This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa File: ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa (raw, json) Hash identifier: ywSbjfJYwLm2a0FSnn2js9E/Sj1fvUw4mQ1X3qNtMg4= Subject key identifier: CD:41:A7:1E:A7:8C:6A:B1:7E:DF:D0:0D:44:41:23:99:DF:6C:D3:63 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 242E10965832556305F42D3A06BC8D6909ECBDA9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa Signing time: Wed 10 Dec 2025 05:51:14 +0000 ROA not before: Wed 10 Dec 2025 05:51:14 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:2e:10:96:58:32:55:63:05:f4:2d:3a:06:bc:8d:69:09:ec:bd:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:51:14 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c2e118526c471a99e6877bb295617f0dccd28648f5dbf29865a54fbfe9d31f94, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9f:67:df:c7:7d:10:85:63:37:e0:82:a2:8e: 80:57:68:c9:7c:03:af:e0:e0:a7:b9:e7:42:10:f6: 02:3d:c3:e7:04:06:6e:dd:e3:b3:13:67:d8:76:ec: 34:24:fc:c2:25:66:c6:a0:65:a0:ef:d5:f4:b3:4e: 72:67:60:00:4d:5a:67:b3:22:cf:28:c6:f6:b4:0f: f9:4e:ca:5a:52:1e:24:41:48:5d:cc:43:fe:df:04: 3d:d0:2c:fd:7c:c4:b5:79:ae:aa:f0:3f:79:9c:77: b4:1b:78:70:f9:55:90:17:4b:a9:0d:69:ad:4d:2c: b9:47:c6:27:43:3e:0d:e1:7a:25:9a:dd:99:c1:02: 29:88:79:3d:d9:d8:45:79:76:cb:8f:6e:61:41:a6: aa:40:16:a0:48:6b:62:12:03:58:e7:ba:d1:4b:3e: b4:78:64:6e:1f:25:f0:39:ab:6f:17:82:e9:0a:90: c5:66:db:77:88:0e:e9:5f:e9:b8:b4:ba:04:d6:3a: ed:05:a0:fb:0e:12:10:90:58:8f:15:9c:d8:af:c9: be:a0:08:a8:a7:e7:60:9b:44:2f:b7:51:28:d6:54: 58:27:35:e7:0b:2b:9f:49:21:eb:13:d1:ed:ab:1c: 1b:ed:04:04:9d:94:bd:96:d1:eb:2e:37:d7:8d:d5: 79:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:41:A7:1E:A7:8C:6A:B1:7E:DF:D0:0D:44:41:23:99:DF:6C:D3:63 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab1fdc4a-fa1a-4813-8272-9601a3d755e4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:10c0::/48 Signature Algorithm: sha256WithRSAEncryption 5a:0c:14:5e:4c:5b:74:49:a1:0c:2a:b1:03:97:6d:de:a4:cd: 32:5b:59:c3:89:5a:c7:41:1e:74:14:7b:45:8a:c5:a5:08:72: af:f0:d2:c5:4f:d1:72:49:0e:da:e7:b3:a8:35:c8:bf:3a:0b: e9:20:f1:47:79:ed:45:82:a6:11:a9:b6:73:33:47:14:2d:fb: 66:c1:49:d1:2c:a2:1c:6b:10:d0:62:7c:89:7b:c9:62:f2:88: e3:b7:0f:53:33:cb:ef:ab:8f:17:9b:f0:05:0b:ab:28:fe:d3: 57:dd:81:23:3f:be:ba:03:f0:ad:59:8c:b6:de:c3:c9:c8:a2: c8:77:74:ff:07:08:d9:06:f5:f4:30:50:3e:15:a1:ca:cb:47: 1a:90:dc:b2:c1:d4:d5:aa:91:47:72:95:79:20:e3:69:a8:d6: ef:4e:f3:a5:ce:5f:43:3f:4e:5a:97:2d:d6:58:45:c9:5a:0b: ac:00:80:2c:b9:83:65:da:71:8d:3e:75:ee:b5:b9:33:61:82: 69:0f:74:61:f2:1a:5c:49:a3:e2:f6:5b:63:8e:3b:c5:8a:95: 12:ad:a8:f9:40:e7:14:06:12:50:14:75:9a:e5:ae:32:a7:0b: e2:d3:e1:8c:d1:43:eb:09:4a:65:1c:c5:36:37:ef:b4:f8:7e: 59:c6:bd:e4 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUJC4QllgyVWMF9C06BryNaQnsvakwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUxMTRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGMyZTExODUyNmM0NzFhOTllNjg3N2JiMjk1NjE3ZjBkY2NkMjg2NDhmNWRi ZjI5ODY1YTU0ZmJmZTlkMzFmOTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKfZ9/HfRCFYzfggqKOgFdoyXwDr+Dgp7nnQhD2Aj3D5wQGbt3jsxNn2Hbs NCT8wiVmxqBloO/V9LNOcmdgAE1aZ7MizyjG9rQP+U7KWlIeJEFIXcxD/t8EPdAs /XzEtXmuqvA/eZx3tBt4cPlVkBdLqQ1prU0suUfGJ0M+DeF6JZrdmcECKYh5PdnY RXl2y49uYUGmqkAWoEhrYhIDWOe60Us+tHhkbh8l8DmrbxeC6QqQxWbbd4gO6V/p uLS6BNY67QWg+w4SEJBYjxWc2K/JvqAIqKfnYJtEL7dRKNZUWCc15wsrn0kh6xPR 7ascG+0EBJ2UvZbR6y43143VeVcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNQace p4xqsX7f0A1EQSOZ32zTYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWIxZmRjNGEtZmExYS00ODEzLTgyNzItOTYwMWEzZDc1NWU0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ wDANBgkqhkiG9w0BAQsFAAOCAQEAWgwUXkxbdEmhDCqxA5dt3qTNMltZw4lax0Ee dBR7RYrFpQhyr/DSxU/RckkO2uezqDXIvzoL6SDxR3ntRYKmEam2czNHFC37ZsFJ 0SyiHGsQ0GJ8iXvJYvKI47cPUzPL76uPF5vwBQurKP7TV92BIz++ugPwrVmMtt7D yciiyHd0/wcI2Qb19DBQPhWhystHGpDcssHU1aqRR3KVeSDjaajW707zpc5fQz9O Wpct1lhFyVoLrACALLmDZdpxjT517rW5M2GCaQ90YfIaXEmj4vZbY447xYqVEq2o +UDnFAYSUBR1muWuMqcL4tPhjNFD6wlKZRzFNjfvtPh+Wca95A== -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:22 2026 by rpki-client