This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa File: bdd33562-2653-4549-84dc-25f96aa10a83.roa (raw, json) Hash identifier: T4ZHDc0UPKAy2573APEVeaaYueVmbnRs5lJmCYPA6TY= Subject key identifier: 73:57:B9:03:F3:A9:97:A4:C9:40:33:50:AA:F9:AC:DD:76:B5:F6:F5 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5AEF494973418A1308ED79A52DCB6BAAE30A1771 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa Signing time: Wed 10 Dec 2025 05:31:26 +0000 ROA not before: Wed 10 Dec 2025 05:31:26 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d021::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:ef:49:49:73:41:8a:13:08:ed:79:a5:2d:cb:6b:aa:e3:0a:17:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:26 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ca492628e73cf58d85735675fccce61f43f0286aa9e9a9d302d9b032f6d97a50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:21:59:47:88:d9:8e:f8:45:08:b3:38:25:26: 55:3d:06:4f:0a:15:41:64:7c:7e:53:c5:2c:a3:2a: 3c:4b:8d:33:b5:58:33:f6:4f:f5:29:16:39:79:18: e5:a7:a0:3a:0f:ca:eb:b8:0a:ae:d3:6f:92:00:ff: 6f:2f:45:41:65:e8:8c:93:e8:07:f0:4a:37:1b:93: 4e:82:c6:67:fe:d5:46:61:d5:bc:e4:06:7a:13:65: ef:2c:85:5b:0f:ae:d7:84:1c:21:47:db:de:cb:82: 00:b5:3f:05:31:c1:ba:ef:6b:3f:d9:52:39:e8:7c: 5e:97:0f:0c:6d:47:54:cd:e2:ea:4c:0a:b2:e8:2a: aa:ae:0c:57:c9:58:b8:a6:68:c7:24:6f:a5:fb:f0: 23:3b:95:73:9c:3e:c8:1b:cd:a7:95:6d:1c:a5:9f: 6a:eb:37:dc:2c:8f:a1:cc:e2:fe:d0:09:f4:aa:c3: 78:3f:1c:04:f0:c2:cf:2a:5c:f1:42:60:10:f6:c3: 48:2e:88:17:b5:75:d4:d7:e7:6e:e4:5e:4b:e1:cc: ce:ee:68:e5:0f:ce:b8:2f:dc:2e:fa:5f:0c:68:79: 06:e2:7f:93:ce:ea:fa:d4:b7:35:d0:08:c2:c9:50: 1e:e0:9e:5f:25:51:1f:8a:c0:47:35:a9:20:4d:36: 0a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:57:B9:03:F3:A9:97:A4:C9:40:33:50:AA:F9:AC:DD:76:B5:F6:F5 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d021::/36 Signature Algorithm: sha256WithRSAEncryption 11:f4:2a:a8:4b:be:0f:40:c1:88:17:54:fc:46:9b:0d:a4:86: 17:b2:b0:24:3e:7e:bb:ff:06:69:32:ff:2f:ab:2d:4d:81:da: 78:aa:db:cc:e3:bf:18:13:7b:ee:ce:40:15:7f:be:05:eb:56: 41:aa:f8:f7:c7:24:76:d1:e1:ae:51:c1:5c:01:95:65:a7:71: a0:71:2c:bc:56:94:09:d6:c4:51:db:99:b0:88:bc:cd:63:80: 51:78:21:df:92:c3:e3:e4:fc:b3:aa:21:25:a2:d2:c4:e1:db: 51:7f:11:15:10:f2:be:34:27:d4:02:bd:bf:b0:e3:f9:15:3a: 71:8c:8b:50:c6:64:08:9a:e2:26:8e:cc:46:3b:75:24:c0:ed: d4:ee:27:80:85:25:cc:c4:bf:57:81:99:a0:cd:0b:53:2c:3e: 13:be:4f:3a:29:81:bb:4b:7e:d9:d9:82:4e:60:fe:99:8f:3c: b8:f2:9c:4e:5b:32:3c:a9:f9:f9:e7:3f:82:66:a7:23:29:f2: e4:30:ed:ac:b9:fb:d5:57:c8:6d:af:dd:3d:49:fe:80:4f:73: 3f:25:6d:11:64:73:20:da:6c:76:d9:43:d3:9c:94:66:89:f2: af:f8:a7:0c:90:88:7b:39:3a:6f:c9:9d:6d:bb:74:c5:3a:9b: a7:85:ae:3d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWu9JSXNBihMI7XmlLctrquMKF3EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMjZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNhNDkyNjI4ZTczY2Y1OGQ4NTczNTY3NWZjY2NlNjFmNDNmMDI4NmFhOWU5 YTlkMzAyZDliMDMyZjZkOTdhNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMAhWUeI2Y74RQizOCUmVT0GTwoVQWR8flPFLKMqPEuNM7VYM/ZP9SkWOXkY 5aegOg/K67gKrtNvkgD/by9FQWXojJPoB/BKNxuTToLGZ/7VRmHVvOQGehNl7yyF Ww+u14QcIUfb3suCALU/BTHBuu9rP9lSOeh8XpcPDG1HVM3i6kwKsugqqq4MV8lY uKZoxyRvpfvwIzuVc5w+yBvNp5VtHKWfaus33CyPoczi/tAJ9KrDeD8cBPDCzypc 8UJgEPbDSC6IF7V11NfnbuReS+HMzu5o5Q/OuC/cLvpfDGh5BuJ/k87q+tS3NdAI wslQHuCeXyVRH4rARzWpIE02ClsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzV7kD 86mXpMlAM1Cq+azddrX29TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YmRkMzM1NjItMjY1My00NTQ5LTg0ZGMtMjVmOTZhYTEwYTgzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CEA MA0GCSqGSIb3DQEBCwUAA4IBAQAR9CqoS74PQMGIF1T8RpsNpIYXsrAkPn67/wZp Mv8vqy1Ngdp4qtvM478YE3vuzkAVf74F61ZBqvj3xyR20eGuUcFcAZVlp3GgcSy8 VpQJ1sRR25mwiLzNY4BReCHfksPj5PyzqiElotLE4dtRfxEVEPK+NCfUAr2/sOP5 FTpxjItQxmQImuImjsxGO3UkwO3U7ieAhSXMxL9XgZmgzQtTLD4Tvk86KYG7S37Z 2YJOYP6Zjzy48pxOWzI8qfn55z+CZqcjKfLkMO2sufvVV8htr909Sf6AT3M/JW0R ZHMg2mx22UPTnJRmifKv+KcMkIh7OTpvyZ1tu3TFOpunha49 -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:34 2026 by rpki-client