This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa File: df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa (raw, json) Hash identifier: A80qr88NtiiCgmQmTb7KeYJKET39qyXSN8Tl3wxWluI= Subject key identifier: 72:2E:90:0B:34:63:D9:72:BF:24:40:A4:3E:14:F5:29:E0:A4:34:99 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3E41891E6BBF5737E8BD26137C82A6B47E5F38D6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa Signing time: Wed 10 Dec 2025 06:21:30 +0000 ROA not before: Wed 10 Dec 2025 06:21:30 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:41:89:1e:6b:bf:57:37:e8:bd:26:13:7c:82:a6:b4:7e:5f:38:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:30 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=41b98e9e6341a55a2e3017f947513bd19d864b0eb44661e72086aca19265fdd3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fd:4d:23:f1:2e:d2:13:d8:10:8b:52:8b:18: d1:33:f1:7c:3d:62:61:20:57:5f:c0:81:e1:27:70: f2:21:74:29:8a:b1:50:dc:4d:83:3b:3d:18:e7:ad: 91:71:23:d1:b6:57:4a:3f:09:52:6c:b5:83:c2:5d: 35:37:38:04:7b:8c:99:22:d1:cf:3d:7d:e8:c8:f8: 75:4b:a3:a9:ff:49:25:01:c5:8f:db:69:04:10:de: fa:91:a8:d8:c2:0d:70:bb:f8:38:3e:87:7b:19:a1: 0b:34:59:b9:49:3d:29:e8:e7:b4:d4:da:2d:df:14: d1:cf:b3:54:19:c9:86:c9:ff:98:7d:ec:e5:b0:e7: 8a:68:5b:5b:a3:19:6c:2d:92:03:fd:66:83:a7:ba: 2f:c9:f0:36:01:b3:ef:4e:65:39:4c:5d:47:e4:dc: 05:f3:59:5d:36:ac:11:ca:5d:87:24:07:29:5f:eb: 75:4f:c5:28:f6:6d:3a:d6:ac:a8:aa:1d:fd:0c:c1: 71:f4:83:d5:09:e1:6b:fc:33:23:dc:c0:5f:b4:c5: 51:41:b5:a1:1c:89:49:c5:f6:11:04:dd:e2:6b:08: 93:15:f0:16:06:99:7d:5e:56:51:5d:ff:e7:d2:dd: 6f:1c:af:cc:06:60:07:20:ba:f0:37:99:a4:b4:0d: 21:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:2E:90:0B:34:63:D9:72:BF:24:40:A4:3E:14:F5:29:E0:A4:34:99 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:c000::/40 Signature Algorithm: sha256WithRSAEncryption 5f:d4:1f:75:05:d5:5c:1b:8a:60:33:50:f4:f3:c8:61:ff:a6: 7b:61:76:98:b1:4f:08:89:ce:02:19:e7:de:e3:1e:37:31:19: e6:2d:0f:8a:4f:da:28:bc:86:87:b9:e4:73:ca:62:13:e3:b7: 80:6b:c2:47:e5:48:e1:2e:ac:2d:30:1f:35:66:1a:44:d2:39: 6a:65:ca:17:d2:a1:f5:42:35:b7:01:fb:ef:79:1a:78:03:36: 7d:c6:d3:25:80:22:87:ee:af:1e:c6:11:0c:ad:06:c3:1f:ac: d8:82:c4:36:d2:1b:df:51:52:80:e3:d9:5f:63:f4:f5:c8:df: 67:e3:6f:d8:bb:35:18:c5:38:e6:f4:e6:73:8d:af:64:5f:30: f9:37:c1:9b:bf:26:60:b1:f6:e9:0a:9a:67:91:be:b7:57:95: 2d:35:d9:a4:ac:1e:39:36:da:d2:d1:31:7f:5c:24:a7:81:0d: 6b:44:76:aa:e6:9b:ac:15:05:6d:5e:72:f4:93:7b:3b:af:bd: 7f:57:83:23:69:a8:12:2f:8a:a3:bd:52:25:a0:e3:bc:9b:38: c7:c4:b2:51:7e:a6:07:cf:73:61:c8:58:0d:b5:29:fd:ac:eb: f3:d8:bc:18:05:0a:21:1c:ad:35:5a:fc:cf:62:36:90:fc:7a: f1:d2:c8:0f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPkGJHmu/VzfovSYTfIKmtH5fONYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMzBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQxYjk4ZTllNjM0MWE1NWEyZTMwMTdmOTQ3NTEzYmQxOWQ4NjRiMGViNDQ2 NjFlNzIwODZhY2ExOTI2NWZkZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALv9TSPxLtIT2BCLUosY0TPxfD1iYSBXX8CB4Sdw8iF0KYqxUNxNgzs9GOet kXEj0bZXSj8JUmy1g8JdNTc4BHuMmSLRzz196Mj4dUujqf9JJQHFj9tpBBDe+pGo 2MINcLv4OD6HexmhCzRZuUk9KejntNTaLd8U0c+zVBnJhsn/mH3s5bDnimhbW6MZ bC2SA/1mg6e6L8nwNgGz705lOUxdR+TcBfNZXTasEcpdhyQHKV/rdU/FKPZtOtas qKod/QzBcfSD1Qnha/wzI9zAX7TFUUG1oRyJScX2EQTd4msIkxXwFgaZfV5WUV3/ 59LdbxyvzAZgByC68DeZpLQNIZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyLpAL NGPZcr8kQKQ+FPUp4KQ0mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGYzOGMwMGItYTZiMy00ZTYzLTlmNjktYjhjMzg1NmViZGY2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3A MA0GCSqGSIb3DQEBCwUAA4IBAQBf1B91BdVcG4pgM1D088hh/6Z7YXaYsU8Iic4C Gefe4x43MRnmLQ+KT9oovIaHueRzymIT47eAa8JH5UjhLqwtMB81ZhpE0jlqZcoX 0qH1QjW3AfvveRp4AzZ9xtMlgCKH7q8exhEMrQbDH6zYgsQ20hvfUVKA49lfY/T1 yN9n42/YuzUYxTjm9OZzja9kXzD5N8GbvyZgsfbpCppnkb63V5UtNdmkrB45NtrS 0TF/XCSngQ1rRHaq5pusFQVtXnL0k3s7r71/V4MjaagSL4qjvVIloOO8mzjHxLJR fqYHz3NhyFgNtSn9rOvz2LwYBQohHK01WvzPYjaQ/Hrx0sgP -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:30 2026 by rpki-client