This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa File: 9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa (raw, json) Hash identifier: fr4jk3Ju9fLZM6bJ481O966hBiCJxfrrIZUUCb+hr+A= Subject key identifier: BE:47:5A:27:30:BD:2B:68:4F:A3:C7:15:EE:1B:E2:99:7A:73:6A:DC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 45D1A2C06CCDA6FF0BD51165271C33DA68AB3886 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa Signing time: Wed 10 Dec 2025 06:00:44 +0000 ROA not before: Wed 10 Dec 2025 06:00:44 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d070::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:d1:a2:c0:6c:cd:a6:ff:0b:d5:11:65:27:1c:33:da:68:ab:38:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:44 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=55c3d1f095fd1f07305e02fc13f2aceb35c84113cebb09290fcd2603186029da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:5c:fd:75:71:e6:7d:a8:8d:78:d7:33:4d:17: e1:92:7c:ab:b5:27:88:ff:67:f1:99:92:44:00:91: 55:7a:74:c3:33:ed:c2:41:0f:cc:f4:4e:ff:7a:f8: fd:c6:2e:a3:66:ed:17:1a:00:96:d7:91:ef:b5:a2: 00:52:f0:f6:b3:43:f5:9a:51:25:57:73:db:59:fe: 3a:c8:da:b9:4a:09:43:58:48:90:a0:27:4d:58:70: e6:ca:42:f9:18:be:dd:e0:a3:b4:3d:75:22:db:10: e6:fe:ce:88:89:a6:b3:34:12:95:28:b9:2a:71:e7: be:40:c8:9a:ce:a6:8d:92:72:a3:03:9b:51:8c:2e: 5c:c3:a2:bb:8e:92:f9:c7:5e:ca:98:db:51:4f:0b: 79:6c:36:8a:12:a3:80:c7:e9:66:53:d9:d4:65:11: 50:0f:3f:46:1c:a6:64:62:c3:60:6d:1b:f6:c7:fc: 0b:9f:77:ac:01:11:82:cd:21:cd:84:37:09:01:8a: d2:e2:e2:f7:b4:90:fa:49:3f:ed:10:af:69:1b:c2: 45:19:b4:3c:9d:dc:85:3c:e4:84:e2:38:b5:77:76: 5f:99:d6:8d:a1:fd:b4:85:cd:be:4f:33:58:c6:2b: ed:15:4e:91:15:74:30:76:7c:35:ec:8e:c4:94:48: 4a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:47:5A:27:30:BD:2B:68:4F:A3:C7:15:EE:1B:E2:99:7A:73:6A:DC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d070::/32 Signature Algorithm: sha256WithRSAEncryption 23:16:7d:1a:83:60:c1:9b:19:ab:60:3b:d3:a6:f1:79:a2:0c: 8d:39:a8:28:33:94:da:5d:07:6c:01:ee:ef:c3:76:90:bf:79: d3:43:3c:03:51:83:42:34:e9:2c:04:ca:d9:56:bd:2c:c9:74: d7:55:1a:84:f6:d0:34:24:da:33:35:6f:3b:5b:72:a1:55:cd: 58:90:e2:94:ec:00:62:c4:19:69:5a:51:21:8c:91:57:13:0f: f3:12:49:ae:e5:d3:49:49:e7:3e:d0:bf:d7:82:57:ee:46:2d: 5d:dc:44:22:00:04:19:3f:f6:69:57:69:9b:cf:10:79:99:9d: ac:ce:d7:47:13:30:a9:a0:ad:33:7f:48:12:0a:e2:20:f9:c5: 35:16:ca:01:ae:46:da:1e:68:ae:a8:a9:c7:56:cb:fc:ab:12: 7c:7f:c9:7d:b5:34:c6:83:5f:24:5e:4a:00:b1:b4:33:2d:53: 92:15:e1:c2:17:6d:c2:33:8d:18:85:05:6e:8e:08:f4:9d:f3: bd:56:ca:b5:82:03:5d:ce:be:1a:21:3b:93:c3:56:34:2d:70: e4:71:b2:94:2b:7b:24:5f:f7:1b:ae:d9:d6:5d:b7:90:76:37: 01:90:e0:85:c2:23:a1:7e:ed:9b:b9:0b:ac:63:12:94:a1:6f: 39:77:b8:ba -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIURdGiwGzNpv8L1RFlJxwz2mirOIYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwNDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU1YzNkMWYwOTVmZDFmMDczMDVlMDJmYzEzZjJhY2ViMzVjODQxMTNjZWJi MDkyOTBmY2QyNjAzMTg2MDI5ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhc/XVx5n2ojXjXM00X4ZJ8q7UniP9n8ZmSRACRVXp0wzPtwkEPzPRO/3r4 /cYuo2btFxoAlteR77WiAFLw9rND9ZpRJVdz21n+OsjauUoJQ1hIkKAnTVhw5spC +Ri+3eCjtD11ItsQ5v7OiImmszQSlSi5KnHnvkDIms6mjZJyowObUYwuXMOiu46S +cdeypjbUU8LeWw2ihKjgMfpZlPZ1GURUA8/RhymZGLDYG0b9sf8C593rAERgs0h zYQ3CQGK0uLi97SQ+kk/7RCvaRvCRRm0PJ3chTzkhOI4tXd2X5nWjaH9tIXNvk8z WMYr7RVOkRV0MHZ8NeyOxJRISukCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS+R1on ML0raE+jxxXuG+KZenNq3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTExOWEwMWUtMmJiNC00ZDY5LTkzMjUtNWY0YWE4ZmI4YmU4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HAw DQYJKoZIhvcNAQELBQADggEBACMWfRqDYMGbGatgO9Om8XmiDI05qCgzlNpdB2wB 7u/DdpC/edNDPANRg0I06SwEytlWvSzJdNdVGoT20DQk2jM1bztbcqFVzViQ4pTs AGLEGWlaUSGMkVcTD/MSSa7l00lJ5z7Qv9eCV+5GLV3cRCIABBk/9mlXaZvPEHmZ nazO10cTMKmgrTN/SBIK4iD5xTUWygGuRtoeaK6oqcdWy/yrEnx/yX21NMaDXyRe SgCxtDMtU5IV4cIXbcIzjRiFBW6OCPSd871WyrWCA13OvhohO5PDVjQtcORxspQr eyRf9xuu2dZdt5B2NwGQ4IXCI6F+7Zu5C6xjEpShbzl3uLo= -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:24 2026 by rpki-client