This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json) Hash identifier: 1Mk143vXNBhAkwKkQwPFdWjBlP0yzukB1cIzklSbYrQ= Subject key identifier: A5:38:7E:72:B4:5D:C2:FB:17:FD:42:F7:6D:0C:DE:F1:7E:41:98:3C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 059ECF81E96D991A96B28EDEF5DA00736F0AD516 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa Signing time: Wed 10 Dec 2025 06:11:25 +0000 ROA not before: Wed 10 Dec 2025 06:11:25 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d036:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:9e:cf:81:e9:6d:99:1a:96:b2:8e:de:f5:da:00:73:6f:0a:d5:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:25 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=be804b2b783460102048dcd71a654d931376ea586ae1f6b8e86660f34aad87fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:31:7d:80:6f:64:23:fe:76:99:48:91:a9:3b: b3:4a:95:28:98:0f:dc:71:0d:7f:4e:6b:8b:81:a9: 2e:a6:53:5d:55:10:58:a5:d1:82:d3:04:49:10:03: 47:32:29:83:b5:4d:83:69:c6:5f:cb:8d:69:fb:0a: a7:f7:b0:01:57:57:c3:5f:8f:cf:8a:c6:6c:20:52: ff:a1:0f:da:0e:d4:be:6c:38:cf:9f:db:c3:2b:0f: dc:78:0c:1c:92:85:2e:f4:08:ea:de:7b:9d:37:03: c5:e1:58:5c:13:a6:64:58:ba:28:8d:d1:29:5e:c2: c0:47:db:ff:9b:65:d9:f4:95:dc:a8:11:12:78:3f: 3e:18:e5:db:5f:94:5c:bf:4d:97:59:54:0e:1c:f6: 59:da:8f:60:9d:f7:75:33:33:d5:af:32:97:4a:a1: e7:55:05:1e:0e:14:24:5c:f6:23:bc:d5:f4:f2:5c: 6a:ee:f4:94:f9:91:d5:6a:a0:ed:6f:11:7a:54:2a: 97:fb:2d:34:2d:10:1a:8c:ec:fc:fa:c7:0b:21:70: c2:f0:39:c0:89:93:6c:77:ee:36:04:f1:52:84:81: 43:92:c9:ae:b0:63:1a:08:7b:b8:67:8b:97:b9:b5: 0f:20:d0:1f:7a:5f:f1:f8:59:d7:b5:08:ba:23:b3: 10:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:38:7E:72:B4:5D:C2:FB:17:FD:42:F7:6D:0C:DE:F1:7E:41:98:3C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d036:5000::/40 Signature Algorithm: sha256WithRSAEncryption 96:ff:3a:e8:d3:c8:b0:48:fc:18:f1:ac:63:6c:6f:db:0b:32: a8:51:a6:36:80:d5:47:59:77:3c:71:89:27:6a:1f:0b:cd:45: 0d:45:a3:4c:61:21:7b:9b:c7:f6:87:08:09:07:af:4b:be:93: 47:ea:f7:10:e9:f0:69:11:0c:1d:3f:ab:41:22:84:33:bc:b6: 13:27:5a:e4:7a:f0:31:31:ae:03:a7:2e:2d:79:fd:ed:81:65: 0d:18:82:09:03:d3:cd:bb:e6:2e:18:59:bf:c4:95:74:69:f6: de:15:8f:d7:dc:3f:95:da:97:be:62:b1:16:0d:f7:a7:c2:f5: b4:33:50:4e:ce:f9:7e:9d:3d:cf:38:ab:f2:5b:e3:46:d7:77: 47:41:5b:09:ff:36:32:68:e0:a8:c4:ca:86:bf:75:7d:7a:a9: fc:e3:72:52:ce:d5:00:f9:90:de:e7:6a:0e:b2:65:08:1a:35: 8f:c6:4a:af:2e:69:8c:81:6f:eb:a8:59:81:b6:5a:b3:2d:77: e8:d0:f1:b9:3d:90:05:7f:5a:e4:db:9e:b1:fc:ca:da:b5:c1: 20:cc:73:9c:23:01:9f:10:81:2b:01:56:73:39:5c:2c:5b:0e: a1:f6:ab:4f:bc:f6:3e:c7:9d:8f:ba:6c:ba:ac:64:3c:c6:72: cf:48:d0:74 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUBZ7PgeltmRqWso7e9doAc28K1RYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMjVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJlODA0YjJiNzgzNDYwMTAyMDQ4ZGNkNzFhNjU0ZDkzMTM3NmVhNTg2YWUx ZjZiOGU4NjY2MGYzNGFhZDg3ZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALsxfYBvZCP+dplIkak7s0qVKJgP3HENf05ri4GpLqZTXVUQWKXRgtMESRAD RzIpg7VNg2nGX8uNafsKp/ewAVdXw1+Pz4rGbCBS/6EP2g7Uvmw4z5/bwysP3HgM HJKFLvQI6t57nTcDxeFYXBOmZFi6KI3RKV7CwEfb/5tl2fSV3KgREng/Phjl21+U XL9Nl1lUDhz2WdqPYJ33dTMz1a8yl0qh51UFHg4UJFz2I7zV9PJcau70lPmR1Wqg 7W8RelQql/stNC0QGozs/PrHCyFwwvA5wImTbHfuNgTxUoSBQ5LJrrBjGgh7uGeL l7m1DyDQH3pf8fhZ17UIuiOzEM0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSlOH5y tF3C+xf9QvdtDN7xfkGYPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ MA0GCSqGSIb3DQEBCwUAA4IBAQCW/zro08iwSPwY8axjbG/bCzKoUaY2gNVHWXc8 cYknah8LzUUNRaNMYSF7m8f2hwgJB69LvpNH6vcQ6fBpEQwdP6tBIoQzvLYTJ1rk evAxMa4Dpy4tef3tgWUNGIIJA9PNu+YuGFm/xJV0afbeFY/X3D+V2pe+YrEWDfen wvW0M1BOzvl+nT3POKvyW+NG13dHQVsJ/zYyaOCoxMqGv3V9eqn843JSztUA+ZDe 52oOsmUIGjWPxkqvLmmMgW/rqFmBtlqzLXfo0PG5PZAFf1rk256x/MratcEgzHOc IwGfEIErAVZzOVwsWw6h9qtPvPY+x52Pumy6rGQ8xnLPSNB0 -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:21 2026 by rpki-client