This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa File: e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa (raw, json) Hash identifier: lw2C8eh89pZaoWGj8JOEO1kFo7otvvlJvxSkU+s9KjE= Subject key identifier: 51:64:5C:03:5E:A3:89:1E:3A:1A:3A:A2:20:A8:FA:75:05:62:FB:80 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 556E6F2C39AD39F1CD66227ADF24B0A072FF3DC9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa Signing time: Wed 10 Dec 2025 06:30:43 +0000 ROA not before: Wed 10 Dec 2025 06:30:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:6e:6f:2c:39:ad:39:f1:cd:66:22:7a:df:24:b0:a0:72:ff:3d:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=68efd6d38f46b25d6aca13e5cc8ff09cb14332e86b9b68e94941604b38f7cfa6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:74:0f:f3:fa:cf:b8:d3:27:fe:04:de:ea:43: 20:92:fb:88:3b:3e:e6:e1:b6:52:35:af:de:2a:2f: 1e:e8:49:68:a0:2f:c8:17:4e:90:18:ca:09:07:bb: 70:e5:0e:d4:35:0b:ad:25:a4:92:d6:ec:f0:fc:24: 1a:a5:08:71:e1:97:b7:23:8a:92:fa:b2:31:c2:1d: 8a:c9:1a:8e:35:49:df:fb:a2:06:c1:53:df:49:ea: d1:e1:96:58:0c:19:29:cb:ae:4e:99:1a:5d:b2:00: 46:cc:5e:29:61:65:98:95:9c:3f:d5:72:47:24:f6: fa:1d:43:41:07:60:ee:8a:94:32:ac:cc:3d:7d:c6: f4:2e:73:34:fb:93:ad:0d:c9:43:c8:aa:27:38:1d: 64:a6:a3:f2:be:b5:c9:eb:4b:01:ec:84:46:9f:39: 77:f7:9b:c5:5b:80:00:11:bc:15:1f:7d:ee:10:93: e7:a5:60:e9:62:53:84:75:08:b8:14:0d:b5:c3:5b: 56:cc:57:1e:92:58:f8:bd:00:5c:59:ad:9d:89:f0: 05:55:3f:6f:4d:00:59:e1:d2:bd:71:79:aa:b6:5a: 25:8a:82:f8:a1:0a:c4:bf:a4:a1:c3:32:3d:44:1b: 0e:93:76:7d:14:fb:1b:bb:a3:90:e7:40:62:16:f5: f7:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:64:5C:03:5E:A3:89:1E:3A:1A:3A:A2:20:A8:FA:75:05:62:FB:80 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:c040::/48 Signature Algorithm: sha256WithRSAEncryption 1e:a7:33:21:43:93:48:64:a2:49:76:75:46:e9:3d:4e:5e:4b: 29:43:dc:1a:3f:48:77:b6:15:81:d0:97:36:ef:13:b9:c1:71: 0e:16:c3:40:d3:1d:06:3f:11:b1:f4:ca:2a:91:20:14:72:bd: 5f:7b:ff:e8:d3:11:b0:94:a9:38:a2:c1:e0:00:e7:7a:97:6d: 05:bf:d4:8b:ee:4c:f7:ad:16:6d:a2:e2:8e:b8:5c:4f:37:81: 4e:92:db:86:b8:36:73:0d:c5:e9:41:20:b1:20:76:45:df:d8: 90:de:48:c0:14:47:ba:d1:b4:fe:6b:09:06:73:cd:1a:a2:80: e3:a7:a6:b4:2e:8a:f0:d9:e8:b1:c1:01:40:9f:0d:d1:73:0e: 4c:12:20:ca:c4:55:c4:9b:6d:78:0b:5c:41:99:2f:8e:ae:4b: 6c:fe:9a:9e:30:db:6d:39:b4:30:d6:4b:f9:d3:c5:e7:50:e7: 2f:82:6f:58:55:7f:86:38:8d:52:f6:d8:5d:c7:9e:a5:0b:58: 47:5f:33:6d:e7:9d:2f:3c:6c:8c:0c:7f:1b:ba:09:c4:be:40: 7b:29:9d:4b:3e:cc:58:76:e3:4b:b8:ee:8c:4d:c2:8f:a8:b0: a6:12:4b:3f:80:10:b3:7a:ed:55:7c:0a:5d:71:2b:6f:d2:58: 1e:79:21:9d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUVW5vLDmtOfHNZiJ63ySwoHL/PckwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDY4ZWZkNmQzOGY0NmIyNWQ2YWNhMTNlNWNjOGZmMDljYjE0MzMyZTg2Yjli NjhlOTQ5NDE2MDRiMzhmN2NmYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALN0D/P6z7jTJ/4E3upDIJL7iDs+5uG2UjWv3iovHuhJaKAvyBdOkBjKCQe7 cOUO1DULrSWkktbs8PwkGqUIceGXtyOKkvqyMcIdiskajjVJ3/uiBsFT30nq0eGW WAwZKcuuTpkaXbIARsxeKWFlmJWcP9VyRyT2+h1DQQdg7oqUMqzMPX3G9C5zNPuT rQ3JQ8iqJzgdZKaj8r61yetLAeyERp85d/ebxVuAABG8FR997hCT56Vg6WJThHUI uBQNtcNbVsxXHpJY+L0AXFmtnYnwBVU/b00AWeHSvXF5qrZaJYqC+KEKxL+kocMy PUQbDpN2fRT7G7ujkOdAYhb197kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRRZFwD XqOJHjoaOqIgqPp1BWL7gDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTkzMWNhYTktY2E0ZS00MjhhLWFhM2MtM2FmMzZlZmFmYzhjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA QDANBgkqhkiG9w0BAQsFAAOCAQEAHqczIUOTSGSiSXZ1Ruk9Tl5LKUPcGj9Id7YV gdCXNu8TucFxDhbDQNMdBj8RsfTKKpEgFHK9X3v/6NMRsJSpOKLB4ADnepdtBb/U i+5M960WbaLijrhcTzeBTpLbhrg2cw3F6UEgsSB2Rd/YkN5IwBRHutG0/msJBnPN GqKA46emtC6K8NnoscEBQJ8N0XMOTBIgysRVxJtteAtcQZkvjq5LbP6anjDbbTm0 MNZL+dPF51DnL4JvWFV/hjiNUvbYXceepQtYR18zbeedLzxsjAx/G7oJxL5Aeymd Sz7MWHbjS7jujE3Cj6iwphJLP4AQs3rtVXwKXXErb9JYHnkhnQ== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:44 2026 by rpki-client