This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa File: e69b1519-f345-43aa-8c6b-cd786ee13404.roa (raw, json) Hash identifier: DWQnyj4sngdTBTGHULk1oHbzXwgvik1OU3WxvJ88e4Y= Subject key identifier: 74:7E:BC:04:C9:00:E7:05:8C:94:62:7F:88:3E:E7:04:39:55:EA:04 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1AA36DB9DA0CBD6E3ED9CAED4739F9DD8C253097 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa Signing time: Wed 10 Dec 2025 06:01:25 +0000 ROA not before: Wed 10 Dec 2025 06:01:25 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07e:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:a3:6d:b9:da:0c:bd:6e:3e:d9:ca:ed:47:39:f9:dd:8c:25:30:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:25 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b463bb9f9b55eea9be0b6319a81eea83581eb48fee588ab09e405abf90b6b8e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:84:48:ad:1c:87:35:18:60:7c:78:7a:fd:60: ee:e3:af:95:4e:30:d3:0d:e2:11:40:d0:07:f6:67: 8c:bd:7d:8e:65:d4:17:9f:72:6d:64:0b:ea:2b:a4: 79:2c:46:0c:86:09:c6:9c:26:19:a0:c6:df:f2:f6: 9d:d3:32:ef:59:69:ec:16:1c:f4:16:51:95:75:49: 9b:df:b0:4e:0e:3f:80:57:a3:94:51:9b:e8:1f:0d: e5:e0:64:83:9f:22:e6:f9:9d:4a:1b:98:4b:d2:be: 22:30:8b:f6:71:83:7a:a3:4b:1c:c7:48:98:9d:d6: 43:41:fa:3b:07:e1:1a:cf:f3:ad:ab:5d:a2:8b:f2: 7a:ab:b7:a2:43:94:6f:37:7a:03:8a:a6:f4:5f:71: aa:c1:ba:f8:a2:ed:40:68:d0:f5:a0:ee:60:14:67: 7a:48:47:6f:f8:21:2c:c3:16:fa:48:1d:d4:a4:59: 7a:57:b4:cc:ad:a1:a9:62:ed:9b:85:82:94:64:e7: bf:88:c7:6e:a0:11:fb:ef:a2:fa:75:ec:da:62:0c: c6:c7:b4:9e:07:c3:a1:09:9d:24:07:f7:f4:b9:b4: 3d:4c:15:b3:75:c5:d3:9d:21:70:36:67:b8:45:2f: 98:73:b9:0f:4f:5d:8b:30:ea:06:86:19:be:4c:77: 0c:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:7E:BC:04:C9:00:E7:05:8C:94:62:7F:88:3E:E7:04:39:55:EA:04 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07e:5000::/40 Signature Algorithm: sha256WithRSAEncryption 64:88:d1:c2:fc:13:14:86:58:6c:af:d9:ce:3a:86:3e:60:b1: 76:cf:d4:cd:f5:7e:75:b6:6c:a1:69:62:0c:ab:67:6b:37:b7: 65:e3:db:9a:8d:5b:1b:3d:d1:68:6a:ba:d6:ee:be:a4:8e:2f: d2:dd:66:01:c1:26:88:66:cb:dd:3a:16:36:6c:0e:23:2e:f0: 75:50:87:ea:22:45:a4:14:c7:78:44:02:f8:e1:1d:53:21:c2: 6b:de:2f:b3:9d:25:de:8a:3a:61:ee:04:6d:e0:52:58:da:7c: fd:0f:09:51:0a:26:74:e5:69:b7:e2:2f:26:40:c2:df:6d:ad: 7a:9b:af:06:f6:71:26:05:f8:20:6b:b6:d5:77:57:33:c6:38: 3b:c4:7d:04:5d:ad:bb:f2:e5:60:e5:2c:4e:d4:5d:2b:8f:30: a6:62:a6:f0:aa:4b:9c:41:9d:67:e4:48:ae:49:a4:be:1f:25: a4:b5:d8:d3:27:0b:13:f1:b1:09:c3:66:0e:de:e8:6b:97:95: 33:10:50:6b:9b:8b:24:0d:4f:58:e9:c1:6b:2d:91:e4:5c:67: 2f:9c:42:d1:6e:2d:ef:c5:28:d2:4f:f7:1e:f7:21:13:88:8a: fc:89:44:de:34:b5:eb:99:aa:ca:3a:d3:15:b9:fe:03:e1:ff: 82:0f:0c:c5 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGqNtudoMvW4+2crtRzn53YwlMJcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMjVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGI0NjNiYjlmOWI1NWVlYTliZTBiNjMxOWE4MWVlYTgzNTgxZWI0OGZlZTU4 OGFiMDllNDA1YWJmOTBiNmI4ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANiESK0chzUYYHx4ev1g7uOvlU4w0w3iEUDQB/ZnjL19jmXUF59ybWQL6iuk eSxGDIYJxpwmGaDG3/L2ndMy71lp7BYc9BZRlXVJm9+wTg4/gFejlFGb6B8N5eBk g58i5vmdShuYS9K+IjCL9nGDeqNLHMdImJ3WQ0H6OwfhGs/zratdoovyequ3okOU bzd6A4qm9F9xqsG6+KLtQGjQ9aDuYBRnekhHb/ghLMMW+kgd1KRZele0zK2hqWLt m4WClGTnv4jHbqAR+++i+nXs2mIMxse0ngfDoQmdJAf39Lm0PUwVs3XF050hcDZn uEUvmHO5D09dizDqBoYZvkx3DJ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0frwE yQDnBYyUYn+IPucEOVXqBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTY5YjE1MTktZjM0NS00M2FhLThjNmItY2Q3ODZlZTEzNDA0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5Q MA0GCSqGSIb3DQEBCwUAA4IBAQBkiNHC/BMUhlhsr9nOOoY+YLF2z9TN9X51tmyh aWIMq2drN7dl49uajVsbPdFoarrW7r6kji/S3WYBwSaIZsvdOhY2bA4jLvB1UIfq IkWkFMd4RAL44R1TIcJr3i+znSXeijph7gRt4FJY2nz9DwlRCiZ05Wm34i8mQMLf ba16m68G9nEmBfgga7bVd1czxjg7xH0EXa278uVg5SxO1F0rjzCmYqbwqkucQZ1n 5EiuSaS+HyWktdjTJwsT8bEJw2YO3uhrl5UzEFBrm4skDU9Y6cFrLZHkXGcvnELR bi3vxSjST/ce9yETiIr8iUTeNLXrmarKOtMVuf4D4f+CDwzF -----END CERTIFICATE-----Generated at Mon Dec 22 00:20:02 2025 by rpki-client