This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9762274-c916-4e75-a8ee-f0e4966bd488.roa File: c9762274-c916-4e75-a8ee-f0e4966bd488.roa (raw, json) Hash identifier: 4VqRU9qwd/CKdykwlZ52uBoKhLZ9+PUfhqY5UsYFLFI= Subject key identifier: F0:DF:BC:52:29:07:25:7B:AA:A2:D2:83:41:98:5D:5C:8F:71:6D:7B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 65AAA45F39F417A8855BE78ACFFD426884368471 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9762274-c916-4e75-a8ee-f0e4966bd488.roa Signing time: Sun 07 Dec 2025 03:00:09 +0000 ROA not before: Sun 07 Dec 2025 03:00:09 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07b:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:aa:a4:5f:39:f4:17:a8:85:5b:e7:8a:cf:fd:42:68:84:36:84:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 7 03:00:09 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=a8e1682eaabdf1361bb35eb7663767023c33bab58e80c62574fb914e88ec8c64, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ce:e5:1c:c7:3b:f3:14:59:1c:66:b8:04:f3: 59:18:ca:2c:f8:93:ac:4a:25:fd:7f:e0:3e:85:e9: ec:12:20:e9:a9:df:51:45:3d:a0:40:7f:8a:23:7e: f8:b4:cb:46:42:e1:43:f7:dc:4e:be:92:55:f6:7b: ce:9b:17:f3:68:e5:ac:de:33:b0:b6:05:d1:52:bb: e1:27:4f:23:25:cf:67:94:21:a9:02:98:cc:05:3e: 15:a4:f5:1e:35:25:6f:71:f2:0e:d8:e4:17:d2:b6: b0:29:36:1c:15:9a:b3:8a:ed:b7:33:28:86:2a:1c: ad:1a:c6:7c:67:0a:f6:a2:ee:29:ee:f7:d0:e5:6e: 3e:ef:1a:1d:5d:fc:b9:55:8b:81:64:2d:4a:e6:6b: 8a:50:40:8b:e8:0e:4e:b4:4e:c2:89:0b:91:14:ac: ea:7e:9e:37:08:71:5c:56:99:2e:db:b8:2b:96:ff: f6:d9:40:ed:ac:ef:19:27:f2:dd:00:2e:61:ea:1d: ec:d5:25:51:20:99:df:e1:1e:48:4a:2c:5b:8d:be: 57:13:f2:63:11:49:60:68:61:ce:4d:b2:f0:e8:5e: 94:50:04:52:70:19:02:b2:35:4d:e6:f8:45:9b:57: ac:db:ef:59:10:72:43:41:8c:bd:a3:36:9c:41:09: 58:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:DF:BC:52:29:07:25:7B:AA:A2:D2:83:41:98:5D:5C:8F:71:6D:7B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9762274-c916-4e75-a8ee-f0e4966bd488.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07b:9000::/40 Signature Algorithm: sha256WithRSAEncryption 40:e3:aa:d3:7c:06:c4:00:58:47:61:b4:15:e4:a8:15:50:de: fb:c4:f1:a4:ab:cf:37:11:76:5e:d3:e9:31:d6:14:ba:be:67: 07:0f:25:f1:73:4a:d1:af:2a:c4:6a:6f:46:a8:eb:f8:8d:cb: 6b:36:97:71:22:66:0f:f9:42:49:0f:4e:fa:d4:db:0e:28:0a: d6:b4:3e:93:9f:94:6a:76:d0:3e:8a:99:0b:8e:c6:51:d1:d9: 6b:9a:0d:98:57:b1:09:3f:19:68:19:ca:03:ac:30:7d:2b:58: b6:15:06:d7:14:d7:3d:8d:d8:b5:b9:55:be:0d:95:8d:8f:33: 17:3d:92:6c:90:3b:c5:04:ec:03:3d:96:12:ab:92:70:0d:9c: 2a:6b:dd:6c:ab:a1:37:2a:15:eb:91:92:f7:ef:1e:92:9e:a8: fa:f1:1e:ea:6c:81:fe:33:5f:39:e4:e4:9a:5c:45:40:cf:ea: c5:1e:c0:26:62:a0:15:83:95:31:df:ac:16:d5:a8:0a:3b:d8: b2:83:6c:c5:ef:68:9a:1d:55:b0:c7:70:e8:6d:f0:f1:6d:2b: 0d:cf:1f:ec:36:93:de:83:3b:4d:39:c4:de:65:74:27:9e:8b: 70:8d:0e:cb:eb:14:5d:20:13:3d:b3:aa:16:1e:aa:39:37:80: bb:4d:ff:0d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZaqkXzn0F6iFW+eKz/1CaIQ2hHEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDcwMzAwMDlaFw0yNjAzMDcyMzU5NTlaMHoxSTBHBgNV BAUTQGE4ZTE2ODJlYWFiZGYxMzYxYmIzNWViNzY2Mzc2NzAyM2MzM2JhYjU4ZTgw YzYyNTc0ZmI5MTRlODhlYzhjNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALHO5RzHO/MUWRxmuATzWRjKLPiTrEol/X/gPoXp7BIg6anfUUU9oEB/iiN+ +LTLRkLhQ/fcTr6SVfZ7zpsX82jlrN4zsLYF0VK74SdPIyXPZ5QhqQKYzAU+FaT1 HjUlb3HyDtjkF9K2sCk2HBWas4rttzMohiocrRrGfGcK9qLuKe730OVuPu8aHV38 uVWLgWQtSuZrilBAi+gOTrROwokLkRSs6n6eNwhxXFaZLtu4K5b/9tlA7azvGSfy 3QAuYeod7NUlUSCZ3+EeSEosW42+VxPyYxFJYGhhzk2y8OhelFAEUnAZArI1Teb4 RZtXrNvvWRByQ0GMvaM2nEEJWIMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTw37xS KQcle6qi0oNBmF1cj3FtezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Yzk3NjIyNzQtYzkxNi00ZTc1LWE4ZWUtZjBlNDk2NmJkNDg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuQ MA0GCSqGSIb3DQEBCwUAA4IBAQBA46rTfAbEAFhHYbQV5KgVUN77xPGkq883EXZe 0+kx1hS6vmcHDyXxc0rRryrEam9GqOv4jctrNpdxImYP+UJJD0761NsOKArWtD6T n5RqdtA+ipkLjsZR0dlrmg2YV7EJPxloGcoDrDB9K1i2FQbXFNc9jdi1uVW+DZWN jzMXPZJskDvFBOwDPZYSq5JwDZwqa91sq6E3KhXrkZL37x6Snqj68R7qbIH+M185 5OSaXEVAz+rFHsAmYqAVg5Ux36wW1agKO9iyg2zF72iaHVWwx3DobfDxbSsNzx/s NpPegztNOcTeZXQnnotwjQ7L6xRdIBM9s6oWHqo5N4C7Tf8N -----END CERTIFICATE-----Generated at Fri Jan 2 12:22:18 2026 by rpki-client