This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa File: b9f26696-5522-477d-b8bf-72de7350b09a.roa (raw, json) Hash identifier: uu+r5A1A1mS+FHptpq1y6XD1xdJ0T1CgBfQBDRYG3Mk= Subject key identifier: B5:10:82:4E:A3:87:DE:C4:6E:3C:D0:82:EA:B0:54:33:9B:1B:88:38 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 58ED98AEAF7CAFAEEDEF2303D51F9DC64BEF52AF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa Signing time: Wed 10 Dec 2025 05:20:08 +0000 ROA not before: Wed 10 Dec 2025 05:20:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:ed:98:ae:af:7c:af:ae:ed:ef:23:03:d5:1f:9d:c6:4b:ef:52:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=05f8c4a436e346445bfecae1d5b389ed477c4fa54638de747fa34ecf20dd92bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a1:0b:2f:8f:e1:f8:43:6c:b1:af:a9:2b:40: eb:b1:6c:59:d3:9f:20:85:c9:07:98:06:4d:61:b1: 48:57:09:ef:90:ae:ba:37:23:56:8c:48:e8:15:0e: 7a:6e:50:24:c5:ab:cd:7a:44:81:e7:e1:f4:89:a5: 59:45:81:a4:41:87:ad:91:03:00:66:85:3e:2f:b4: 72:28:7e:02:9b:fa:d8:bf:36:9b:08:b7:1b:8e:f2: 1f:8b:1a:51:8f:87:53:38:bc:9a:44:b0:79:85:00: c6:62:6e:af:3a:94:fb:f6:9d:f8:47:9a:6a:e1:0d: 76:87:f6:0e:18:75:0b:fd:f0:a1:c1:32:f2:1d:46: 24:4c:43:8d:bc:82:c1:dd:7c:d3:38:3d:0f:69:08: a5:48:76:89:f7:05:ce:07:47:89:8e:40:83:7d:4c: 8b:a3:4d:d1:b7:76:05:ad:1b:f7:8d:be:e1:6f:ef: 9a:f7:f2:a2:f0:d4:b1:ea:02:ad:70:5b:0f:73:f2: f2:01:b3:4f:74:f4:cf:8d:78:3f:ad:0e:e0:d8:3e: e3:66:10:80:5d:84:41:0f:55:33:18:11:66:56:f9: 12:3f:18:1d:c4:5a:1f:df:b3:be:a6:c1:10:26:17: 14:8d:48:56:9f:af:96:42:62:79:dc:70:6e:8f:8c: e4:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:10:82:4E:A3:87:DE:C4:6E:3C:D0:82:EA:B0:54:33:9B:1B:88:38 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:5000::/40 Signature Algorithm: sha256WithRSAEncryption 28:e2:18:b1:d9:6f:39:df:15:ee:c9:37:92:56:a2:af:6c:e5: c7:a9:f8:76:46:d4:1c:7f:bb:f6:9c:fc:54:54:23:22:61:cd: 33:87:81:94:d1:1f:f0:e4:e0:86:3a:82:97:a4:99:6f:7a:84: 0f:66:4d:3c:37:ee:f7:af:99:5c:9a:3f:34:3c:d4:ff:28:c2: 02:f4:59:19:fd:19:6d:b6:f6:3a:f4:93:b1:37:83:b2:c6:82: e3:0e:1b:ad:85:43:01:ca:f5:25:9e:41:8b:ae:f0:d1:70:af: 65:a2:cf:c6:1a:c3:f3:d1:73:53:3d:c6:35:8e:54:3c:12:b0: 98:e5:40:9d:ad:7a:88:c5:b3:4e:5c:cb:cb:e8:96:a9:bc:77: db:db:cc:da:a4:42:58:bc:bd:a0:8b:c9:ea:1b:51:07:9a:c1: 53:bd:08:5a:72:18:e0:bc:44:8d:b7:78:06:a4:5e:6c:79:02: 37:57:c4:6b:20:d9:93:9a:b5:30:9a:26:df:a7:84:fd:f1:f9: a8:16:b8:9c:d3:c1:48:1f:de:b8:e8:47:c8:42:2c:51:13:c6: d8:ea:e1:ea:e3:21:c8:05:72:d0:37:46:de:2d:b0:6b:1e:7f: 73:df:9e:0e:87:50:2d:15:3c:0c:29:e5:fd:84:3e:cf:94:cd: 0a:7b:66:53 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWO2Yrq98r67t7yMD1R+dxkvvUq8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA1ZjhjNGE0MzZlMzQ2NDQ1YmZlY2FlMWQ1YjM4OWVkNDc3YzRmYTU0NjM4 ZGU3NDdmYTM0ZWNmMjBkZDkyYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALShCy+P4fhDbLGvqStA67FsWdOfIIXJB5gGTWGxSFcJ75CuujcjVoxI6BUO em5QJMWrzXpEgefh9ImlWUWBpEGHrZEDAGaFPi+0cih+Apv62L82mwi3G47yH4sa UY+HUzi8mkSweYUAxmJurzqU+/ad+EeaauENdof2Dhh1C/3wocEy8h1GJExDjbyC wd180zg9D2kIpUh2ifcFzgdHiY5Ag31Mi6NN0bd2Ba0b942+4W/vmvfyovDUseoC rXBbD3Py8gGzT3T0z414P60O4Ng+42YQgF2EQQ9VMxgRZlb5Ej8YHcRaH9+zvqbB ECYXFI1IVp+vlkJiedxwbo+M5EsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1EIJO o4fexG480ILqsFQzmxuIODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YjlmMjY2OTYtNTUyMi00NzdkLWI4YmYtNzJkZTczNTBiMDlhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ MA0GCSqGSIb3DQEBCwUAA4IBAQAo4hix2W853xXuyTeSVqKvbOXHqfh2RtQcf7v2 nPxUVCMiYc0zh4GU0R/w5OCGOoKXpJlveoQPZk08N+73r5lcmj80PNT/KMIC9FkZ /RlttvY69JOxN4OyxoLjDhuthUMByvUlnkGLrvDRcK9los/GGsPz0XNTPcY1jlQ8 ErCY5UCdrXqIxbNOXMvL6JapvHfb28zapEJYvL2gi8nqG1EHmsFTvQhachjgvESN t3gGpF5seQI3V8RrINmTmrUwmibfp4T98fmoFric08FIH9646EfIQixRE8bY6uHq 4yHIBXLQN0beLbBrHn9z354Oh1AtFTwMKeX9hD7PlM0Ke2ZT -----END CERTIFICATE-----Generated at Fri Jan 2 12:22:15 2026 by rpki-client