This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa File: 975dfb4d-ef39-4371-9678-ff7909080d1e.roa (raw, json) Hash identifier: 0W3rJ+y74n7F1A1/2N142kVyRaXRr/AYXaQyrcADT84= Subject key identifier: 97:80:CE:C2:31:C9:9B:35:D0:40:BE:16:FD:A9:DB:29:04:59:37:C0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2D1159FCEEE90579FADC50A8F5FCEED8731CC2A7 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa Signing time: Wed 10 Dec 2025 05:51:16 +0000 ROA not before: Wed 10 Dec 2025 05:51:16 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:11:59:fc:ee:e9:05:79:fa:dc:50:a8:f5:fc:ee:d8:73:1c:c2:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:51:16 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=6e37265faf853aebf57e289ea299daa60c980a143e808e6c8cbc85eb2906c9bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:93:8d:b5:4e:c4:15:d1:2d:22:36:80:ed:05: 42:6a:ac:ab:d9:5f:61:d3:81:bf:0f:04:f4:78:26: e3:ba:d5:8e:f4:ee:fc:e7:26:31:c4:f9:44:34:6c: d4:9a:5b:89:1e:cd:61:bd:ff:06:18:ef:9f:93:92: 07:bb:a4:f7:87:6d:93:aa:6a:c9:85:e1:35:fa:20: e3:35:93:fb:1d:a7:73:27:eb:34:95:0a:91:69:4a: 02:41:66:b0:83:b9:d0:f5:d8:4a:e9:28:8b:47:ca: c5:50:be:ef:a4:83:fd:0e:75:14:36:b6:e1:ca:b2: 36:4f:8a:6b:c0:9a:d9:94:0c:4d:65:72:45:cc:0e: 99:c4:e7:2e:02:98:f1:19:42:0c:ac:9b:2a:a4:bd: 0b:1b:33:2a:3b:ea:3c:55:0b:c5:27:81:1c:27:ea: 4a:2c:09:e0:fb:0f:fa:98:be:d4:2c:c3:76:f2:2e: c9:a7:31:42:5f:58:9a:c7:f7:03:18:d5:68:a4:18: 68:fd:5d:ee:60:b2:7d:94:2b:a9:ef:41:4c:80:42: 4c:6f:7f:20:b8:0c:4b:b2:fa:b4:70:6f:a5:8d:8c: f3:ef:65:22:b4:0a:ad:da:b1:a3:1f:e1:0e:7d:f8: 16:c4:42:9d:c2:df:fb:c7:55:f1:14:ae:47:f7:8d: 67:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:80:CE:C2:31:C9:9B:35:D0:40:BE:16:FD:A9:DB:29:04:59:37:C0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/975dfb4d-ef39-4371-9678-ff7909080d1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:b080::/48 Signature Algorithm: sha256WithRSAEncryption b8:77:bd:b2:db:16:23:4f:ec:16:b0:37:4a:2e:8b:2f:c6:e8: 70:aa:7c:8a:4a:26:ff:c2:03:47:35:e7:e1:d3:38:fd:ff:a9: aa:ee:31:ca:1a:92:cc:2d:77:0e:54:79:df:6d:da:b1:ae:ce: 08:98:31:3e:e3:2d:76:2a:e7:c6:81:79:f4:ca:15:ff:c6:bd: f2:db:65:22:5d:a7:72:fd:b9:02:eb:4a:47:d9:d8:80:7d:37: cf:8c:4a:e7:70:ab:14:b0:3b:de:18:c4:64:18:cb:65:cc:10: ca:e1:03:e2:c5:7e:37:68:a6:a7:d1:9a:8a:63:ca:92:bb:b6: e9:7b:4f:1d:84:ef:21:ca:90:b3:c4:ad:a8:e4:74:62:ad:47: bc:50:cf:a9:6e:b6:83:54:96:d0:5e:f3:bb:21:4c:af:57:70: 76:31:a0:f8:c0:e8:12:de:13:d4:45:d4:1e:c4:84:7b:fe:32: e2:4b:80:dd:8d:a2:9d:4b:a0:01:09:f4:5b:56:c3:dc:d6:74: 30:85:43:ae:04:29:7a:d9:17:27:46:51:29:e4:d8:37:5d:2e: e4:2b:9e:c1:aa:8a:8d:23:99:b1:ce:2f:5c:53:0a:2a:1b:a0: eb:15:47:f4:c7:93:d4:ab:eb:37:99:db:f4:34:05:f5:10:1c: a1:6e:5e:4f -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIULRFZ/O7pBXn63FCo9fzu2HMcwqcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUxMTZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDZlMzcyNjVmYWY4NTNhZWJmNTdlMjg5ZWEyOTlkYWE2MGM5ODBhMTQzZTgw OGU2YzhjYmM4NWViMjkwNmM5YmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANeTjbVOxBXRLSI2gO0FQmqsq9lfYdOBvw8E9Hgm47rVjvTu/OcmMcT5RDRs 1JpbiR7NYb3/Bhjvn5OSB7uk94dtk6pqyYXhNfog4zWT+x2ncyfrNJUKkWlKAkFm sIO50PXYSukoi0fKxVC+76SD/Q51FDa24cqyNk+Ka8Ca2ZQMTWVyRcwOmcTnLgKY 8RlCDKybKqS9CxszKjvqPFULxSeBHCfqSiwJ4PsP+pi+1CzDdvIuyacxQl9Ymsf3 AxjVaKQYaP1d7mCyfZQrqe9BTIBCTG9/ILgMS7L6tHBvpY2M8+9lIrQKrdqxox/h Dn34FsRCncLf+8dV8RSuR/eNZy8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSXgM7C McmbNdBAvhb9qdspBFk3wDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTc1ZGZiNGQtZWYzOS00MzcxLTk2NzgtZmY3OTA5MDgwZDFlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKw gDANBgkqhkiG9w0BAQsFAAOCAQEAuHe9stsWI0/sFrA3Si6LL8bocKp8ikom/8ID RzXn4dM4/f+pqu4xyhqSzC13DlR5323asa7OCJgxPuMtdirnxoF59MoV/8a98ttl Il2ncv25AutKR9nYgH03z4xK53CrFLA73hjEZBjLZcwQyuED4sV+N2imp9GaimPK kru26XtPHYTvIcqQs8StqOR0Yq1HvFDPqW62g1SW0F7zuyFMr1dwdjGg+MDoEt4T 1EXUHsSEe/4y4kuA3Y2inUugAQn0W1bD3NZ0MIVDrgQpetkXJ0ZRKeTYN10u5Cue waqKjSOZsc4vXFMKKhug6xVH9MeT1KvrN5nb9DQF9RAcoW5eTw== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:37 2026 by rpki-client