This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa File: a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa (raw, json) Hash identifier: twhkH2JG0KTfJIulk5JvvKVzgo6bxFiBYZwIK5JAIYI= Subject key identifier: 07:5E:B0:FC:05:4D:46:99:F0:8D:50:F3:37:38:DA:13:E3:A4:C8:13 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 150A9C1E44E9A72859D3DFC699D5215E7CFD471D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa Signing time: Wed 10 Dec 2025 05:41:02 +0000 ROA not before: Wed 10 Dec 2025 05:41:02 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:0a:9c:1e:44:e9:a7:28:59:d3:df:c6:99:d5:21:5e:7c:fd:47:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:02 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1bf2374e5bd6196856f4d1973a830bfe391b12691a9efa5a97aaf3027fac77ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:21:d8:b0:ee:e7:de:6e:c9:74:ec:91:e7:e6: 18:97:ad:68:0b:2b:ce:2d:2d:a2:e6:8f:92:6d:ae: 1b:6d:77:aa:f5:08:7d:47:42:5e:7d:38:83:a2:7d: 60:68:58:40:e9:75:a1:7f:d1:17:70:52:da:23:b9: c6:07:bd:92:e7:09:a5:80:a4:7c:1b:eb:9b:c0:e7: 0c:83:66:16:32:d8:57:c6:39:cb:fa:f0:25:ac:43: 58:53:49:26:5f:7c:22:79:e5:4f:91:d5:36:c7:51: 63:0d:69:19:d7:7e:38:ee:70:47:f3:97:35:b0:8d: 81:34:cc:12:a4:40:31:87:5d:35:f6:49:53:a7:fc: c2:02:1c:20:14:dd:eb:8d:69:4e:00:45:c0:c3:52: 3c:eb:fe:5e:fc:4c:f6:12:3d:28:59:14:bc:fa:a4: e7:39:25:5d:23:31:f8:c6:72:44:7d:d3:2c:ea:92: e0:2e:01:c3:f6:ef:47:8b:b1:b1:1d:ef:c6:6d:ce: 70:1c:5c:d1:95:00:19:8f:8f:21:e2:17:6a:a7:72: 68:e8:bc:ce:f3:90:e5:71:da:20:c8:d7:18:4a:1a: cd:62:1d:db:c3:a4:8c:ad:c6:a1:0e:bc:78:5a:d4: 58:38:18:61:8e:b9:6b:b7:5c:b0:7a:80:d9:c8:13: ff:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:5E:B0:FC:05:4D:46:99:F0:8D:50:F3:37:38:DA:13:E3:A4:C8:13 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:9000::/40 Signature Algorithm: sha256WithRSAEncryption 7f:3b:9a:b0:43:e3:55:31:9f:b2:16:74:71:36:76:3e:4e:d0: 92:7a:f2:5b:fe:5b:5a:d5:40:37:a3:fa:a5:ac:46:40:e4:41: b9:ce:38:07:0b:43:45:4b:aa:0c:27:14:5f:59:6d:2b:0d:cc: 71:cb:64:61:99:ea:6e:9c:f8:ae:cc:3e:30:e9:df:40:84:a8: 55:11:af:cf:29:bf:a5:68:a5:00:68:9f:1c:04:8e:6c:6a:15: 07:2b:16:48:34:7b:54:f5:69:10:e6:ad:f7:98:35:5a:fa:f6: 95:42:b9:27:f2:bd:c6:cc:73:5b:a8:c4:51:98:8f:b0:7a:d7: 9f:10:97:2f:91:6e:82:d5:c1:d2:a1:69:d0:2e:50:73:e8:cd: 1e:96:b3:78:92:77:18:bd:12:e3:34:5d:7b:f2:02:07:75:2d: ad:94:35:06:7a:60:0f:69:47:49:57:87:40:93:b5:ad:cb:42: b9:77:1d:9b:7e:66:72:4b:c6:77:d2:f2:88:05:a1:cd:62:bc: 07:17:6b:9e:ad:e3:e5:44:0e:2e:5b:0d:25:d0:f3:17:82:da: 82:f0:89:89:e6:2f:6d:6f:a3:2f:2e:4b:0c:41:e5:76:6d:a7: 94:99:26:83:5e:78:3c:03:3c:92:d6:a7:79:93:8e:aa:9e:55: c7:e4:d8:f4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFQqcHkTppyhZ09/GmdUhXnz9Rx0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFiZjIzNzRlNWJkNjE5Njg1NmY0ZDE5NzNhODMwYmZlMzkxYjEyNjkxYTll ZmE1YTk3YWFmMzAyN2ZhYzc3Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMEh2LDu595uyXTskefmGJetaAsrzi0touaPkm2uG213qvUIfUdCXn04g6J9 YGhYQOl1oX/RF3BS2iO5xge9kucJpYCkfBvrm8DnDINmFjLYV8Y5y/rwJaxDWFNJ Jl98InnlT5HVNsdRYw1pGdd+OO5wR/OXNbCNgTTMEqRAMYddNfZJU6f8wgIcIBTd 641pTgBFwMNSPOv+XvxM9hI9KFkUvPqk5zklXSMx+MZyRH3TLOqS4C4Bw/bvR4ux sR3vxm3OcBxc0ZUAGY+PIeIXaqdyaOi8zvOQ5XHaIMjXGEoazWId28OkjK3GoQ68 eFrUWDgYYY65a7dcsHqA2cgT/x0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHXrD8 BU1GmfCNUPM3ONoT46TIEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTZiZDg3ZDUtYzExZS00NTA4LWFkYTUtZWY1OGE0OTVkM2Y2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ MA0GCSqGSIb3DQEBCwUAA4IBAQB/O5qwQ+NVMZ+yFnRxNnY+TtCSevJb/lta1UA3 o/qlrEZA5EG5zjgHC0NFS6oMJxRfWW0rDcxxy2RhmepunPiuzD4w6d9AhKhVEa/P Kb+laKUAaJ8cBI5sahUHKxZINHtU9WkQ5q33mDVa+vaVQrkn8r3GzHNbqMRRmI+w etefEJcvkW6C1cHSoWnQLlBz6M0elrN4kncYvRLjNF178gIHdS2tlDUGemAPaUdJ V4dAk7Wty0K5dx2bfmZyS8Z30vKIBaHNYrwHF2uerePlRA4uWw0l0PMXgtqC8ImJ 5i9tb6MvLksMQeV2baeUmSaDXng8AzyS1qd5k46qnlXH5Nj0 -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:45 2026 by rpki-client