This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json) Hash identifier: NRHiNyIo1ewLj0eYQTQRgUom0LfGKkGPh97VKTA3vTs= Subject key identifier: A9:1B:04:7C:21:1E:B7:DF:85:DE:21:5B:10:39:4C:FE:D9:18:CE:06 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4C4F84E338578B25F29C53B6AE024FCA48D224E8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa Signing time: Wed 10 Dec 2025 05:10:13 +0000 ROA not before: Wed 10 Dec 2025 05:10:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d02a::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:4f:84:e3:38:57:8b:25:f2:9c:53:b6:ae:02:4f:ca:48:d2:24:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:10:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=53bd95d3469e64d29e03d0f234a4bb60e081aac26d191bbc126baae54c35dc69, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c3:be:77:ab:7c:72:ad:8b:88:b9:2f:55:5f: 81:74:d5:01:de:78:b1:2f:c0:d3:f2:1e:4d:a0:7a: 8b:f7:79:44:00:76:2d:fa:2d:b7:d1:c0:06:94:51: 9d:f2:3b:be:94:db:a7:24:4f:4b:a4:81:96:39:4a: 20:ae:c7:cc:a0:8d:73:28:a0:e8:1c:08:40:e7:f3: 1f:8f:7f:7d:b4:0d:df:4d:24:88:9f:c9:6e:70:9c: 32:73:3b:bc:f5:0d:82:df:ce:1a:96:0e:6c:6c:d6: 92:c1:b0:6b:68:27:96:28:04:98:e7:83:8a:02:e0: 13:5b:c3:3a:03:35:af:aa:30:de:35:a0:64:98:b1: db:df:7c:e1:b3:c5:8c:96:50:1e:00:86:85:56:fe: 6a:4e:08:d9:bb:44:47:78:18:d3:ec:ff:0e:34:29: d6:5a:11:a2:f4:75:c0:8d:10:53:ce:7e:f1:9c:ce: 56:b2:f4:61:f6:f6:b2:05:2a:9a:7a:ab:1e:c1:1c: 7a:51:46:30:a7:ba:cf:9d:f8:e7:5f:5b:a5:dc:d6: 9c:ea:7f:82:93:6f:4a:ef:6a:cb:4e:92:f1:4b:60: 39:3b:5f:71:f8:85:84:6a:bd:3c:ce:fd:5a:ec:87: 4b:69:c5:51:3f:c7:2f:a4:52:e9:55:69:ea:08:44: c6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:1B:04:7C:21:1E:B7:DF:85:DE:21:5B:10:39:4C:FE:D9:18:CE:06 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d02a::/36 Signature Algorithm: sha256WithRSAEncryption 8d:c2:ae:65:62:3f:1c:33:54:24:27:2f:90:de:bf:07:23:fc: ba:58:0a:09:31:24:ba:99:9c:72:15:f0:80:31:bb:69:ed:e0: 81:0a:2f:a0:52:5d:65:ea:04:7b:22:c8:3b:49:67:61:d7:55: 38:73:60:60:f2:8d:4b:fd:15:5f:b5:30:ac:02:ee:f2:1d:8d: 77:ed:57:99:2f:c4:00:f9:fa:02:55:b3:52:1e:50:1b:d4:11: 49:6b:67:aa:93:10:1e:e1:4e:b3:ab:26:9c:80:3c:c5:e5:5c: 75:1f:3d:06:0a:91:38:67:d3:56:e3:6e:38:c8:3c:51:08:b1: 92:53:d4:64:6d:0d:b9:d5:11:28:54:ec:7b:ae:6d:90:08:8d: 4c:10:d2:5e:b1:a3:1a:2b:f3:5c:78:37:d8:a1:9b:f5:db:80: d6:cc:d7:6f:00:cc:c9:3c:4d:ea:04:1c:87:45:c6:e4:b8:4a: fd:3b:dc:92:f0:45:45:d9:18:b1:91:e7:9f:46:83:8e:5a:2c: 60:bf:c9:aa:6c:96:d9:f6:c1:be:81:37:00:4e:00:bb:ff:c2: ca:45:bf:4c:18:56:1d:ba:ea:29:7f:02:32:45:c4:2c:fb:8e: 2b:d4:14:cd:d0:fa:36:96:9e:50:a2:b9:6a:19:16:f5:c5:c0: 1c:b9:eb:a9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTE+E4zhXiyXynFO2rgJPykjSJOgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTEwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDUzYmQ5NWQzNDY5ZTY0ZDI5ZTAzZDBmMjM0YTRiYjYwZTA4MWFhYzI2ZDE5 MWJiYzEyNmJhYWU1NGMzNWRjNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMTDvnerfHKti4i5L1VfgXTVAd54sS/A0/IeTaB6i/d5RAB2Lfott9HABpRR nfI7vpTbpyRPS6SBljlKIK7HzKCNcyig6BwIQOfzH49/fbQN300kiJ/JbnCcMnM7 vPUNgt/OGpYObGzWksGwa2gnligEmOeDigLgE1vDOgM1r6ow3jWgZJix29984bPF jJZQHgCGhVb+ak4I2btER3gY0+z/DjQp1loRovR1wI0QU85+8ZzOVrL0Yfb2sgUq mnqrHsEcelFGMKe6z534519bpdzWnOp/gpNvSu9qy06S8UtgOTtfcfiFhGq9PM79 WuyHS2nFUT/HL6RS6VVp6ghExmsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpGwR8 IR6334XeIVsQOUz+2RjOBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA MA0GCSqGSIb3DQEBCwUAA4IBAQCNwq5lYj8cM1QkJy+Q3r8HI/y6WAoJMSS6mZxy FfCAMbtp7eCBCi+gUl1l6gR7Isg7SWdh11U4c2Bg8o1L/RVftTCsAu7yHY137VeZ L8QA+foCVbNSHlAb1BFJa2eqkxAe4U6zqyacgDzF5Vx1Hz0GCpE4Z9NW4244yDxR CLGSU9RkbQ251REoVOx7rm2QCI1MENJesaMaK/NceDfYoZv124DWzNdvAMzJPE3q BByHRcbkuEr9O9yS8EVF2RixkeefRoOOWixgv8mqbJbZ9sG+gTcATgC7/8LKRb9M GFYduuopfwIyRcQs+44r1BTN0Po2lp5QorlqGRb1xcAcueup -----END CERTIFICATE-----Generated at Fri Dec 12 10:48:29 2025 by rpki-client