This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa File: e437969a-a36c-4417-88bd-c48ac88d9a5c.roa (raw, json) Hash identifier: XUMUtjcbLNNVx8qxHc2o5FAbGOlyKoX8g+2JNfZ2yPg= Subject key identifier: 61:CB:81:0C:40:3C:00:95:9D:A3:B5:DD:5E:2B:D8:81:64:99:C7:91 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3F9D3E52B2392C500F0321522ACF49238A947FB8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa Signing time: Wed 10 Dec 2025 06:11:28 +0000 ROA not before: Wed 10 Dec 2025 06:11:28 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:9d:3e:52:b2:39:2c:50:0f:03:21:52:2a:cf:49:23:8a:94:7f:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:28 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3b64fad56a6a23aba01e182b931290abfbe43bf710cb645374294a691d81a5a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2b:79:e4:80:b7:11:3c:32:e4:d7:af:79:60: bb:1f:1e:1f:ec:34:30:23:b7:cb:3c:87:0d:6b:69: 25:ad:c5:33:b9:54:cd:b2:f8:e4:ab:2f:1c:91:77: 26:3f:fb:3c:99:b4:93:62:6d:61:23:6e:de:b5:34: 41:b9:32:c7:10:2e:88:4a:44:b3:4c:8e:68:0c:13: a6:29:ff:8f:39:10:f6:b9:02:5b:d8:f9:39:b0:bb: c6:51:e6:3a:f0:cb:a7:ba:fa:db:a3:a6:23:7f:45: 45:f5:0d:d4:56:02:53:82:66:e9:66:bc:61:e4:71: db:7b:a1:c1:c7:a5:70:cd:37:ef:f4:6d:b2:8f:79: 34:a7:6d:18:0b:67:1a:c7:87:af:58:38:ed:b9:da: 77:60:4d:86:84:22:23:26:72:66:73:72:c0:a6:e2: c2:f8:c7:dc:dd:ad:43:4e:d1:98:11:8a:d6:8c:4b: da:68:a3:36:7f:e0:da:ec:e9:31:f2:64:3d:bd:74: 47:a8:f9:db:79:0f:0e:89:83:bb:71:5a:a5:dd:4c: b8:7c:14:e9:31:7c:ea:2c:45:ef:a4:f2:27:80:bd: a2:0c:b1:6b:20:6e:dc:d0:09:3c:6a:08:1d:5a:4e: 99:45:84:0a:c4:74:a3:cf:18:77:ca:d2:ed:64:2d: 78:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:CB:81:0C:40:3C:00:95:9D:A3:B5:DD:5E:2B:D8:81:64:99:C7:91 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e437969a-a36c-4417-88bd-c48ac88d9a5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:b080::/48 Signature Algorithm: sha256WithRSAEncryption 5a:30:e6:22:2f:c8:95:a5:30:7a:44:7e:dc:d2:14:d0:b1:a9: fd:27:11:97:9f:da:bc:a2:c5:9c:fe:4b:5e:10:d0:ac:34:f4: 89:5a:de:e6:eb:58:be:7c:43:f1:a1:8b:42:d9:bd:d4:bf:45: f6:3e:0f:b4:76:e2:c9:c6:36:fd:bb:e0:67:11:d7:9a:88:70: 44:65:9c:e9:b1:83:96:84:ea:ef:43:0d:06:64:e1:5f:48:9f: 7f:f8:40:77:2b:03:54:a1:e7:b1:f0:1a:5d:f5:2b:ed:27:f9: de:c5:95:a6:bf:43:c0:41:1b:1a:74:91:67:e5:a8:15:6a:df: 26:ff:c9:6b:3a:8b:4c:22:0e:dd:75:f1:47:33:92:6f:1a:47: 43:b7:df:59:37:ec:0a:1e:54:ba:e4:5e:db:25:f9:e2:05:e6: fb:4f:d2:16:70:65:51:7c:26:14:6e:44:a8:86:0f:40:6d:10: 65:f3:0a:f3:16:a5:30:c8:f4:f6:8e:19:a9:01:db:81:d5:f1: 04:20:d8:81:aa:21:eb:d9:3a:b8:f8:a0:e6:20:02:03:f2:f4: a5:53:b1:da:81:40:5c:9d:ef:8b:1c:84:28:52:09:37:d2:d4: ec:43:cc:72:69:38:f6:2c:c6:f6:7e:a8:0e:39:37:58:57:20: 26:41:21:96 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUP50+UrI5LFAPAyFSKs9JI4qUf7gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMjhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNiNjRmYWQ1NmE2YTIzYWJhMDFlMTgyYjkzMTI5MGFiZmJlNDNiZjcxMGNi NjQ1Mzc0Mjk0YTY5MWQ4MWE1YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALIreeSAtxE8MuTXr3lgux8eH+w0MCO3yzyHDWtpJa3FM7lUzbL45KsvHJF3 Jj/7PJm0k2JtYSNu3rU0QbkyxxAuiEpEs0yOaAwTpin/jzkQ9rkCW9j5ObC7xlHm OvDLp7r626OmI39FRfUN1FYCU4Jm6Wa8YeRx23uhwcelcM037/Rtso95NKdtGAtn GseHr1g47bnad2BNhoQiIyZyZnNywKbiwvjH3N2tQ07RmBGK1oxL2mijNn/g2uzp MfJkPb10R6j523kPDomDu3Fapd1MuHwU6TF86ixF76TyJ4C9ogyxayBu3NAJPGoI HVpOmUWECsR0o88Yd8rS7WQteJcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRhy4EM QDwAlZ2jtd1eK9iBZJnHkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTQzNzk2OWEtYTM2Yy00NDE3LTg4YmQtYzQ4YWM4OGQ5YTVjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Diw gDANBgkqhkiG9w0BAQsFAAOCAQEAWjDmIi/IlaUwekR+3NIU0LGp/ScRl5/avKLF nP5LXhDQrDT0iVre5utYvnxD8aGLQtm91L9F9j4PtHbiycY2/bvgZxHXmohwRGWc 6bGDloTq70MNBmThX0iff/hAdysDVKHnsfAaXfUr7Sf53sWVpr9DwEEbGnSRZ+Wo FWrfJv/JazqLTCIO3XXxRzOSbxpHQ7ffWTfsCh5UuuRe2yX54gXm+0/SFnBlUXwm FG5EqIYPQG0QZfMK8xalMMj09o4ZqQHbgdXxBCDYgaoh69k6uPig5iACA/L0pVOx 2oFAXJ3vixyEKFIJN9LU7EPMcmk49izG9n6oDjk3WFcgJkEhlg== -----END CERTIFICATE-----Generated at Sun Dec 14 00:01:08 2025 by rpki-client