This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json) Hash identifier: NUbjRJEcQrw7wJtblB6eVCoiEu0qkSgkUJGzdKIpuQE= Subject key identifier: A3:26:C8:75:2C:6D:96:E2:B4:4B:81:C2:E5:86:42:A1:9A:51:2F:F8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5EA74D0819E2ABF0F22AA655805C5581E8DEFDC3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa Signing time: Wed 10 Dec 2025 05:40:43 +0000 ROA not before: Wed 10 Dec 2025 05:40:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:a7:4d:08:19:e2:ab:f0:f2:2a:a6:55:80:5c:55:81:e8:de:fd:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e161457581a376e392a6b235bc5b1beda8efe1a59052f296034a34d1b929be2d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:56:6e:96:7f:bb:6b:0d:9f:5c:50:84:c3:56: ab:13:35:30:b6:a0:44:1f:e4:1c:11:b6:cd:58:83: d8:d1:66:cd:81:e3:de:4f:89:d9:2f:ac:b7:c4:1c: a6:32:e1:59:77:12:da:85:1c:6f:4f:99:e4:ab:59: 44:61:f8:8f:aa:45:b5:e3:b2:93:d5:3f:de:ef:6e: f1:01:bf:ca:6b:85:78:3f:f2:46:dc:d8:20:8c:2f: 85:2a:2b:37:14:ba:e5:4e:ce:7d:08:1f:26:f1:b2: 80:4f:9c:10:83:ff:4b:e7:f3:51:fc:1a:99:33:dc: da:76:4a:ae:8a:79:46:12:3c:55:38:b7:90:bd:34: a6:3b:ec:11:2e:0f:ed:1f:99:17:c8:5e:4f:42:1d: 8d:d1:f2:c9:46:24:47:c8:81:d0:ea:7c:ae:86:a0: 8f:63:96:66:19:7e:12:d1:0e:ab:f3:16:66:4a:03: af:59:9e:f5:d1:d7:58:c2:e6:bc:0b:bc:ce:ab:4f: 6d:a8:92:54:ad:e3:3b:90:ba:34:30:a8:17:60:7a: 2a:71:ad:cc:01:17:91:89:f1:97:b3:34:d3:ce:08: 5e:ee:e6:95:ab:46:63:82:ee:8a:a0:f8:45:38:2e: 1c:bf:35:76:af:fd:43:62:82:94:b9:30:8b:7e:e4: 90:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:26:C8:75:2C:6D:96:E2:B4:4B:81:C2:E5:86:42:A1:9A:51:2F:F8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058::/32 Signature Algorithm: sha256WithRSAEncryption 50:72:aa:ab:e8:fe:20:6e:4a:3e:cd:73:61:14:22:18:8d:ca: 94:d8:05:0b:1c:71:27:c6:c5:44:bf:0f:43:29:10:3b:24:11: 67:ca:1f:61:cf:72:cb:c2:5e:57:e4:70:9d:d1:22:b9:ef:41: 22:f4:b6:6d:4f:66:d7:41:1f:56:08:af:9d:db:fa:77:16:af: 48:f3:92:3f:64:b3:bf:1c:6b:9c:62:34:95:4d:00:e4:dc:fd: 4b:1d:79:ae:51:23:f8:7f:0d:99:48:e6:17:1e:9e:e7:13:8d: d7:a5:fd:66:3c:04:3b:7d:57:a5:58:c5:cf:a3:96:8c:f1:7c: 81:9d:a4:1d:4a:1a:06:0f:fb:96:48:46:b3:68:a1:d6:6d:d6: 40:96:19:a9:b4:8c:49:7b:ac:69:97:22:17:c3:11:54:f7:62: 1e:55:5e:dc:90:86:8b:12:39:1d:f4:8a:8b:fb:fb:0e:52:6c: 72:37:cc:d9:24:40:26:f7:f8:77:a5:62:67:a8:06:c0:63:7f: b5:9f:f4:4c:c0:47:39:5f:8a:8d:de:92:f5:7e:96:e5:89:f2: 4f:4b:77:fe:c8:6e:5a:c0:2b:fe:1c:98:80:9b:81:aa:9c:5d: 0b:5b:b5:e4:67:b0:8c:5e:9a:46:e6:0c:e9:2d:2f:08:cf:3c: c4:a8:f3:0e -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUXqdNCBniq/DyKqZVgFxVgeje/cMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGUxNjE0NTc1ODFhMzc2ZTM5MmE2YjIzNWJjNWIxYmVkYThlZmUxYTU5MDUy ZjI5NjAzNGEzNGQxYjkyOWJlMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpWbpZ/u2sNn1xQhMNWqxM1MLagRB/kHBG2zViD2NFmzYHj3k+J2S+st8Qc pjLhWXcS2oUcb0+Z5KtZRGH4j6pFteOyk9U/3u9u8QG/ymuFeD/yRtzYIIwvhSor NxS65U7OfQgfJvGygE+cEIP/S+fzUfwamTPc2nZKrop5RhI8VTi3kL00pjvsES4P 7R+ZF8heT0IdjdHyyUYkR8iB0Op8roagj2OWZhl+EtEOq/MWZkoDr1me9dHXWMLm vAu8zqtPbaiSVK3jO5C6NDCoF2B6KnGtzAEXkYnxl7M0084IXu7mlatGY4LuiqD4 RTguHL81dq/9Q2KClLkwi37kkMkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSjJsh1 LG2W4rRLgcLlhkKhmlEv+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw DQYJKoZIhvcNAQELBQADggEBAFByqqvo/iBuSj7Nc2EUIhiNypTYBQsccSfGxUS/ D0MpEDskEWfKH2HPcsvCXlfkcJ3RIrnvQSL0tm1PZtdBH1YIr53b+ncWr0jzkj9k s78ca5xiNJVNAOTc/Usdea5RI/h/DZlI5hcenucTjdel/WY8BDt9V6VYxc+jlozx fIGdpB1KGgYP+5ZIRrNoodZt1kCWGam0jEl7rGmXIhfDEVT3Yh5VXtyQhosSOR30 iov7+w5SbHI3zNkkQCb3+HelYmeoBsBjf7Wf9EzARzlfio3ekvV+luWJ8k9Ld/7I blrAK/4cmICbgaqcXQtbteRnsIxemkbmDOktLwjPPMSo8w4= -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:37 2026 by rpki-client