This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json) Hash identifier: 0nWZoj8jbyiqs4Dp8WuTf1UdeUwpJuvLoYkjzMg5iZI= Subject key identifier: 6C:95:51:C4:44:80:67:C1:87:5C:09:E0:CA:3D:12:C3:E1:29:D0:BD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6A65FE3F47BB1D5DCF7BD1FA8AEAC6B1D17E7CEF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa Signing time: Wed 10 Dec 2025 06:20:48 +0000 ROA not before: Wed 10 Dec 2025 06:20:48 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:65:fe:3f:47:bb:1d:5d:cf:7b:d1:fa:8a:ea:c6:b1:d1:7e:7c:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:48 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a2734d2705a0444df72edaf4d75ce2c83753e289a23e8bd2cfc4edd020c2b40b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:1e:ed:e9:0e:39:4e:f6:e5:0f:ef:a6:63:49: a6:7d:40:20:99:f0:b8:02:96:61:a8:93:11:1f:b4: 4f:20:bf:0a:b0:41:c2:24:96:e9:dc:a0:e4:de:c1: 77:96:46:9d:5f:71:e3:29:ef:a6:95:20:c5:2c:53: b2:2d:60:09:54:42:55:61:36:0e:3f:10:b1:a6:2e: 0a:25:c5:81:53:b8:f6:7e:0e:75:ec:01:45:3f:18: 30:79:5d:44:1e:0c:65:6c:63:20:52:50:4a:31:c1: 30:1e:05:13:e6:f0:d8:9d:f9:fc:e1:d6:69:c4:63: ea:2d:8a:ff:49:4e:97:e4:c5:69:78:47:5d:bb:28: 3e:af:d9:b5:f6:c2:8b:5e:fb:6e:68:e8:e7:39:ae: e4:e3:55:69:cf:5a:77:7d:07:46:fb:d0:c9:66:59: f6:72:0f:2a:a6:df:5c:75:b8:4f:7f:5a:a7:06:9c: 9c:dc:d8:3d:78:a5:34:fc:ae:c0:e2:57:86:6f:e3: 1c:8a:8a:eb:0f:0d:4d:60:37:b2:e8:a3:63:64:c6: 26:08:76:ca:f4:ae:80:31:eb:13:aa:8d:de:65:a1: c5:1e:5b:a4:36:6e:6c:5e:a8:00:9b:e6:50:f4:99: 9d:50:d5:e0:43:91:9e:8f:99:67:95:7b:56:aa:46: ec:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:95:51:C4:44:80:67:C1:87:5C:09:E0:CA:3D:12:C3:E1:29:D0:BD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:5000::/40 Signature Algorithm: sha256WithRSAEncryption 5b:a9:67:d2:b2:cf:fe:9d:94:4d:40:b7:d1:bd:b5:bb:fe:b7: e3:85:4b:40:f9:df:ac:cb:e9:f9:65:92:34:cf:d3:9f:cb:0c: 2d:94:9b:b5:94:5b:14:90:d5:a5:bf:05:60:99:63:83:a7:43: e0:71:8b:a9:c5:92:9b:13:0f:8e:8b:ae:22:b3:55:0c:49:f6: 9e:96:70:46:17:81:3c:fa:b5:01:06:ed:e3:21:0c:81:21:68: dc:5d:6d:e0:99:64:14:f4:a7:44:b1:f2:b5:19:7f:df:96:a1: b8:76:08:b4:22:f7:56:b2:5d:60:98:7b:39:5e:53:fd:e1:eb: f5:15:9b:8e:a5:63:be:66:ef:47:64:2b:1e:cc:80:84:08:8f: ea:06:05:9d:87:78:8f:b9:9c:71:55:5a:39:dd:58:0e:32:90: d0:8d:7e:1b:d3:a3:d4:88:b8:69:67:78:c9:af:10:58:24:e3: 29:fe:3c:2d:05:03:e8:dc:4b:83:fd:b9:68:f7:b5:de:22:37: f2:55:e7:93:e7:8f:4e:e8:91:31:64:1d:51:95:79:b2:0f:b5: 64:67:a5:74:69:01:6f:53:ee:3a:54:d8:23:c5:e6:78:7d:b0: cf:f6:85:db:9b:1d:35:ac:95:fe:69:ac:d0:4c:7f:ce:af:15: 95:c1:ae:d3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUamX+P0e7HV3Pe9H6iurGsdF+fO8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGEyNzM0ZDI3MDVhMDQ0NGRmNzJlZGFmNGQ3NWNlMmM4Mzc1M2UyODlhMjNl OGJkMmNmYzRlZGQwMjBjMmI0MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOse7ekOOU725Q/vpmNJpn1AIJnwuAKWYaiTER+0TyC/CrBBwiSW6dyg5N7B d5ZGnV9x4ynvppUgxSxTsi1gCVRCVWE2Dj8QsaYuCiXFgVO49n4OdewBRT8YMHld RB4MZWxjIFJQSjHBMB4FE+bw2J35/OHWacRj6i2K/0lOl+TFaXhHXbsoPq/ZtfbC i177bmjo5zmu5ONVac9ad30HRvvQyWZZ9nIPKqbfXHW4T39apwacnNzYPXilNPyu wOJXhm/jHIqK6w8NTWA3suijY2TGJgh2yvSugDHrE6qN3mWhxR5bpDZubF6oAJvm UPSZnVDV4EORno+ZZ5V7VqpG7IcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRslVHE RIBnwYdcCeDKPRLD4SnQvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ MA0GCSqGSIb3DQEBCwUAA4IBAQBbqWfSss/+nZRNQLfRvbW7/rfjhUtA+d+sy+n5 ZZI0z9OfywwtlJu1lFsUkNWlvwVgmWODp0PgcYupxZKbEw+Oi64is1UMSfaelnBG F4E8+rUBBu3jIQyBIWjcXW3gmWQU9KdEsfK1GX/flqG4dgi0IvdWsl1gmHs5XlP9 4ev1FZuOpWO+Zu9HZCsezICECI/qBgWdh3iPuZxxVVo53VgOMpDQjX4b06PUiLhp Z3jJrxBYJOMp/jwtBQPo3EuD/blo97XeIjfyVeeT549O6JExZB1RlXmyD7VkZ6V0 aQFvU+46VNgjxeZ4fbDP9oXbmx01rJX+aazQTH/OrxWVwa7T -----END CERTIFICATE-----Generated at Fri Jan 2 12:22:40 2026 by rpki-client