This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa File: ecd857ec-bcff-41df-b23a-19087481169e.roa (raw, json) Hash identifier: 7BsmiaOJcBe8g00ELn5981dIVQjjOisM1UDhOWMXyQ4= Subject key identifier: E6:EE:8C:31:53:26:62:04:B6:B2:3F:59:8A:7E:E1:CF:CB:CA:0B:38 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1E8518D323AFA595132B406B9ACC62C38FDEC6C7 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa Signing time: Wed 10 Dec 2025 05:41:21 +0000 ROA not before: Wed 10 Dec 2025 05:41:21 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06d:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:85:18:d3:23:af:a5:95:13:2b:40:6b:9a:cc:62:c3:8f:de:c6:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:21 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3c7d2450103f2c8c56394f302b0d095bed2daa7fd6fdf4411594810f090d7f21, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b7:f7:03:ed:57:30:a0:7a:06:c2:5e:66:e5: 76:42:26:bb:97:f3:64:a2:4a:6e:fb:52:8f:fe:92: 1b:ac:11:cd:8b:a2:47:e2:e6:d0:5e:58:52:cd:a2: 8a:7f:2c:60:fc:56:dc:cd:80:4d:82:f6:2b:9c:4c: f3:42:fe:5b:ec:2e:2d:1a:91:a7:07:2b:6d:b4:c8: 1c:59:e7:55:8f:99:47:73:60:ee:98:76:af:33:e8: a7:d5:eb:c0:dd:02:fb:52:25:be:44:82:1f:1e:04: d8:cd:06:57:01:bb:e0:f5:1f:7c:34:57:a8:59:03: 75:2e:87:85:6a:11:3c:96:4a:17:65:60:43:e1:c0: 51:67:15:41:5c:4d:e6:5f:55:d8:73:94:e0:a0:94: 05:d1:cb:99:fc:97:86:78:4d:cb:a4:be:71:2a:78: f8:aa:98:80:68:36:d9:ce:ef:52:04:48:9c:9b:d1: 3e:3a:67:e4:35:36:09:2c:34:19:5a:23:26:ad:86: 57:78:10:3f:57:78:83:8e:06:b2:9d:4f:44:9a:8c: 65:ad:cb:1a:d9:a2:a9:9c:c7:c1:77:1d:33:54:6a: 87:4f:1d:da:db:25:59:ca:b5:70:b4:04:fb:44:e4: a4:a7:33:f9:53:9f:d4:5b:51:78:6d:7a:63:88:7d: f5:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:EE:8C:31:53:26:62:04:B6:B2:3F:59:8A:7E:E1:CF:CB:CA:0B:38 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06d:5000::/40 Signature Algorithm: sha256WithRSAEncryption 61:ea:52:d9:5c:b2:2f:08:d3:19:ac:c3:71:2c:ed:1e:47:aa: b9:7e:03:69:04:3e:59:41:91:64:92:bf:8e:2c:d0:5c:6f:e4: 73:0f:fe:ac:48:b2:fe:e4:7f:a5:e7:e9:b4:89:35:8f:b9:79: 0c:95:ba:43:6e:ea:f0:b9:e4:c5:0c:39:64:5f:85:a4:99:a3: b0:5a:28:ec:62:42:4b:cf:83:82:76:b1:f2:8a:b6:7f:2d:6a: b2:d2:46:d8:8e:92:b3:61:48:97:8c:be:5b:96:39:a3:60:53: 04:ca:c5:2b:9a:85:67:35:67:17:d7:26:80:45:3d:17:78:98: ae:29:e9:23:ac:63:d6:9f:b1:cd:30:22:2e:c4:e6:a9:64:23: aa:61:6e:73:63:45:e0:a9:bc:d1:e4:97:ac:10:a7:0f:cd:c6: ae:0e:fb:f9:ed:f5:41:52:48:f8:8b:1a:2b:41:c0:17:04:08: b5:83:28:0a:7d:46:e4:e1:33:1e:cd:ec:e6:ad:bd:f3:2c:5b: b6:ff:e3:cb:e6:d6:8b:6f:cf:64:2d:24:9d:e9:bd:a0:a3:c7: 0a:91:04:a1:63:e4:81:fe:68:6a:7b:50:5d:09:34:c1:c9:d3: 23:8a:a5:48:5f:e1:57:ea:c4:25:8a:2b:0b:f2:b3:dd:d4:3c: 0e:2b:2f:52 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHoUY0yOvpZUTK0Brmsxiw4/exscwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMjFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNjN2QyNDUwMTAzZjJjOGM1NjM5NGYzMDJiMGQwOTViZWQyZGFhN2ZkNmZk ZjQ0MTE1OTQ4MTBmMDkwZDdmMjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALi39wPtVzCgegbCXmbldkImu5fzZKJKbvtSj/6SG6wRzYuiR+Lm0F5YUs2i in8sYPxW3M2ATYL2K5xM80L+W+wuLRqRpwcrbbTIHFnnVY+ZR3Ng7ph2rzPop9Xr wN0C+1IlvkSCHx4E2M0GVwG74PUffDRXqFkDdS6HhWoRPJZKF2VgQ+HAUWcVQVxN 5l9V2HOU4KCUBdHLmfyXhnhNy6S+cSp4+KqYgGg22c7vUgRInJvRPjpn5DU2CSw0 GVojJq2GV3gQP1d4g44Gsp1PRJqMZa3LGtmiqZzHwXcdM1Rqh08d2tslWcq1cLQE +0TkpKcz+VOf1FtReG16Y4h99YcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTm7owx UyZiBLayP1mKfuHPy8oLODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWNkODU3ZWMtYmNmZi00MWRmLWIyM2EtMTkwODc0ODExNjllLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1Q MA0GCSqGSIb3DQEBCwUAA4IBAQBh6lLZXLIvCNMZrMNxLO0eR6q5fgNpBD5ZQZFk kr+OLNBcb+RzD/6sSLL+5H+l5+m0iTWPuXkMlbpDburwueTFDDlkX4WkmaOwWijs YkJLz4OCdrHyirZ/LWqy0kbYjpKzYUiXjL5bljmjYFMEysUrmoVnNWcX1yaART0X eJiuKekjrGPWn7HNMCIuxOapZCOqYW5zY0XgqbzR5JesEKcPzcauDvv57fVBUkj4 ixorQcAXBAi1gygKfUbk4TMezezmrb3zLFu2/+PL5taLb89kLSSd6b2go8cKkQSh Y+SB/mhqe1BdCTTBydMjiqVIX+FX6sQliisL8rPd1DwOKy9S -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:35 2026 by rpki-client