This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa File: bad2460c-8206-4534-9b9b-355c2d524858.roa (raw, json) Hash identifier: B87WZoDWUyXeiLLihS0MQ/F9OxBTIF47MiVbbQ5I0BQ= Subject key identifier: CD:9E:AC:1A:8B:A8:7A:EB:69:B6:D9:3D:CB:D1:07:D0:32:C4:E8:7E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 11748B2D7562AAF2A006EE33DBC154A8E8B4C1C0 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa Signing time: Wed 10 Dec 2025 05:50:09 +0000 ROA not before: Wed 10 Dec 2025 05:50:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07e:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:74:8b:2d:75:62:aa:f2:a0:06:ee:33:db:c1:54:a8:e8:b4:c1:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=cd251a647a26fe689c79becc7e083d4e542c2ba0b1891c7399e0ca9a07321369, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:5d:82:34:85:b8:a8:49:23:4f:d6:dc:d4:94: 84:95:01:bd:ee:e7:8a:0b:fa:fb:08:3f:89:ef:06: 2d:40:9d:f7:67:d3:c3:a6:d2:b9:0c:d3:ab:9f:ae: 84:eb:5f:99:59:8e:18:fd:a4:f9:57:7c:0c:57:22: bc:1c:54:36:f2:b5:72:6e:2c:45:84:22:02:84:ae: 5a:92:7c:a1:83:82:ee:69:9b:b6:be:76:7a:cf:65: 8f:d4:53:66:a8:e7:31:de:9d:cd:2d:55:f5:0a:a4: 3d:52:8b:60:03:20:a7:72:2f:9f:35:f9:59:52:1c: 32:9e:12:20:03:27:45:74:b7:7c:5a:ab:97:59:ae: 7e:ff:c5:41:1b:1d:80:6d:48:08:44:d6:4b:b5:34: 5c:b7:ca:68:a1:cb:3b:3f:33:63:17:45:a4:35:ef: 0a:62:5e:59:fb:58:9b:d0:c1:b1:e1:1f:09:3f:39: d8:fb:c6:79:96:01:96:79:73:9c:a0:a0:75:c6:66: 42:7e:b9:4d:3e:1a:3c:5b:80:0b:ee:b9:f4:19:af: bf:9a:21:d4:6a:11:28:74:98:52:6b:00:98:eb:42: fd:c4:83:7e:20:35:a4:36:fa:6b:2f:1d:34:81:4b: 02:4c:d0:a7:dd:dc:75:4a:46:0e:d3:d4:a9:61:6c: 3f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:9E:AC:1A:8B:A8:7A:EB:69:B6:D9:3D:CB:D1:07:D0:32:C4:E8:7E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bad2460c-8206-4534-9b9b-355c2d524858.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07e:6000::/40 Signature Algorithm: sha256WithRSAEncryption 42:38:73:dc:f8:44:e4:52:c5:1b:b7:d4:fd:60:8b:69:56:a7: 99:5d:2c:fa:5f:a3:49:ca:35:b5:12:80:2a:81:54:78:82:b5: 13:24:65:d0:57:a1:d7:c4:f7:df:ae:33:8b:78:87:16:48:c6: d6:e6:db:d8:76:8f:31:ff:d9:9e:ae:18:69:15:1c:ca:9b:61: 9f:36:60:86:58:6a:f4:63:46:b5:49:bd:f3:e3:a2:44:ee:98: a6:d9:58:41:99:e6:0e:4a:a3:c0:62:26:b6:41:4b:3b:70:4c: b6:cb:bb:b0:d8:0e:3e:7d:1d:a2:df:9c:02:9d:95:f0:29:96: be:53:e9:d1:33:70:f3:38:55:e0:2f:47:7d:65:ce:05:ce:8f: cf:b8:3f:54:13:9b:75:c6:a1:68:78:81:95:77:a2:a8:4e:8f: 5e:19:40:3e:ba:96:d4:e4:06:9a:5c:43:5b:1c:29:ce:31:b8: 10:77:a9:43:48:43:4c:4b:4d:38:e5:c9:9c:c8:be:b6:0e:8a: 53:b8:40:8e:49:97:b8:9c:c4:07:3a:69:9d:42:0c:b5:0f:40: 71:9a:ab:7e:63:f0:0d:dd:da:24:0f:f8:b8:b3:1d:da:14:ab: f2:72:25:33:96:8a:67:a4:6f:64:db:e0:40:4a:2d:65:36:8b: 84:4e:87:48 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEXSLLXViqvKgBu4z28FUqOi0wcAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNkMjUxYTY0N2EyNmZlNjg5Yzc5YmVjYzdlMDgzZDRlNTQyYzJiYTBiMTg5 MWM3Mzk5ZTBjYTlhMDczMjEzNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJRdgjSFuKhJI0/W3NSUhJUBve7nigv6+wg/ie8GLUCd92fTw6bSuQzTq5+u hOtfmVmOGP2k+Vd8DFcivBxUNvK1cm4sRYQiAoSuWpJ8oYOC7mmbtr52es9lj9RT ZqjnMd6dzS1V9QqkPVKLYAMgp3IvnzX5WVIcMp4SIAMnRXS3fFqrl1mufv/FQRsd gG1ICETWS7U0XLfKaKHLOz8zYxdFpDXvCmJeWftYm9DBseEfCT852PvGeZYBlnlz nKCgdcZmQn65TT4aPFuAC+659Bmvv5oh1GoRKHSYUmsAmOtC/cSDfiA1pDb6ay8d NIFLAkzQp93cdUpGDtPUqWFsP68CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNnqwa i6h662m22T3L0QfQMsTofjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmFkMjQ2MGMtODIwNi00NTM0LTliOWItMzU1YzJkNTI0ODU4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5g MA0GCSqGSIb3DQEBCwUAA4IBAQBCOHPc+ETkUsUbt9T9YItpVqeZXSz6X6NJyjW1 EoAqgVR4grUTJGXQV6HXxPffrjOLeIcWSMbW5tvYdo8x/9merhhpFRzKm2GfNmCG WGr0Y0a1Sb3z46JE7pim2VhBmeYOSqPAYia2QUs7cEy2y7uw2A4+fR2i35wCnZXw KZa+U+nRM3DzOFXgL0d9Zc4Fzo/PuD9UE5t1xqFoeIGVd6KoTo9eGUA+upbU5Aaa XENbHCnOMbgQd6lDSENMS0045cmcyL62DopTuECOSZe4nMQHOmmdQgy1D0Bxmqt+ Y/AN3dokD/i4sx3aFKvyciUzlopnpG9k2+BASi1lNouETodI -----END CERTIFICATE-----Generated at Sun Dec 14 13:48:23 2025 by rpki-client