This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa File: fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa (raw, json) Hash identifier: ohoN18QPGeh9IZbRoAQIeg/gNQ/dfJXIMJYGNpUPUlk= Subject key identifier: 4D:A1:8F:20:C0:C2:FB:28:81:DB:05:C0:3A:A1:C9:AC:5F:43:C4:A4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 093E67D173B917D6A3223AFD91DE1A4A61EE52B9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa Signing time: Wed 10 Dec 2025 05:50:44 +0000 ROA not before: Wed 10 Dec 2025 05:50:44 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:3e:67:d1:73:b9:17:d6:a3:22:3a:fd:91:de:1a:4a:61:ee:52:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:44 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=49a8b9d3fc093d1b2279ea966af1f55eed5ddb47a571238cabd265d60142b70c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:81:e4:77:8c:05:e3:f5:83:ef:a0:39:e0:4a: e8:d6:8d:81:9d:6d:f1:21:13:85:52:8c:c4:22:4a: 6e:a8:48:5e:8d:cf:50:37:a3:48:8b:53:6c:f7:ab: 52:fa:06:f7:fe:da:e6:74:d0:e2:23:92:5d:6a:79: ea:ce:1e:58:ea:74:44:dd:5f:59:0c:c8:a6:cf:ea: 26:91:82:62:11:88:5f:f5:b1:33:95:cb:6e:f9:de: 7e:ac:f6:79:07:97:81:41:00:1c:1b:0b:bf:59:c5: e2:4c:a7:72:fa:c5:bb:91:80:36:f7:2c:37:12:c9: 56:82:68:01:94:34:05:31:d5:f9:49:66:18:e1:9e: 29:34:1b:69:ae:37:9f:67:c1:43:ae:43:85:07:3e: 63:0d:3e:f4:b2:58:61:21:89:07:8e:58:84:ef:07: 12:68:74:ac:81:95:59:fb:69:9a:0d:48:fc:3c:6d: 35:b5:e7:e7:49:bd:95:09:7f:a8:30:33:f6:de:81: df:98:a8:f1:79:4e:cf:22:9b:ed:ee:b0:8e:d0:be: e4:11:a2:a5:6f:c8:11:c5:9b:81:94:17:39:af:ba: 57:fc:d5:f7:39:14:d4:24:c7:c2:5e:49:ba:ea:f9: 93:d0:85:af:f6:34:37:e2:b7:f8:94:4f:9f:59:76: 9f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:A1:8F:20:C0:C2:FB:28:81:DB:05:C0:3A:A1:C9:AC:5F:43:C4:A4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 3f:06:c6:5d:3a:78:01:d6:d9:aa:49:e6:e7:59:f8:90:0d:9d: 52:4f:53:0f:70:2d:19:90:9e:4f:2f:73:fa:92:61:28:bf:c8: 20:39:48:28:77:0c:bc:dc:94:20:6c:1d:10:8a:0b:76:4a:4e: 5f:fc:7b:01:fb:ac:3b:23:f4:62:e0:f1:2f:6a:fe:35:7a:24: 96:c2:13:b5:28:5b:7c:d5:67:7a:78:71:3f:ca:31:28:d3:0d: e7:ba:25:48:7c:7d:e5:10:86:f0:7e:3f:3a:72:e7:14:4e:1a: 75:fa:de:d2:16:46:d9:26:b9:d7:84:04:79:89:f2:e0:90:09: f7:8f:d6:e2:39:a9:9a:09:08:7e:ac:c5:6b:9e:4a:7f:84:c5: 80:27:e3:ed:1c:b7:1e:95:45:55:9d:b6:60:d3:d4:93:4a:8f: f6:ce:5e:b0:7e:a7:b4:ea:6c:dd:e9:ef:5b:5a:8b:d9:07:58: 65:8d:e2:97:a0:76:52:e3:c6:6f:da:12:f9:28:16:25:5a:0c: c5:83:8a:22:4f:db:48:75:56:8b:ec:bb:62:eb:04:4f:a3:d5: 43:72:05:59:ce:e8:07:ce:49:9f:ac:87:b8:da:7f:88:24:d6: b2:44:53:8c:5f:3a:2d:6f:ad:26:d0:e9:ef:d5:fc:17:7a:24: 89:a1:21:f7 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUCT5n0XO5F9ajIjr9kd4aSmHuUrkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ5YThiOWQzZmMwOTNkMWIyMjc5ZWE5NjZhZjFmNTVlZWQ1ZGRiNDdhNTcx MjM4Y2FiZDI2NWQ2MDE0MmI3MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+B5HeMBeP1g++gOeBK6NaNgZ1t8SEThVKMxCJKbqhIXo3PUDejSItTbPer UvoG9/7a5nTQ4iOSXWp56s4eWOp0RN1fWQzIps/qJpGCYhGIX/WxM5XLbvnefqz2 eQeXgUEAHBsLv1nF4kyncvrFu5GANvcsNxLJVoJoAZQ0BTHV+UlmGOGeKTQbaa43 n2fBQ65DhQc+Yw0+9LJYYSGJB45YhO8HEmh0rIGVWftpmg1I/DxtNbXn50m9lQl/ qDAz9t6B35io8XlOzyKb7e6wjtC+5BGipW/IEcWbgZQXOa+6V/zV9zkU1CTHwl5J uur5k9CFr/Y0N+K3+JRPn1l2n9ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNoY8g wML7KIHbBcA6ocmsX0PEpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmNlN2EwM2ItOWU5MC00OTIxLTljNTYtNWIwYmQ0ZTYwZWQwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA wDANBgkqhkiG9w0BAQsFAAOCAQEAPwbGXTp4AdbZqknm51n4kA2dUk9TD3AtGZCe Ty9z+pJhKL/IIDlIKHcMvNyUIGwdEIoLdkpOX/x7AfusOyP0YuDxL2r+NXoklsIT tShbfNVnenhxP8oxKNMN57olSHx95RCG8H4/OnLnFE4adfre0hZG2Sa514QEeYny 4JAJ94/W4jmpmgkIfqzFa55Kf4TFgCfj7Ry3HpVFVZ22YNPUk0qP9s5esH6ntOps 3envW1qL2QdYZY3il6B2UuPGb9oS+SgWJVoMxYOKIk/bSHVWi+y7YusET6PVQ3IF Wc7oB85Jn6yHuNp/iCTWskRTjF86LW+tJtDp79X8F3okiaEh9w== -----END CERTIFICATE-----Generated at Sun Dec 14 00:07:47 2025 by rpki-client