This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json) Hash identifier: QyGQPcfKqf1PdTq1GMv5RNDu14QFwAfcXSLTLgmE5z8= Subject key identifier: 80:DA:83:0B:16:DD:FE:62:63:41:6C:85:A1:4F:25:43:97:88:FB:35 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 66A3711106FD6FBCCE8F48FA34450EFC9009FD9B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa Signing time: Wed 10 Dec 2025 05:50:10 +0000 ROA not before: Wed 10 Dec 2025 05:50:10 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:a3:71:11:06:fd:6f:bc:ce:8f:48:fa:34:45:0e:fc:90:09:fd:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:10 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=6de2d0d582aff7a48ef6101a570609333dfe5d470bb5eac5c18275b2d6803b9d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:64:95:9b:21:01:95:e3:b1:f3:94:d5:4e:bc: 28:ad:cc:bc:4c:4a:08:39:c0:fa:87:9a:e8:e1:63: 37:06:81:d8:5d:ae:07:62:a8:6c:e9:5f:df:d0:1c: 33:24:f7:93:45:40:08:74:56:9c:60:7c:ac:56:1e: 4e:fd:82:67:9e:d9:af:f7:c7:32:f6:e5:bf:08:7e: 1f:23:64:31:06:fe:e9:71:d8:11:f6:d6:3b:30:37: f0:b0:a4:68:cd:9a:53:2f:74:23:b9:24:a2:b5:6b: 5a:6a:86:ba:51:36:f4:95:09:52:47:1c:02:ed:82: dc:a7:cc:ff:72:87:b6:8b:2f:32:ec:73:c9:47:7a: be:71:18:bb:91:21:35:67:5d:64:40:66:81:79:4b: 03:d4:d7:9c:de:ae:94:b6:53:29:4f:ca:93:59:58: 8f:88:65:cf:95:23:86:bb:08:39:d8:14:e1:db:f9: 72:99:09:4e:50:80:35:a5:4c:1d:81:dd:df:8a:6a: d4:49:4c:b9:e4:de:84:f9:40:8e:a4:f2:25:64:e1: 7b:29:9b:4f:2e:db:5d:47:1b:4e:d0:cb:04:6c:cb: 20:a4:25:38:48:50:7f:40:f9:1e:00:27:33:5d:6b: 8e:e9:2b:d6:76:28:1b:e0:b5:b4:72:93:1c:11:0f: 84:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:DA:83:0B:16:DD:FE:62:63:41:6C:85:A1:4F:25:43:97:88:FB:35 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:4000::/40 Signature Algorithm: sha256WithRSAEncryption 38:e2:10:6d:0b:f5:3d:ec:1e:4f:7e:09:5d:36:95:e6:42:c7: 88:85:65:b6:b5:18:d3:2f:b5:11:be:3a:91:82:77:94:af:76: 85:d1:6d:7f:55:fa:a7:0b:56:9d:b0:ee:e1:21:a5:96:d5:1b: 4a:e8:24:9f:9a:8c:34:76:c4:0a:df:c9:63:22:1f:22:5e:28: 00:b7:fa:d2:8b:f1:1f:7f:47:f1:03:e1:21:5b:e3:4a:9f:77: c1:26:c0:6b:74:01:4b:c5:aa:2e:e6:8b:ac:0a:27:90:35:74: 24:00:d3:59:c3:11:8b:01:01:d4:63:72:a2:14:72:f4:60:ba: 5a:f1:9e:7f:0c:9e:cb:21:89:97:d4:09:45:f7:db:a1:83:39: fb:2d:1a:94:c6:54:91:8a:e9:14:5c:07:3b:61:c1:36:92:13: 3d:c1:58:44:83:73:36:2e:0a:f4:b6:aa:97:da:17:03:6e:45: ea:e5:a1:28:5e:a8:e6:94:fa:20:a2:91:e3:87:a8:76:b0:2a: 8b:f4:3c:84:77:11:02:27:8e:67:ce:28:d1:b4:dc:74:f2:91: 48:8d:a5:0d:b6:39:1c:3c:be:18:68:b2:28:3a:91:52:37:5e: 20:fb:15:ef:90:d1:3c:1b:1a:e7:d8:ba:d8:7d:19:cc:67:3c: 95:ce:cd:64 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZqNxEQb9b7zOj0j6NEUO/JAJ/ZswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDZkZTJkMGQ1ODJhZmY3YTQ4ZWY2MTAxYTU3MDYwOTMzM2RmZTVkNDcwYmI1 ZWFjNWMxODI3NWIyZDY4MDNiOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZklZshAZXjsfOU1U68KK3MvExKCDnA+oea6OFjNwaB2F2uB2KobOlf39Ac MyT3k0VACHRWnGB8rFYeTv2CZ57Zr/fHMvblvwh+HyNkMQb+6XHYEfbWOzA38LCk aM2aUy90I7kkorVrWmqGulE29JUJUkccAu2C3KfM/3KHtosvMuxzyUd6vnEYu5Eh NWddZEBmgXlLA9TXnN6ulLZTKU/Kk1lYj4hlz5UjhrsIOdgU4dv5cpkJTlCANaVM HYHd34pq1ElMueTehPlAjqTyJWTheymbTy7bXUcbTtDLBGzLIKQlOEhQf0D5HgAn M11rjukr1nYoG+C1tHKTHBEPhBkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSA2oML Ft3+YmNBbIWhTyVDl4j7NTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A MA0GCSqGSIb3DQEBCwUAA4IBAQA44hBtC/U97B5PfgldNpXmQseIhWW2tRjTL7UR vjqRgneUr3aF0W1/VfqnC1adsO7hIaWW1RtK6CSfmow0dsQK38ljIh8iXigAt/rS i/Eff0fxA+EhW+NKn3fBJsBrdAFLxaou5ousCieQNXQkANNZwxGLAQHUY3KiFHL0 YLpa8Z5/DJ7LIYmX1AlF99uhgzn7LRqUxlSRiukUXAc7YcE2khM9wVhEg3M2Lgr0 tqqX2hcDbkXq5aEoXqjmlPogopHjh6h2sCqL9DyEdxECJ45nzijRtNx08pFIjaUN tjkcPL4YaLIoOpFSN14g+xXvkNE8Gxrn2LrYfRnMZzyVzs1k -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:29 2026 by rpki-client