This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa File: b92d2073-fe74-4c3d-87a9-37106f766cba.roa (raw, json) Hash identifier: H80+ywuL/xhS5qXq1/cQ92sRYeb2qlSx59PgssaYV5o= Subject key identifier: D6:82:8F:D5:60:CD:65:3B:C7:04:08:CB:D2:22:90:FB:25:9B:D9:4A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 06607824BFE1653C8AB04DABFD1B79A64803D4BD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa Signing time: Wed 10 Dec 2025 05:50:57 +0000 ROA not before: Wed 10 Dec 2025 05:50:57 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:8060::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:60:78:24:bf:e1:65:3c:8a:b0:4d:ab:fd:1b:79:a6:48:03:d4:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:57 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=354b79a1b7280651666aa0f64cd9fad3b3018691b81e9132b8c4daead414da2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:11:5b:5f:e0:34:bc:2f:83:08:04:a8:66:41: b4:d7:3c:d3:c7:61:4c:a8:3a:32:9c:39:17:cd:1a: 3b:90:07:bc:65:20:06:25:57:bc:89:ff:e4:34:b0: 73:b7:ba:f7:1b:fa:fd:39:f9:94:af:c2:ca:3c:13: f8:36:e6:dd:3f:fe:9b:43:0f:24:17:f0:99:d5:6b: d9:4b:a4:06:10:3b:68:c5:49:79:eb:8c:e0:d4:6a: b8:76:c4:03:34:b4:ee:3a:68:27:62:83:b7:16:b2: fc:5a:e2:5d:a3:af:60:15:5c:c7:40:1c:33:99:3f: fe:bd:20:42:5c:dc:5e:5c:a6:45:64:d2:f9:d4:bd: aa:d3:7a:dc:7e:52:3c:90:c8:e2:c0:e2:cd:66:d1: 2f:da:91:f1:43:78:58:a4:48:0c:cf:b2:fb:cb:3a: e3:85:95:a8:f0:a1:bb:cd:51:e4:b0:95:d6:8f:98: 9f:49:39:46:66:7d:59:db:66:2d:2a:63:52:d6:ef: 44:d8:e7:9e:95:e3:34:1d:1c:98:59:0c:26:a3:19: 87:c9:61:79:4c:88:e2:d1:37:5e:a3:3f:f3:c7:c5: ff:af:89:a3:43:82:5d:91:ca:e8:86:1c:3a:b5:27: 78:3d:59:f3:d0:5c:af:99:72:38:74:ce:d3:a1:62: 16:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:82:8F:D5:60:CD:65:3B:C7:04:08:CB:D2:22:90:FB:25:9B:D9:4A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:8060::/48 Signature Algorithm: sha256WithRSAEncryption a7:45:8e:8d:00:41:59:e9:99:d7:11:08:b5:25:b2:ba:e4:12: 1f:88:91:63:c1:2a:98:1b:c4:eb:6a:68:dc:54:87:fc:58:f6: 90:b9:03:2c:6c:d0:46:f5:d4:17:ce:3f:e6:45:0f:e6:a4:22: fc:1c:d7:c8:b0:dd:27:8a:0f:16:16:c4:28:79:72:b8:88:f9: ce:b7:73:c6:b2:fe:b0:46:b6:67:10:13:61:1a:21:3f:8b:81: a3:0c:9c:68:8d:0d:16:b6:12:30:85:33:36:67:2f:b2:13:5f: 34:7f:71:af:f1:1e:e7:75:c1:ad:3a:07:77:01:79:2b:4b:18: ec:78:ef:1e:a2:3c:cf:24:f2:18:d8:6d:d0:c8:02:c9:f8:85: 32:06:94:36:78:af:fd:89:95:80:46:90:b6:cb:42:a4:48:57: 81:20:df:47:05:4e:e9:77:80:8b:c9:66:77:ec:cd:ea:9b:b5: e3:ff:d2:bc:07:36:c8:ee:ea:57:f5:04:fa:6e:5f:a0:f1:bd: ae:b1:61:76:e9:c2:07:25:91:78:47:79:34:b7:52:11:72:50: 82:ca:a6:bc:04:20:8b:5c:eb:17:72:e6:09:e9:5f:0b:96:c0: fd:7c:83:65:44:47:d3:95:39:38:9e:7c:f8:6a:53:0c:78:dd: cc:07:94:81 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUBmB4JL/hZTyKsE2r/Rt5pkgD1L0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNTdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDM1NGI3OWExYjcyODA2NTE2NjZhYTBmNjRjZDlmYWQzYjMwMTg2OTFiODFl OTEzMmI4YzRkYWVhZDQxNGRhMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMcRW1/gNLwvgwgEqGZBtNc808dhTKg6Mpw5F80aO5AHvGUgBiVXvIn/5DSw c7e69xv6/Tn5lK/CyjwT+Dbm3T/+m0MPJBfwmdVr2UukBhA7aMVJeeuM4NRquHbE AzS07jpoJ2KDtxay/FriXaOvYBVcx0AcM5k//r0gQlzcXlymRWTS+dS9qtN63H5S PJDI4sDizWbRL9qR8UN4WKRIDM+y+8s644WVqPChu81R5LCV1o+Yn0k5RmZ9Wdtm LSpjUtbvRNjnnpXjNB0cmFkMJqMZh8lheUyI4tE3XqM/88fF/6+Jo0OCXZHK6IYc OrUneD1Z89Bcr5lyOHTO06FiFlsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTWgo/V YM1lO8cECMvSIpD7JZvZSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjkyZDIwNzMtZmU3NC00YzNkLTg3YTktMzcxMDZmNzY2Y2JhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA YDANBgkqhkiG9w0BAQsFAAOCAQEAp0WOjQBBWemZ1xEItSWyuuQSH4iRY8EqmBvE 62po3FSH/Fj2kLkDLGzQRvXUF84/5kUP5qQi/BzXyLDdJ4oPFhbEKHlyuIj5zrdz xrL+sEa2ZxATYRohP4uBowycaI0NFrYSMIUzNmcvshNfNH9xr/Ee53XBrToHdwF5 K0sY7HjvHqI8zyTyGNht0MgCyfiFMgaUNniv/YmVgEaQtstCpEhXgSDfRwVO6XeA i8lmd+zN6pu14//SvAc2yO7qV/UE+m5foPG9rrFhdunCByWReEd5NLdSEXJQgsqm vAQgi1zrF3LmCelfC5bA/XyDZURH05U5OJ58+GpTDHjdzAeUgQ== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:28 2026 by rpki-client