This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json) Hash identifier: 8eQxPyPv9BjWQVWrVBacsjCXbPZuPOffq66uVqvMAog= Subject key identifier: 36:96:B9:A2:E6:90:12:49:83:E7:7F:0A:AB:9E:F6:14:B5:C2:59:AD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 362FD1F531E461E84AC9A4BBBD28AEA103A6DE74 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa Signing time: Sat 15 Nov 2025 06:10:25 +0000 ROA not before: Sat 15 Nov 2025 06:10:25 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07e:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 19 Nov 2025 17:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:2f:d1:f5:31:e4:61:e8:4a:c9:a4:bb:bd:28:ae:a1:03:a6:de:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:25 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=8773c5e7ef592371e5d70b716ef7ad500028b6fb157b72c8c28af3288637820a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:5e:01:94:7a:85:1f:e3:c0:fb:42:64:ab:54: 4f:99:a7:56:d9:4f:38:0b:60:2c:f3:dd:f5:3d:5b: 7a:07:ab:e0:71:a5:94:64:54:67:77:10:fd:f2:e1: 18:1c:0c:06:de:d3:a4:89:ec:cf:6d:58:b8:e4:09: 06:81:92:70:fc:be:e5:25:73:10:12:1d:9b:16:2d: 23:50:43:2f:30:73:77:f7:c2:df:71:66:80:5c:a7: d9:f1:0a:85:1a:84:ae:ef:62:5e:2b:5b:f1:6c:25: b2:77:f0:bd:48:1c:c9:3e:e6:3f:d1:0e:6c:6a:77: 1c:03:2c:94:59:a5:47:f0:99:a6:ed:0a:0f:85:63: 7d:60:34:b0:45:5e:46:19:c4:74:d4:80:e5:99:f8: a0:25:66:e9:b7:f2:14:f9:db:42:d3:f0:0b:7f:7d: b2:0a:48:93:d4:93:ed:5f:2c:44:95:7b:05:f5:49: f2:bf:49:c9:63:22:ed:57:a2:df:9b:6b:6d:d7:70: ec:42:d2:4b:b9:04:eb:f4:ef:ba:3f:35:1b:0c:d2: b6:12:2c:a7:d3:19:bd:b4:3d:01:13:75:c4:08:48: ac:88:bf:82:2f:78:33:d3:39:1c:35:35:cc:c7:5e: ce:5f:08:9f:1e:45:9f:a9:b8:aa:67:ae:ec:2e:d8: 16:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:96:B9:A2:E6:90:12:49:83:E7:7F:0A:AB:9E:F6:14:B5:C2:59:AD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07e:a000::/40 Signature Algorithm: sha256WithRSAEncryption 31:8f:39:39:4d:7f:8b:56:21:fb:eb:f6:4b:63:5d:dc:83:ed: ae:cb:cc:1f:ef:80:d3:b4:70:d4:fb:c8:1d:1d:34:20:49:60: 3e:f2:37:aa:dd:f8:d7:77:af:6c:7e:96:75:c5:d8:73:ee:62: aa:36:c0:2b:c2:e2:d4:11:92:c4:e9:e4:ac:90:ab:0b:b4:08: 96:bb:ae:16:47:e3:3d:42:c0:a7:1d:56:67:f0:d9:27:2c:f5: c5:fb:92:0e:be:19:83:48:64:39:36:a8:57:95:c9:77:77:2d: f9:2c:44:69:93:88:3a:7d:26:f8:70:3f:37:6e:1f:4c:19:ae: 3e:c5:14:f9:7a:34:f0:4a:4b:8c:e9:59:6d:e6:8c:76:ac:a0: e8:d7:fa:fc:f5:2a:72:d8:3e:ac:0f:59:f1:9a:95:ac:c5:9f: 26:04:7c:35:7b:ec:a2:57:7a:67:94:cf:98:59:0e:d4:8d:51: cc:85:12:67:35:5c:45:42:ca:e2:7d:7b:83:ba:e1:13:aa:2e: d2:d0:1a:1e:db:2f:fd:eb:21:f7:a2:6d:82:98:85:dc:38:94: 28:09:6d:ca:b1:c9:79:48:4e:42:00:38:64:10:47:93:32:89: 73:05:2f:cf:05:a8:e8:58:2c:49:7c:77:25:95:8b:10:9a:b7: 11:08:da:9a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNi/R9THkYehKyaS7vSiuoQOm3nQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMjVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDg3NzNjNWU3ZWY1OTIzNzFlNWQ3MGI3MTZlZjdhZDUwMDAyOGI2ZmIxNTdi NzJjOGMyOGFmMzI4ODYzNzgyMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN1eAZR6hR/jwPtCZKtUT5mnVtlPOAtgLPPd9T1beger4HGllGRUZ3cQ/fLh GBwMBt7TpInsz21YuOQJBoGScPy+5SVzEBIdmxYtI1BDLzBzd/fC33FmgFyn2fEK hRqEru9iXitb8WwlsnfwvUgcyT7mP9EObGp3HAMslFmlR/CZpu0KD4VjfWA0sEVe RhnEdNSA5Zn4oCVm6bfyFPnbQtPwC399sgpIk9ST7V8sRJV7BfVJ8r9JyWMi7Vei 35trbddw7ELSS7kE6/Tvuj81GwzSthIsp9MZvbQ9ARN1xAhIrIi/gi94M9M5HDU1 zMdezl8Inx5Fn6m4qmeu7C7YFgECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ2lrmi 5pASSYPnfwqrnvYUtcJZrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g MA0GCSqGSIb3DQEBCwUAA4IBAQAxjzk5TX+LViH76/ZLY13cg+2uy8wf74DTtHDU +8gdHTQgSWA+8jeq3fjXd69sfpZ1xdhz7mKqNsArwuLUEZLE6eSskKsLtAiWu64W R+M9QsCnHVZn8NknLPXF+5IOvhmDSGQ5NqhXlcl3dy35LERpk4g6fSb4cD83bh9M Ga4+xRT5ejTwSkuM6Vlt5ox2rKDo1/r89Spy2D6sD1nxmpWsxZ8mBHw1e+yiV3pn lM+YWQ7UjVHMhRJnNVxFQsrifXuDuuETqi7S0Boe2y/96yH3om2CmIXcOJQoCW3K scl5SE5CADhkEEeTMolzBS/PBajoWCxJfHcllYsQmrcRCNqa -----END CERTIFICATE-----Generated at Tue Nov 18 21:42:08 2025 by rpki-client