This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa File: d7bd85bf-2af2-46a0-91d6-f945e7063231.roa (raw, json) Hash identifier: twPZO57GK+pWgw1dkV0yNEfFowgYYbpFnEqG0YYm66M= Subject key identifier: 46:CC:A3:D7:82:BD:5C:62:FC:06:F9:55:4D:1C:4E:24:58:2A:9C:EA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7ED6C59F53540FE023C104125E304CEC47C276CD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa Signing time: Wed 10 Dec 2025 06:20:41 +0000 ROA not before: Wed 10 Dec 2025 06:20:41 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:d6:c5:9f:53:54:0f:e0:23:c1:04:12:5e:30:4c:ec:47:c2:76:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:41 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e7cf8eebd19ab37992a8760282c63f696d00faf56f3ab63f5ea1f5ee85199538, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:83:4d:8e:7a:93:76:78:fd:7f:09:fd:94:ca: 12:94:ba:99:e8:00:13:d2:2a:fc:f6:f8:98:60:42: 64:c6:df:3c:71:4c:75:45:8f:56:23:cc:b0:76:e6: d3:f2:fd:b7:3a:14:d0:69:f1:36:d2:b1:95:ed:56: 4d:f6:d9:bc:08:3c:2d:2f:fc:98:30:ab:79:b6:5d: 42:82:f2:23:2f:55:c1:0f:8f:b0:73:db:85:9c:98: c6:86:62:5c:41:a3:e6:8d:f5:2a:38:ce:22:b9:d0: 55:f9:b7:ce:59:0f:7a:c6:53:f8:ce:ab:e0:3b:d0: a7:a5:00:40:6d:89:1d:1d:22:08:c6:96:ef:9c:a7: 97:f9:47:68:61:dc:88:d7:19:17:6b:d3:be:3c:43: a7:f9:e9:14:34:a2:70:d6:0a:e8:74:14:ba:1b:d4: 23:43:65:c6:49:bb:f4:71:f7:c7:06:27:db:5d:e0: bb:d3:c7:9b:82:80:62:4b:41:49:3e:69:1d:da:9f: de:0a:a9:38:5e:5b:e0:27:95:7a:4f:3c:2e:03:44: bd:e2:7d:e3:a7:b0:f3:62:15:ce:1b:2d:e5:41:ce: 5c:23:db:c7:ab:74:90:0a:90:f0:48:cc:42:0b:80: c2:a3:7c:ff:dd:03:db:a1:14:17:6e:5d:58:2a:81: 07:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:CC:A3:D7:82:BD:5C:62:FC:06:F9:55:4D:1C:4E:24:58:2A:9C:EA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7bd85bf-2af2-46a0-91d6-f945e7063231.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:c080::/48 Signature Algorithm: sha256WithRSAEncryption 6e:fc:6d:bc:8e:43:6a:f8:d2:aa:19:f6:a5:e3:4f:41:e1:bd: 91:cc:e3:9b:cc:eb:fb:ec:e3:be:7c:48:e9:8a:e1:6a:84:3b: b5:f0:39:3f:de:5b:69:46:04:24:16:8d:cf:16:be:98:65:7e: 27:21:d4:3f:dd:86:8e:1a:f4:7b:5d:c7:7e:a2:75:71:63:ff: ac:ba:08:7b:2f:ac:dc:fa:2c:35:8b:21:b9:60:ea:75:86:7a: de:a9:56:ae:01:ea:fd:79:8a:76:6e:fa:f1:2b:b3:d6:06:25: d8:4e:8b:87:0c:f9:65:59:a1:bb:de:19:6f:2e:ba:de:9e:e1: a9:b8:ee:f5:33:93:02:cc:b6:a7:8f:41:f7:39:3e:95:24:c8: 54:e7:a1:35:fa:94:56:53:22:25:11:a1:79:e0:3a:a2:e2:a3: dd:f5:4d:5a:3c:37:d7:3a:1a:a9:90:fd:ff:76:50:2a:3c:86: 61:54:01:df:28:e5:31:f2:9d:4a:a1:74:98:0d:30:2f:f0:3b: 04:de:bf:34:fb:22:35:db:de:e7:90:ae:68:52:ab:a7:86:ad: 4f:8a:b4:0b:76:5d:ea:f4:a9:86:f1:6f:06:92:9e:1f:7d:e5: 53:b8:08:be:17:7b:c8:91:87:40:4b:23:4e:2a:1d:25:22:8c: 20:38:a1:1b -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUftbFn1NUD+AjwQQSXjBM7EfCds0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU3Y2Y4ZWViZDE5YWIzNzk5MmE4NzYwMjgyYzYzZjY5NmQwMGZhZjU2ZjNh YjYzZjVlYTFmNWVlODUxOTk1MzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMODTY56k3Z4/X8J/ZTKEpS6megAE9Iq/Pb4mGBCZMbfPHFMdUWPViPMsHbm 0/L9tzoU0GnxNtKxle1WTfbZvAg8LS/8mDCrebZdQoLyIy9VwQ+PsHPbhZyYxoZi XEGj5o31KjjOIrnQVfm3zlkPesZT+M6r4DvQp6UAQG2JHR0iCMaW75ynl/lHaGHc iNcZF2vTvjxDp/npFDSicNYK6HQUuhvUI0Nlxkm79HH3xwYn213gu9PHm4KAYktB ST5pHdqf3gqpOF5b4CeVek88LgNEveJ946ew82IVzhst5UHOXCPbx6t0kAqQ8EjM QguAwqN8/90D26EUF25dWCqBB2UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRGzKPX gr1cYvwG+VVNHE4kWCqc6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDdiZDg1YmYtMmFmMi00NmEwLTkxZDYtZjk0NWU3MDYzMjMxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A gDANBgkqhkiG9w0BAQsFAAOCAQEAbvxtvI5DavjSqhn2peNPQeG9kczjm8zr++zj vnxI6YrhaoQ7tfA5P95baUYEJBaNzxa+mGV+JyHUP92Gjhr0e13HfqJ1cWP/rLoI ey+s3PosNYshuWDqdYZ63qlWrgHq/XmKdm768Suz1gYl2E6Lhwz5ZVmhu94Zby66 3p7hqbju9TOTAsy2p49B9zk+lSTIVOehNfqUVlMiJRGheeA6ouKj3fVNWjw31zoa qZD9/3ZQKjyGYVQB3yjlMfKdSqF0mA0wL/A7BN6/NPsiNdve55CuaFKrp4atT4q0 C3Zd6vSphvFvBpKeH33lU7gIvhd7yJGHQEsjTiodJSKMIDihGw== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:05 2026 by rpki-client