This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json) Hash identifier: 0UjbB/IW+bJWBUJgmIqyUv8pvDFuLv05IbM2c/IPWuM= Subject key identifier: 89:9C:23:18:52:6C:59:66:89:B7:FF:73:E2:21:F4:10:83:3F:E5:EA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 572B4D0F0FA9F9345037F831EA3BC3AD69BC4190 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa Signing time: Wed 10 Dec 2025 05:20:07 +0000 ROA not before: Wed 10 Dec 2025 05:20:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d025::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:2b:4d:0f:0f:a9:f9:34:50:37:f8:31:ea:3b:c3:ad:69:bc:41:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1f780a31fbc1945edf6e6112cd4aace9a624dfea7fd96cceee7604851733f78a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:a5:7f:c9:46:75:b7:02:90:49:e7:1d:06:3f: b6:e1:ab:46:c9:7f:57:df:fa:1d:38:ab:e6:26:76: 06:a3:37:86:80:c2:81:65:91:1e:e2:ca:9a:8c:f6: aa:e2:13:7a:f0:a1:d4:b2:9e:a4:2c:68:93:db:7e: 65:18:4d:0c:88:f0:ab:f6:64:bb:dd:f1:41:2e:e0: c0:72:35:72:4b:f3:8b:3f:8f:9c:9b:af:43:1a:de: 58:6c:fc:3f:46:a2:9f:15:01:5d:a0:ba:15:a1:99: 15:e2:f4:bd:b4:5a:72:5a:3d:1b:9a:99:7d:57:22: 05:2b:37:c5:93:b3:04:00:6b:d2:7c:ea:99:e9:cd: e1:36:76:a5:35:30:e3:fd:1f:9f:7e:af:df:98:ce: 9a:9c:64:6f:4f:68:7b:12:8f:24:b5:a8:9c:3a:fc: 40:d1:3d:3e:59:2b:93:94:62:02:8a:ba:d3:bc:93: 89:5c:22:72:6c:a8:a5:20:f5:85:dc:7c:18:fc:fc: f9:1e:de:47:99:c6:d1:6b:d3:5d:78:a1:cd:c3:5e: 82:1b:e3:33:88:3a:9d:3e:84:86:e7:b1:35:fa:b4: 71:ff:73:84:e5:78:89:db:e5:13:75:61:27:05:60: 68:49:43:39:7b:02:5a:fc:a3:10:93:05:d8:9c:87: 72:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9C:23:18:52:6C:59:66:89:B7:FF:73:E2:21:F4:10:83:3F:E5:EA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d025::/36 Signature Algorithm: sha256WithRSAEncryption 15:2c:06:a6:f4:a1:b8:a2:d0:ee:e0:ad:5d:cc:9f:f1:2e:a1: 2d:f9:42:88:c1:89:fa:45:cf:a5:b7:f7:bc:fa:4e:5d:81:79: 6d:b5:9a:5b:f4:2f:2d:9a:47:19:6b:7a:10:7f:af:53:06:80: f8:9a:31:ae:37:43:2f:64:af:3f:ff:e7:ef:14:71:eb:48:36: e6:45:4b:40:30:49:3b:de:78:c8:41:dc:c8:1c:30:db:d8:f3: ce:05:0d:c1:cd:46:08:d3:ab:b4:d7:b0:9b:aa:dc:71:d0:e1: dd:01:7d:a6:90:d0:8e:d4:59:d4:0b:8f:9b:a8:af:da:7a:8d: 73:d1:71:76:ed:1c:2b:d3:a6:c4:5e:b2:45:18:dd:a6:78:82: 7c:ff:ff:52:e4:c3:c3:78:8b:c1:c3:9d:3b:9c:f1:69:3b:0c: 81:15:c5:0b:27:b7:53:c8:d2:99:39:51:40:c3:7d:f0:d2:de: ec:83:53:76:5a:f1:e2:b4:57:d0:77:21:b9:dd:4a:64:1a:84: aa:84:7a:0b:a0:23:cd:fd:a1:c4:a8:9f:f4:41:ce:f9:d3:cf: 06:67:7a:26:17:77:f1:1e:db:61:eb:a2:55:0c:3d:76:76:1e: 2a:c7:55:51:47:40:70:d9:cf:6c:bd:a4:d0:00:6b:72:64:60: 27:24:c6:f8 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVytNDw+p+TRQN/gx6jvDrWm8QZAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFmNzgwYTMxZmJjMTk0NWVkZjZlNjExMmNkNGFhY2U5YTYyNGRmZWE3ZmQ5 NmNjZWVlNzYwNDg1MTczM2Y3OGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIulf8lGdbcCkEnnHQY/tuGrRsl/V9/6HTir5iZ2BqM3hoDCgWWRHuLKmoz2 quITevCh1LKepCxok9t+ZRhNDIjwq/Zku93xQS7gwHI1ckvziz+PnJuvQxreWGz8 P0ainxUBXaC6FaGZFeL0vbRaclo9G5qZfVciBSs3xZOzBABr0nzqmenN4TZ2pTUw 4/0fn36v35jOmpxkb09oexKPJLWonDr8QNE9Plkrk5RiAoq607yTiVwicmyopSD1 hdx8GPz8+R7eR5nG0WvTXXihzcNeghvjM4g6nT6EhuexNfq0cf9zhOV4idvlE3Vh JwVgaElDOXsCWvyjEJMF2JyHcucCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJnCMY UmxZZom3/3PiIfQQgz/l6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA MA0GCSqGSIb3DQEBCwUAA4IBAQAVLAam9KG4otDu4K1dzJ/xLqEt+UKIwYn6Rc+l t/e8+k5dgXlttZpb9C8tmkcZa3oQf69TBoD4mjGuN0MvZK8//+fvFHHrSDbmRUtA MEk73njIQdzIHDDb2PPOBQ3BzUYI06u017Cbqtxx0OHdAX2mkNCO1FnUC4+bqK/a eo1z0XF27Rwr06bEXrJFGN2meIJ8//9S5MPDeIvBw507nPFpOwyBFcULJ7dTyNKZ OVFAw33w0t7sg1N2WvHitFfQdyG53UpkGoSqhHoLoCPN/aHEqJ/0Qc75088GZ3om F3fxHtth66JVDD12dh4qx1VRR0Bw2c9svaTQAGtyZGAnJMb4 -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:37 2026 by rpki-client