This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json) Hash identifier: x4z1TGPzJWcpTHAp0CsK7M+NrFcJKCYe4v1rPKhRLrg= Subject key identifier: 6B:0A:15:BC:0A:93:CC:3E:34:07:87:8D:5B:88:C6:DC:12:6E:0C:B7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1381DBA04FA214BC0CA54AFDA48F36FB822E0C59 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa Signing time: Wed 10 Dec 2025 06:10:08 +0000 ROA not before: Wed 10 Dec 2025 06:10:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:81:db:a0:4f:a2:14:bc:0c:a5:4a:fd:a4:8f:36:fb:82:2e:0c:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3c9012778de7f01e87c2f8dec08b759a25109fb55fd93c4f8b254291e3cf2503, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:76:7a:ff:70:11:a1:34:c9:40:1d:ba:49:55: ab:7f:7e:8e:64:1a:34:00:1f:d5:4a:6f:45:d5:40: 66:c9:3d:a7:90:4e:17:97:46:07:68:00:d4:7b:f1: 55:a1:91:ea:2b:77:8f:1e:de:78:7a:ef:44:0f:46: 85:5d:fa:72:1f:0b:09:17:57:bd:a1:8e:f4:04:8e: 21:ca:ea:f2:ad:ee:ff:eb:c5:b7:ba:7f:3f:ab:26: 35:4d:b0:fe:9f:c2:d1:bd:53:06:e1:5b:43:0b:d9: 1a:f8:68:f2:fa:da:52:78:4a:bb:aa:be:ca:ba:bc: 36:7f:a6:97:f4:f7:3b:6e:b2:d1:4f:39:6f:b9:09: d9:68:82:ec:4f:71:a7:42:7c:ae:ea:7e:f8:cc:8d: 1c:d4:54:59:ce:9b:6f:db:cd:c4:e1:3e:09:9c:c3: b6:f1:49:6a:ac:0a:aa:f2:bc:88:62:cf:cb:7f:43: 9e:60:d6:9e:5e:c6:ab:3c:db:12:ec:c6:50:e2:a9: b8:a8:0b:fd:e3:06:5e:74:56:56:f3:72:a6:bc:ff: e3:7c:8c:47:57:73:8f:d1:4f:05:53:1e:98:7f:42: e5:94:f0:82:27:72:9e:8d:a2:24:92:f0:06:86:96: e0:63:f1:dc:e9:3d:30:9a:04:bd:61:a6:61:4c:59: 2f:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:0A:15:BC:0A:93:CC:3E:34:07:87:8D:5B:88:C6:DC:12:6E:0C:B7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:2000::/40 Signature Algorithm: sha256WithRSAEncryption 17:7a:e1:24:5d:e1:92:a1:a8:a2:bf:52:27:7a:09:c9:25:d5: d7:c1:69:94:d3:1f:86:6e:9e:88:dc:23:28:81:7d:70:0c:b1: 4d:55:05:f7:f9:79:8a:6e:31:08:d4:be:46:bb:58:ce:07:03: b9:3f:09:12:dc:7b:42:cf:a0:c2:79:95:9f:9f:af:43:37:de: 9b:6f:a3:46:56:0c:19:e6:d8:52:e6:a7:94:28:2e:9d:c5:3f: cb:56:4a:6d:1d:5a:6c:d5:c3:de:5e:fd:bc:33:e3:da:88:29: 9a:ff:28:c9:50:9f:52:00:76:3a:ed:b4:a2:54:a6:c0:42:82: e1:c4:51:ec:6c:64:34:1a:d6:41:23:f8:74:b9:cc:c4:dc:f5: 20:e5:7f:f9:43:2f:d2:12:90:83:cf:c3:a2:62:e2:12:37:d0: 5d:99:a6:96:46:25:71:21:84:6b:0f:ae:11:71:a2:ab:80:0d: 4c:ba:36:06:c3:1a:71:0e:e0:1a:48:41:c5:00:66:ef:45:48: 98:4f:91:e5:b8:f1:fc:23:0b:1b:a3:58:9c:d5:3c:ca:6a:07: 49:39:10:17:cb:38:5f:64:2c:58:9d:c1:34:c8:21:aa:5e:34: 23:44:3a:9b:2f:38:3a:cd:16:ba:43:29:1e:c1:62:52:f0:6e: 45:44:dd:10 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUE4HboE+iFLwMpUr9pI82+4IuDFkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNjOTAxMjc3OGRlN2YwMWU4N2MyZjhkZWMwOGI3NTlhMjUxMDlmYjU1ZmQ5 M2M0ZjhiMjU0MjkxZTNjZjI1MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALd2ev9wEaE0yUAduklVq39+jmQaNAAf1UpvRdVAZsk9p5BOF5dGB2gA1Hvx VaGR6it3jx7eeHrvRA9GhV36ch8LCRdXvaGO9ASOIcrq8q3u/+vFt7p/P6smNU2w /p/C0b1TBuFbQwvZGvho8vraUnhKu6q+yrq8Nn+ml/T3O26y0U85b7kJ2WiC7E9x p0J8rup++MyNHNRUWc6bb9vNxOE+CZzDtvFJaqwKqvK8iGLPy39DnmDWnl7Gqzzb EuzGUOKpuKgL/eMGXnRWVvNyprz/43yMR1dzj9FPBVMemH9C5ZTwgidyno2iJJLw BoaW4GPx3Ok9MJoEvWGmYUxZL4MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrChW8 CpPMPjQHh41biMbcEm4MtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg MA0GCSqGSIb3DQEBCwUAA4IBAQAXeuEkXeGSoaiiv1InegnJJdXXwWmU0x+Gbp6I 3CMogX1wDLFNVQX3+XmKbjEI1L5Gu1jOBwO5PwkS3HtCz6DCeZWfn69DN96bb6NG VgwZ5thS5qeUKC6dxT/LVkptHVps1cPeXv28M+PaiCma/yjJUJ9SAHY67bSiVKbA QoLhxFHsbGQ0GtZBI/h0uczE3PUg5X/5Qy/SEpCDz8OiYuISN9BdmaaWRiVxIYRr D64RcaKrgA1MujYGwxpxDuAaSEHFAGbvRUiYT5HluPH8Iwsbo1ic1TzKagdJORAX yzhfZCxYncE0yCGqXjQjRDqbLzg6zRa6QykewWJS8G5FRN0Q -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:37 2026 by rpki-client