This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa File: 92f142f2-bd1c-4295-a008-efcde04ceb18.roa (raw, json) Hash identifier: Aty8MtRVWA+friq4/s60Z4sAJR2RkKGBevCUInKhjlQ= Subject key identifier: 46:AA:39:FD:59:DD:2D:CA:98:69:84:D1:A1:EA:34:46:8A:44:7C:41 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 57EAFFAFFDF92418D35610118C7F7C0952E9C5B3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa Signing time: Thu 11 Dec 2025 00:00:10 +0000 ROA not before: Thu 11 Dec 2025 00:00:10 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 79.125.16.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:ea:ff:af:fd:f9:24:18:d3:56:10:11:8c:7f:7c:09:52:e9:c5:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 11 00:00:10 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=65aae44c6530f2c7c6ec5e92b57ad0244029ea605b3f5791cdeeb44fc3fd24a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ae:f3:04:06:fc:8f:08:b0:71:a0:d9:d2:9b: 10:1f:64:da:cd:4e:3c:a9:4b:b3:9d:01:7b:b8:d4: a4:cc:1c:af:43:fb:84:db:f7:f7:8f:44:e9:a5:71: 9c:c2:0b:6d:fb:d0:43:98:3e:60:9a:4f:aa:3a:62: 72:73:2c:d7:95:0c:ac:b7:a9:01:85:27:70:4d:18: 2f:fe:42:bf:65:f9:34:d0:ce:26:75:e0:78:b5:8f: 7e:15:0f:4e:32:6c:bb:26:fd:d9:72:69:c6:ed:64: f5:6f:d9:bb:ab:61:62:64:6c:99:b1:2b:46:49:70: af:4d:29:c4:30:2c:d2:aa:91:a8:59:bf:fd:2a:a8: 23:2d:7c:e6:57:38:4a:86:f8:94:37:bf:fc:17:43: 9f:91:aa:35:11:58:21:4d:68:36:1d:6c:dc:c5:a9: ae:12:63:02:a2:0d:26:81:ac:d1:d3:be:39:ed:52: 4b:05:ae:ee:67:e8:4e:fd:be:1f:8d:71:9b:74:d9: 87:ca:2e:b8:fc:af:37:bb:1a:4c:6a:87:58:3c:30: 06:5d:57:37:a6:78:ca:8e:3c:d0:d7:38:b1:28:51: fa:cf:e2:09:c6:ab:8d:3d:79:3f:0f:c3:c6:21:56: 3d:d6:36:3a:d4:96:62:51:9b:29:5a:0b:e2:9e:d4: 4f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:AA:39:FD:59:DD:2D:CA:98:69:84:D1:A1:EA:34:46:8A:44:7C:41 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92f142f2-bd1c-4295-a008-efcde04ceb18.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.125.16.0/21 Signature Algorithm: sha256WithRSAEncryption 0e:a1:d0:09:a4:50:5a:20:ee:3c:59:c2:9a:96:a3:3b:d4:d8: d2:50:e1:ba:1f:dd:06:62:ae:7b:15:bd:91:48:87:01:ef:e6: 42:54:8f:14:12:87:70:c3:c1:a0:11:70:f7:5e:90:20:07:25: ec:ef:a7:1a:e1:ab:07:4d:97:50:15:bc:67:92:6d:35:17:67: 1b:0e:dc:2e:df:06:58:8d:e8:e4:17:05:b8:19:90:9d:a8:b1: 61:63:d6:80:bd:f6:9a:84:79:24:ce:51:29:84:9a:82:9b:0d: 31:bc:32:c4:24:c4:78:f0:59:7a:ce:32:3f:34:fe:f1:4a:8c: 85:8e:70:d5:c7:e3:dc:0b:94:73:ef:25:92:2d:49:b8:67:89: cc:f6:02:29:d8:4f:92:2b:82:c0:2e:7b:e8:db:69:18:cf:7f: 10:8d:38:e9:41:97:b5:88:f4:d5:1e:4d:f6:3f:ba:65:e9:e1: e7:78:5f:af:5d:62:04:06:da:f3:17:83:61:fd:94:fd:2a:6c: 04:f8:52:9b:67:72:7a:9d:56:0a:31:ea:d8:e7:84:6e:87:5c: 79:93:08:a8:b3:f6:b2:58:11:cf:b9:a1:90:b9:16:e2:a4:36: c5:2b:b8:49:7e:88:60:f5:17:db:fc:72:11:a8:d2:5a:85:cd: cd:59:83:68 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUV+r/r/35JBjTVhARjH98CVLpxbMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTEwMDAwMTBaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDY1YWFlNDRjNjUzMGYyYzdjNmVjNWU5MmI1N2FkMDI0NDAyOWVhNjA1YjNm NTc5MWNkZWViNDRmYzNmZDI0YTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+u8wQG/I8IsHGg2dKbEB9k2s1OPKlLs50Be7jUpMwcr0P7hNv3949E6aVx nMILbfvQQ5g+YJpPqjpicnMs15UMrLepAYUncE0YL/5Cv2X5NNDOJnXgeLWPfhUP TjJsuyb92XJpxu1k9W/Zu6thYmRsmbErRklwr00pxDAs0qqRqFm//SqoIy185lc4 Sob4lDe//BdDn5GqNRFYIU1oNh1s3MWprhJjAqINJoGs0dO+Oe1SSwWu7mfoTv2+ H41xm3TZh8ouuPyvN7saTGqHWDwwBl1XN6Z4yo480Nc4sShR+s/iCcarjT15Pw/D xiFWPdY2OtSWYlGbKVoL4p7UT8kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRGqjn9 Wd0typhphNGh6jRGikR8QTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTJmMTQyZjItYmQxYy00Mjk1LWEwMDgtZWZjZGUwNGNlYjE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA099EDAN BgkqhkiG9w0BAQsFAAOCAQEADqHQCaRQWiDuPFnCmpajO9TY0lDhuh/dBmKuexW9 kUiHAe/mQlSPFBKHcMPBoBFw916QIAcl7O+nGuGrB02XUBW8Z5JtNRdnGw7cLt8G WI3o5BcFuBmQnaixYWPWgL32moR5JM5RKYSagpsNMbwyxCTEePBZes4yPzT+8UqM hY5w1cfj3AuUc+8lki1JuGeJzPYCKdhPkiuCwC576NtpGM9/EI046UGXtYj01R5N 9j+6Zenh53hfr11iBAba8xeDYf2U/SpsBPhSm2dyep1WCjHq2OeEbodceZMIqLP2 slgRz7mhkLkW4qQ2xSu4SX6IYPUX2/xyEajSWoXNzVmDaA== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:25 2026 by rpki-client