This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa File: fa3b401f-ea91-45a9-8182-d567cfac077a.roa (raw, json) Hash identifier: l/cdDTnvM/CgA6itUP7autPP7ykeYmvZo6MW2w89m34= Subject key identifier: 18:2A:30:44:F9:46:70:6A:8D:1A:B7:2D:87:A8:32:33:DF:2A:63:32 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7953DC0A3D752E945333C69C5C7CA96C0C427518 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa Signing time: Wed 10 Dec 2025 05:31:04 +0000 ROA not before: Wed 10 Dec 2025 05:31:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:53:dc:0a:3d:75:2e:94:53:33:c6:9c:5c:7c:a9:6c:0c:42:75:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a3bd125281bf2890f55830b3ce9f158922bfc82ec4db915110f5905358bb93d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b7:3c:e9:66:14:78:f4:99:7a:bc:ab:cb:37: d2:a3:f3:90:ba:cd:4f:02:ec:3c:77:30:88:6a:71: ca:50:b9:ea:21:6a:7e:67:be:cb:41:d0:44:74:51: 04:b8:10:83:0e:65:cc:34:37:2a:10:ca:fa:0a:62: 5c:35:4f:ed:8b:8c:a6:e9:ca:f6:b8:0a:dd:ad:73: 6b:4a:37:81:13:62:ff:1f:34:a6:eb:6d:7f:8a:9e: 6d:d1:5d:6d:56:79:f3:58:fe:b9:95:c1:17:f4:d4: 59:a6:7a:a8:71:f6:ec:ad:f2:61:46:21:ed:64:bb: cf:3e:cb:ae:82:ac:0e:19:f6:e1:d7:e0:10:61:9c: d5:5f:e6:72:df:a9:b0:6b:92:bd:19:ad:4f:0b:71: 8e:b6:36:25:30:51:1e:e4:8a:87:cc:48:14:f6:b4: 60:b5:81:3c:6a:8b:d5:ec:de:db:2d:d1:47:6b:05: c4:51:b3:e7:5c:48:c7:82:af:bc:ad:cc:f2:5c:67: 86:0f:68:28:64:c4:ed:ac:17:12:8b:ab:7f:45:f7: ea:e9:94:29:52:73:44:a0:51:92:92:3f:2e:33:5b: a1:05:45:ae:4a:55:98:b9:ff:48:6c:57:c7:17:23: 47:e2:69:97:fa:16:eb:e8:64:40:8f:7d:6b:a0:f4: 6a:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:2A:30:44:F9:46:70:6A:8D:1A:B7:2D:87:A8:32:33:DF:2A:63:32 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fa3b401f-ea91-45a9-8182-d567cfac077a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:b080::/48 Signature Algorithm: sha256WithRSAEncryption 83:df:39:b5:c2:bb:51:d8:fe:93:b6:ed:25:f6:7a:72:85:91: 12:f7:91:a1:40:4d:01:34:e1:72:9b:bb:aa:2d:ef:ca:91:3c: e2:a7:3a:79:7e:57:ca:e8:94:d4:79:80:11:f7:fe:db:a8:85: 2d:5f:99:17:6c:02:70:47:af:fa:82:4e:7b:a4:7e:be:cb:58: 1a:60:1e:d8:87:cf:68:35:38:cc:8c:99:c4:d6:90:4c:3a:d0: e7:b6:fb:7e:63:7d:be:3a:ff:19:26:7d:7f:46:f8:d6:93:e3: 15:66:85:83:33:a2:3e:61:64:13:29:f2:25:73:9c:3d:3a:18: fd:bd:29:8c:9d:08:8a:5a:62:ad:3e:92:01:78:5a:43:0c:3b: d1:f5:95:ff:34:62:1b:10:d3:d1:38:74:c5:20:fb:b9:b7:77: 0b:fd:f7:f1:17:39:1c:ad:6b:f8:a7:0e:f5:bb:81:58:32:b2: 97:c6:e7:c3:b3:ba:60:dc:8e:4b:90:f4:42:88:ab:fa:00:16: f2:34:f8:95:39:2b:38:f3:0a:f4:a1:8a:da:99:48:14:72:c0: 3a:ba:d4:2f:9a:c1:63:eb:36:14:98:08:41:94:0d:60:9a:75: 4c:8d:4a:a3:42:99:a6:e0:82:d3:51:5a:69:50:25:5a:c8:17: 79:00:40:d8 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUeVPcCj11LpRTM8acXHypbAxCdRgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGEzYmQxMjUyODFiZjI4OTBmNTU4MzBiM2NlOWYxNTg5MjJiZmM4MmVjNGRi OTE1MTEwZjU5MDUzNThiYjkzZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALq3POlmFHj0mXq8q8s30qPzkLrNTwLsPHcwiGpxylC56iFqfme+y0HQRHRR BLgQgw5lzDQ3KhDK+gpiXDVP7YuMpunK9rgK3a1za0o3gRNi/x80puttf4qebdFd bVZ581j+uZXBF/TUWaZ6qHH27K3yYUYh7WS7zz7LroKsDhn24dfgEGGc1V/mct+p sGuSvRmtTwtxjrY2JTBRHuSKh8xIFPa0YLWBPGqL1eze2y3RR2sFxFGz51xIx4Kv vK3M8lxnhg9oKGTE7awXEourf0X36umUKVJzRKBRkpI/LjNboQVFrkpVmLn/SGxX xxcjR+Jpl/oW6+hkQI99a6D0ajkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQYKjBE +UZwao0aty2HqDIz3ypjMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmEzYjQwMWYtZWE5MS00NWE5LTgxODItZDU2N2NmYWMwNzdhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGw gDANBgkqhkiG9w0BAQsFAAOCAQEAg985tcK7Udj+k7btJfZ6coWREveRoUBNATTh cpu7qi3vypE84qc6eX5XyuiU1HmAEff+26iFLV+ZF2wCcEev+oJOe6R+vstYGmAe 2IfPaDU4zIyZxNaQTDrQ57b7fmN9vjr/GSZ9f0b41pPjFWaFgzOiPmFkEynyJXOc PToY/b0pjJ0IilpirT6SAXhaQww70fWV/zRiGxDT0Th0xSD7ubd3C/338Rc5HK1r +KcO9buBWDKyl8bnw7O6YNyOS5D0Qoir+gAW8jT4lTkrOPMK9KGK2plIFHLAOrrU L5rBY+s2FJgIQZQNYJp1TI1Ko0KZpuCC01FaaVAlWsgXeQBA2A== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:26 2026 by rpki-client