This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa File: d7bcc124-bcd8-42ec-911f-1b551dceda68.roa (raw, json) Hash identifier: xu1HUw/zLJUulgW8B4vEyRw3pRtw60gKtzLqO2nTZsU= Subject key identifier: BF:5C:46:F3:63:E7:96:32:A0:94:F0:59:3F:EC:C4:BC:7D:63:13:64 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1A75401B1F8FDC3CBD4E5C819A469097E3C273F8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa Signing time: Wed 10 Dec 2025 05:40:48 +0000 ROA not before: Wed 10 Dec 2025 05:40:48 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07e:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:75:40:1b:1f:8f:dc:3c:bd:4e:5c:81:9a:46:90:97:e3:c2:73:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:48 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=37e9ba347d434ed2f3fc47d5b87a890a8fc4e1738052f56c635fd52ef1babf9b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5c:7e:2c:4a:e6:60:bd:15:05:82:ce:81:e8: 61:d9:35:f0:6c:79:b2:d8:fc:6c:4b:a0:5b:70:c6: 6b:05:32:74:55:7e:29:2f:47:04:0a:b7:30:36:81: bb:72:ac:8c:18:bd:9d:04:79:f1:2e:4d:16:d1:e6: c4:66:27:e3:7a:d3:ea:9d:a4:92:e6:65:5a:e6:08: ea:10:89:22:a0:c2:c8:86:7a:d8:58:2c:68:fe:61: 6f:a8:7b:7a:2f:19:85:34:78:19:55:64:2f:58:5b: 09:48:53:71:f3:20:10:81:53:7a:ed:03:d6:f9:85: 25:8e:40:67:2a:93:fc:90:a7:d5:75:87:a0:15:a7: 1b:70:a1:e5:0b:37:91:8f:3f:eb:2d:60:cd:5d:11: c2:0c:95:1b:2f:ea:ac:21:86:c5:f7:ae:f5:a3:47: 04:5b:e0:b6:c4:0d:cc:dd:fd:d7:6d:79:06:d8:b1: 29:8d:cf:d2:48:dd:69:73:f3:19:db:6a:0d:23:47: b3:18:05:a9:98:bb:99:50:b2:ab:e0:18:56:a7:2e: bf:30:d1:0d:ee:0c:84:41:1f:4f:6e:63:b2:e3:18: 61:b7:f0:1e:bd:da:97:d5:71:09:01:49:49:fc:42: 0a:86:10:e7:27:4c:5f:b9:b3:f6:6f:16:74:9d:e0: c6:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:5C:46:F3:63:E7:96:32:A0:94:F0:59:3F:EC:C4:BC:7D:63:13:64 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bcc124-bcd8-42ec-911f-1b551dceda68.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07e:e000::/40 Signature Algorithm: sha256WithRSAEncryption b1:ed:39:b1:7d:1b:4c:81:6a:a7:12:10:18:de:c9:f9:ea:9e: cb:15:22:bf:98:d9:bf:e2:61:43:83:18:f8:a6:c8:c9:e5:c0: 94:ae:40:b9:2f:6b:a3:c4:c7:5d:21:b9:14:19:81:a7:c0:f6: 4f:55:ed:40:68:8f:bf:34:eb:30:cc:04:7d:7e:e9:e8:56:58: 82:06:de:67:4f:92:6e:4d:66:8c:22:6c:8f:a6:73:f3:bf:c6: 54:26:e5:44:e0:a9:05:17:21:84:eb:e1:e8:50:60:45:9c:d5: f8:6b:af:43:56:51:c0:3f:f2:9b:f5:75:87:d9:9f:de:e4:63: 04:a1:3e:73:2d:2c:9c:91:38:9d:85:14:82:63:d8:7a:62:f7: da:16:41:5b:2f:82:b2:43:bb:7e:c4:16:83:89:65:e7:a8:64: 9f:29:e2:9d:3d:96:af:55:56:16:a2:b2:35:24:ad:24:c1:3c: 3c:ef:36:12:4d:07:eb:42:99:9f:0f:a1:8a:9f:c0:1a:cc:e6: b0:d6:19:0c:eb:1f:06:a1:a8:49:c8:e5:a8:d1:a7:46:0f:56: b9:63:4f:cb:1d:d6:6e:9f:27:2a:af:82:0f:c6:ee:10:39:0a: 03:95:b8:bf:61:c0:87:eb:85:4d:1c:4b:47:95:38:a1:02:bb: 69:17:24:54 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGnVAGx+P3Dy9TlyBmkaQl+PCc/gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDM3ZTliYTM0N2Q0MzRlZDJmM2ZjNDdkNWI4N2E4OTBhOGZjNGUxNzM4MDUy ZjU2YzYzNWZkNTJlZjFiYWJmOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK5cfixK5mC9FQWCzoHoYdk18Gx5stj8bEugW3DGawUydFV+KS9HBAq3MDaB u3KsjBi9nQR58S5NFtHmxGYn43rT6p2kkuZlWuYI6hCJIqDCyIZ62FgsaP5hb6h7 ei8ZhTR4GVVkL1hbCUhTcfMgEIFTeu0D1vmFJY5AZyqT/JCn1XWHoBWnG3Ch5Qs3 kY8/6y1gzV0RwgyVGy/qrCGGxfeu9aNHBFvgtsQNzN391215BtixKY3P0kjdaXPz GdtqDSNHsxgFqZi7mVCyq+AYVqcuvzDRDe4MhEEfT25jsuMYYbfwHr3al9VxCQFJ SfxCCoYQ5ydMX7mz9m8WdJ3gxr8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/XEbz Y+eWMqCU8Fk/7MS8fWMTZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDdiY2MxMjQtYmNkOC00MmVjLTkxMWYtMWI1NTFkY2VkYTY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7g MA0GCSqGSIb3DQEBCwUAA4IBAQCx7TmxfRtMgWqnEhAY3sn56p7LFSK/mNm/4mFD gxj4psjJ5cCUrkC5L2ujxMddIbkUGYGnwPZPVe1AaI+/NOswzAR9funoVliCBt5n T5JuTWaMImyPpnPzv8ZUJuVE4KkFFyGE6+HoUGBFnNX4a69DVlHAP/Kb9XWH2Z/e 5GMEoT5zLSyckTidhRSCY9h6YvfaFkFbL4KyQ7t+xBaDiWXnqGSfKeKdPZavVVYW orI1JK0kwTw87zYSTQfrQpmfD6GKn8AazOaw1hkM6x8GoahJyOWo0adGD1a5Y0/L HdZunycqr4IPxu4QOQoDlbi/YcCH64VNHEtHlTihArtpFyRU -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:51 2026 by rpki-client