This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json) Hash identifier: /3qpEo0JnspF3xXvrjeqh9uSp9AgOrJOaH0S/GAnYhE= Subject key identifier: 64:86:48:2E:18:84:C3:80:5F:FA:67:19:B2:2C:6C:4F:82:1C:0F:33 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 10DE35C32692C21CF4401A10EE2D5D46840BF689 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa Signing time: Wed 10 Dec 2025 06:11:30 +0000 ROA not before: Wed 10 Dec 2025 06:11:30 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:de:35:c3:26:92:c2:1c:f4:40:1a:10:ee:2d:5d:46:84:0b:f6:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:30 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d74c3ac57c908bb0100b7c45735eea52f1d1a14a54d60eabd0b96534dc28f47b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:75:c1:a0:50:c9:87:79:24:c5:f9:eb:ff:c7: a0:28:c6:45:9b:7e:ae:96:82:85:95:81:e5:a4:9e: 90:c9:b1:12:8e:be:e0:ba:a3:ce:75:d1:c7:90:74: 3b:68:b1:33:0a:a0:0f:2b:c7:d6:36:88:fb:22:8a: 44:b5:7a:cb:6e:92:9b:bc:56:19:15:32:38:c8:d7: 40:ce:1f:52:16:3d:05:d1:1e:23:da:19:01:42:f0: 09:55:8e:42:88:c4:91:cf:5c:f3:52:24:12:14:cb: 76:dc:a0:89:23:a2:91:34:46:8b:2a:93:5e:72:84: f5:65:58:6a:47:ee:d2:2e:92:2e:5b:b5:69:ab:4b: 69:bd:5c:b7:01:8d:68:bc:d3:46:0f:62:45:cd:8c: d7:d3:a6:77:ba:7e:c0:bc:7d:e0:a5:5c:2b:16:d3: 5a:52:5e:23:9b:d1:dd:99:ab:2c:cc:1a:41:78:91: 44:3c:37:3b:d8:bf:7e:42:ef:9d:3e:72:8a:ea:32: 1e:bf:22:20:16:e2:bc:5d:ee:a4:63:fa:dd:66:05: 0c:48:e9:b1:85:6b:e8:92:41:ce:87:9c:51:88:a3: d8:14:d6:a5:db:36:dc:29:8d:63:4f:bd:b9:5f:e1: b7:9a:9c:e4:c4:1e:5f:ea:68:3c:1a:85:f4:b3:d3: b7:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:86:48:2E:18:84:C3:80:5F:FA:67:19:B2:2C:6C:4F:82:1C:0F:33 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:6080::/48 Signature Algorithm: sha256WithRSAEncryption 50:ce:3c:ee:02:db:50:ca:94:a2:46:e1:00:be:d3:b1:75:ac: a8:08:ce:45:a9:d7:94:48:82:d3:82:f3:b3:52:2e:82:5d:d5: 02:24:7c:99:5c:3f:90:60:74:5a:06:0a:a8:9c:fc:fb:59:05: 9c:7e:df:65:e9:3a:1f:50:d5:72:fb:0f:a7:31:92:c4:f1:6e: 9e:7c:c0:93:c1:3c:1f:c8:fc:b5:66:3f:06:19:02:43:ff:a7: 47:9c:90:e0:86:e9:c7:d3:68:7c:e1:f6:45:fe:67:eb:d8:eb: e6:4c:43:0f:1e:40:22:3e:01:d5:28:6d:5e:8a:b3:60:46:74: a1:98:b6:4f:c7:9e:35:4e:d7:5f:91:50:11:47:dc:54:32:73: f0:c7:a2:7c:ad:50:17:bf:bb:c5:ee:86:2c:cc:4c:4b:f9:cf: 76:59:31:62:ff:e0:0f:42:9e:a4:82:9c:fa:97:3b:4e:f8:24: 0b:2f:97:26:a3:33:dc:24:a9:a4:9e:1a:0d:a4:e1:1b:62:96: ab:8e:fb:00:8e:45:aa:f3:fb:eb:da:e9:28:73:82:d2:eb:ad: ba:40:50:fe:32:7e:8d:4f:4b:71:64:80:d5:29:22:92:92:65: 69:2d:ef:ef:88:8d:bd:44:f0:75:e8:4d:48:02:22:26:35:85: b4:58:3c:44 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUEN41wyaSwhz0QBoQ7i1dRoQL9okwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMzBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ3NGMzYWM1N2M5MDhiYjAxMDBiN2M0NTczNWVlYTUyZjFkMWExNGE1NGQ2 MGVhYmQwYjk2NTM0ZGMyOGY0N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL91waBQyYd5JMX56//HoCjGRZt+rpaChZWB5aSekMmxEo6+4LqjznXRx5B0 O2ixMwqgDyvH1jaI+yKKRLV6y26Sm7xWGRUyOMjXQM4fUhY9BdEeI9oZAULwCVWO QojEkc9c81IkEhTLdtygiSOikTRGiyqTXnKE9WVYakfu0i6SLlu1aatLab1ctwGN aLzTRg9iRc2M19Omd7p+wLx94KVcKxbTWlJeI5vR3ZmrLMwaQXiRRDw3O9i/fkLv nT5yiuoyHr8iIBbivF3upGP63WYFDEjpsYVr6JJBzoecUYij2BTWpds23CmNY0+9 uV/ht5qc5MQeX+poPBqF9LPTtzsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkhkgu GITDgF/6ZxmyLGxPghwPMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg gDANBgkqhkiG9w0BAQsFAAOCAQEAUM487gLbUMqUokbhAL7TsXWsqAjORanXlEiC 04Lzs1Iugl3VAiR8mVw/kGB0WgYKqJz8+1kFnH7fZek6H1DVcvsPpzGSxPFunnzA k8E8H8j8tWY/BhkCQ/+nR5yQ4Ibpx9NofOH2Rf5n69jr5kxDDx5AIj4B1ShtXoqz YEZ0oZi2T8eeNU7XX5FQEUfcVDJz8MeifK1QF7+7xe6GLMxMS/nPdlkxYv/gD0Ke pIKc+pc7TvgkCy+XJqMz3CSppJ4aDaThG2KWq477AI5FqvP769rpKHOC0uutukBQ /jJ+jU9LcWSA1SkikpJlaS3v74iNvUTwdehNSAIiJjWFtFg8RA== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:34 2026 by rpki-client