:67:e7:a0:b5:18:ca:e7:c8:19:d1:74:54:68:5b: 7d:c6:8e:26:bf:2e:de:4e:56:59:4e:8e:6d:11:58:d8:f0:be: 33:dc:4a:15:40:23:53:14:84:08:81:30:c9:0c:4f:d5:e3:f2: 65:36:2b:17:dd:31:12:a0:71:7b:ec:e8:9d:e9:37:dd:5d:84: 16:72:e0:4c:4e:2a:f1:b5:94:3e:91:e4:e6:14:05:9a:9d:ad: 11:28:91:3c:a1:ad:c1:63:b0:2e:55:00:4f:81:99:96:9d:ce: 6a:b3:29:f5:78:b4:d5:ca:37:c1:2f:42:2b:0e:61:45:d1:15: f6:2d:70:bd -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIvobhQAn8SzoJVmPj/emCtWXpAswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwNTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM0Y2YyMDQ4ZTM1ODY1ZmU1ZWMyZTJlZmNjNTZmN2E1ZTJkY2I1ZjNjMDhm OTNlZmFiZWU5ZDE2ZTk0ZTMyMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJqlVWBXjL7kh98k++nIAgNL2vGBdz5nW7X5oOByLHUNWc6laVqx9aiunI6c SkzMJnoqhHOi0XQeZBHj8iTajYCWbHTFBvR6JyeXQ+WnrmATJLLe0hltVLcBOjFB AUdomGtJ0DDuAO/mrYl40mYDI2IBVOug8u2i+7SCkFgxH75vOZhMpAk3/AsTIGcu e2n+yXV5qZIn+iTWFtDi5bf1UPTjBWy0OZtZkRXwgcBI0A7oyeQz8U0rwrzEzGwt IvzBaMFs7qlXCfsiSwg3bDaagWBeADJXkwfxAjYfiTvEZlAzGBT52BPTTOvliq5t jHN06KtW+sx3/lJLhAORSn/TeesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqik0r defGoRhB7SXHg67KnxZ1zTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA MA0GCSqGSIb3DQEBCwUAA4IBAQCw7kJemBlCWXeIA8Gjxm2qfQocGYj1qfOxEY7p sziDn52QdF+SX+WgfEkKUyIV9vtT7y5y+aYcg1XbwDY7iK7GN8BkykMmajrbMFmQ 3MfoSXmOe6q0jAQlmAsZ5k6Ot2pwiTR8swDkAHGLhOYKaHNak73hrI7lcS4EZ0ut rm2IKRfDZ+egtRjK58gZ0XRUaFt9xo4mvy7eTlZZTo5tEVjY8L4z3EoVQCNTFIQI gTDJDE/V4/JlNisX3TESoHF77Oid6TfdXYQWcuBMTirxtZQ+keTmFAWana0RKJE8 oa3BY7AuVQBPgZmWnc5qsyn1eLTVyjfBL0IrDmFF0RX2LXC9 -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:38 2026 by rpki-client