This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa File: a626735f-cb4b-4dff-992e-95390a4e2eea.roa (raw, json) Hash identifier: 1SuyhGMScCbWdogWaHH50YA30KPveeymIHmaRozdJjc= Subject key identifier: 12:07:D3:35:81:99:FC:4A:56:98:B1:35:F2:A6:5C:28:65:6A:F8:A8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 72EF5BC17B7C5FBF46E2F369297C5D4CBAC41EE7 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa Signing time: Wed 10 Dec 2025 05:20:32 +0000 ROA not before: Wed 10 Dec 2025 05:20:32 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:ef:5b:c1:7b:7c:5f:bf:46:e2:f3:69:29:7c:5d:4c:ba:c4:1e:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:32 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4becaf183a8fefce2e91effb2cefd8381ce69b8dff267adc453c2c894da82562, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:db:14:10:cb:b2:14:2e:65:a6:34:54:be:8b: f4:75:80:ec:87:6f:ef:f1:30:04:0b:f2:d4:1d:16: b6:c3:68:b9:65:de:f1:2e:3c:a7:4c:63:f1:49:6b: 5c:90:15:e6:c7:24:22:20:61:08:9d:c1:c9:a0:c0: 9d:19:45:05:15:39:a5:89:dc:9a:d7:d9:31:0d:ad: 0f:7b:ff:8c:fe:fc:25:81:ef:06:df:6f:26:fc:13: 7c:db:bb:f5:f0:f3:52:6d:4b:16:c1:6c:5f:81:f4: 08:a1:84:18:18:ec:0b:06:e1:53:11:78:ec:21:c9: 35:df:d4:d8:ec:3f:ec:98:53:f6:23:7f:cd:95:70: bd:ce:e9:82:d0:0d:1a:d2:97:e3:ce:d7:ac:c0:f7: c0:bb:82:59:93:11:a6:d9:b8:d8:75:14:92:9f:93: 00:8b:2e:29:80:59:4e:a6:ba:88:e1:46:69:ed:3a: a0:96:63:31:b6:4a:6e:5c:d9:d8:53:47:c0:21:4c: a5:60:de:46:52:26:50:77:ca:d9:42:b0:5f:ea:7f: 4f:5b:7e:5c:4c:8f:62:48:b6:c0:e8:ab:f7:41:69: 7d:46:96:1b:ef:b2:23:72:79:08:47:44:11:de:50: 59:4c:8b:4e:23:84:a6:64:0d:7b:39:9a:46:ab:92: da:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:07:D3:35:81:99:FC:4A:56:98:B1:35:F2:A6:5C:28:65:6A:F8:A8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:2000::/40 Signature Algorithm: sha256WithRSAEncryption 65:05:c0:ce:2b:27:f4:2c:21:fd:4c:84:b9:e6:0b:cc:c2:a0: 87:22:e0:a7:fb:e6:1a:f8:0c:48:0a:88:eb:68:cf:77:ad:e8: 11:53:ae:0b:26:28:5a:1e:2f:23:fd:93:65:b4:79:f8:fe:f8: fb:1a:5b:23:f8:52:a7:05:8a:ad:f3:c2:4d:99:e8:f2:e3:8d: 08:d3:32:65:2b:a3:29:ad:98:64:3f:d1:00:f0:6f:99:3b:04: d4:a9:c6:d3:36:b0:8a:2d:78:18:b2:ca:e7:36:4f:d6:c3:9e: 2c:2f:1b:48:75:06:e9:79:88:e9:0e:34:f5:74:f0:28:a0:3f: 2d:18:df:c6:ef:b0:2e:2c:1a:41:3b:4b:f9:98:a7:08:96:19: 41:57:43:42:0d:e0:65:fb:7d:6c:f2:18:2a:f4:42:23:bd:43: 59:64:e5:c9:85:9b:24:4f:e5:64:2f:98:b5:f3:82:55:82:db: bc:dc:97:4f:ff:ed:df:5b:55:91:f6:58:47:ac:1d:8b:e3:58: 8b:b5:c8:b4:fc:38:8e:ac:a3:a8:22:0d:9b:0e:fa:ed:95:85: 46:92:d9:14:29:94:f5:6f:b7:be:5a:35:40:87:e4:50:10:52: 4b:35:88:c5:fe:64:73:e7:b3:05:26:b5:db:cd:8b:81:1f:35: 6b:84:33:15 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUcu9bwXt8X79G4vNpKXxdTLrEHucwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMzJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDRiZWNhZjE4M2E4ZmVmY2UyZTkxZWZmYjJjZWZkODM4MWNlNjliOGRmZjI2 N2FkYzQ1M2MyYzg5NGRhODI1NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIzbFBDLshQuZaY0VL6L9HWA7Idv7/EwBAvy1B0WtsNouWXe8S48p0xj8Ulr XJAV5sckIiBhCJ3ByaDAnRlFBRU5pYncmtfZMQ2tD3v/jP78JYHvBt9vJvwTfNu7 9fDzUm1LFsFsX4H0CKGEGBjsCwbhUxF47CHJNd/U2Ow/7JhT9iN/zZVwvc7pgtAN GtKX487XrMD3wLuCWZMRptm42HUUkp+TAIsuKYBZTqa6iOFGae06oJZjMbZKblzZ 2FNHwCFMpWDeRlImUHfK2UKwX+p/T1t+XEyPYki2wOir90FpfUaWG++yI3J5CEdE Ed5QWUyLTiOEpmQNezmaRquS2v8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSB9M1 gZn8SlaYsTXyplwoZWr4qDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTYyNjczNWYtY2I0Yi00ZGZmLTk5MmUtOTUzOTBhNGUyZWVhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg MA0GCSqGSIb3DQEBCwUAA4IBAQBlBcDOKyf0LCH9TIS55gvMwqCHIuCn++Ya+AxI CojraM93regRU64LJihaHi8j/ZNltHn4/vj7Glsj+FKnBYqt88JNmejy440I0zJl K6MprZhkP9EA8G+ZOwTUqcbTNrCKLXgYssrnNk/Ww54sLxtIdQbpeYjpDjT1dPAo oD8tGN/G77AuLBpBO0v5mKcIlhlBV0NCDeBl+31s8hgq9EIjvUNZZOXJhZskT+Vk L5i184JVgtu83JdP/+3fW1WR9lhHrB2L41iLtci0/DiOrKOoIg2bDvrtlYVGktkU KZT1b7e+WjVAh+RQEFJLNYjF/mRz57MFJrXbzYuBHzVrhDMV -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:44 2026 by rpki-client