This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa File: 14a1cb35-92d7-4bc2-854c-094a3829c73e.roa (raw, json) Hash identifier: mSTEOT4VVuU/YcklXaU1+LZj0XtX6Bxw8YvSJec3kNc= Subject key identifier: 8F:F7:69:23:D1:9E:0D:1D:DB:A1:2F:92:A4:4C:71:2A:CC:6D:BB:82 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1457A6BCAA440FC1538448A51CB0E84CB4242860 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa Signing time: Wed 10 Dec 2025 05:41:20 +0000 ROA not before: Wed 10 Dec 2025 05:41:20 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:8040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:57:a6:bc:aa:44:0f:c1:53:84:48:a5:1c:b0:e8:4c:b4:24:28:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:20 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=301169825813701d571a5ec63d3da62d3cc377b5b810aa53ec98e6aa87a2d6c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:07:a1:71:e3:80:f4:a1:0a:92:d0:7f:8e:e9: 81:ef:af:f8:b2:e8:a6:19:7a:a5:32:8d:12:66:96: 07:42:cc:e7:00:f7:0d:b9:11:8b:be:2a:6e:1d:87: 6e:56:ab:79:5c:05:81:2b:8f:7f:d1:d0:41:ce:7a: d7:b8:b7:56:c6:53:92:33:13:5a:7a:a8:fd:fe:e8: 33:79:c5:21:d0:69:f5:19:22:4f:8a:fb:ba:5a:2a: cc:6b:f3:c0:af:b2:5c:87:b1:20:4c:5b:11:9b:45: 76:82:d1:18:22:69:cb:ec:ba:64:01:4f:b6:3c:55: 58:96:d0:bb:a3:8c:72:c1:a1:b3:63:55:c4:f5:83: 97:70:48:96:18:bf:31:09:59:d0:ed:b5:0d:78:1a: e1:84:23:d4:21:97:46:75:d3:08:a3:44:a5:36:da: 72:1a:6a:e0:d3:5e:a4:f1:78:e6:5f:62:74:3a:13: 06:5c:5c:d9:b4:9a:b9:ba:a1:d7:a1:bb:69:a4:fb: d3:d7:c8:ee:a0:fe:ee:8d:6c:9c:19:17:9b:fc:e4: 94:f8:93:d7:fb:c0:7f:47:8e:a5:58:a5:9e:97:a7: bc:90:b5:ff:82:0a:83:84:bd:d5:4c:49:e6:22:ee: 3a:04:22:74:12:33:81:83:fc:f0:6f:93:25:b1:27: 6b:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:F7:69:23:D1:9E:0D:1D:DB:A1:2F:92:A4:4C:71:2A:CC:6D:BB:82 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14a1cb35-92d7-4bc2-854c-094a3829c73e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:8040::/48 Signature Algorithm: sha256WithRSAEncryption 36:34:d7:04:4c:19:07:87:7a:88:e4:fe:99:4e:b6:c2:05:96: e5:1b:f4:6f:71:58:92:5a:42:de:43:80:e1:c0:c8:f7:af:69: 55:ea:b8:64:d9:a5:cc:e2:b3:8c:8e:99:d0:38:c9:c7:12:71: 38:0f:db:c1:37:34:c3:d1:f9:a2:a8:f1:d3:76:ed:1e:f2:ae: b3:03:56:c2:78:c7:b9:6e:a7:f8:66:15:c3:18:c6:69:7d:93: 56:84:c9:ca:d8:c8:38:02:37:cf:2a:60:15:48:ba:19:39:92: e2:65:51:f6:be:61:42:f3:7d:f9:bc:f2:50:56:d0:c7:59:14: 37:06:d1:08:b7:6c:4a:5e:54:a7:3c:06:a6:10:2e:dc:91:af: a9:e2:7d:10:a3:88:6a:e4:31:5e:9e:fb:0c:e4:e1:d2:fc:0e: 7a:0a:bd:c4:56:f4:ac:81:43:3e:6a:d7:68:50:42:f3:50:ba: 3a:8f:0e:0a:1b:7e:12:ef:c6:60:fd:d7:0e:23:ea:f4:2d:a7: 29:3c:35:d9:9a:d6:9c:e3:0e:7a:1c:dc:3a:c0:67:b7:08:fa: 49:d3:5b:5d:50:9c:1f:70:56:54:c5:6d:64:18:1a:c1:6b:fa: 3a:8e:16:02:ec:3a:13:70:01:82:f9:29:ab:bd:bf:18:1f:b0: b8:42:9f:5d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFFemvKpED8FThEilHLDoTLQkKGAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMjBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDMwMTE2OTgyNTgxMzcwMWQ1NzFhNWVjNjNkM2RhNjJkM2NjMzc3YjViODEw YWE1M2VjOThlNmFhODdhMmQ2YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJsHoXHjgPShCpLQf47pge+v+LLophl6pTKNEmaWB0LM5wD3DbkRi74qbh2H blareVwFgSuPf9HQQc5617i3VsZTkjMTWnqo/f7oM3nFIdBp9RkiT4r7uloqzGvz wK+yXIexIExbEZtFdoLRGCJpy+y6ZAFPtjxVWJbQu6OMcsGhs2NVxPWDl3BIlhi/ MQlZ0O21DXga4YQj1CGXRnXTCKNEpTbachpq4NNepPF45l9idDoTBlxc2bSaubqh 16G7aaT709fI7qD+7o1snBkXm/zklPiT1/vAf0eOpVilnpenvJC1/4IKg4S91UxJ 5iLuOgQidBIzgYP88G+TJbEna+0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSP92kj 0Z4NHduhL5KkTHEqzG27gjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTRhMWNiMzUtOTJkNy00YmMyLTg1NGMtMDk0YTM4MjljNzNlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA QDANBgkqhkiG9w0BAQsFAAOCAQEANjTXBEwZB4d6iOT+mU62wgWW5Rv0b3FYklpC 3kOA4cDI969pVeq4ZNmlzOKzjI6Z0DjJxxJxOA/bwTc0w9H5oqjx03btHvKuswNW wnjHuW6n+GYVwxjGaX2TVoTJytjIOAI3zypgFUi6GTmS4mVR9r5hQvN9+bzyUFbQ x1kUNwbRCLdsSl5UpzwGphAu3JGvqeJ9EKOIauQxXp77DOTh0vwOegq9xFb0rIFD PmrXaFBC81C6Oo8OCht+Eu/GYP3XDiPq9C2nKTw12ZrWnOMOehzcOsBntwj6SdNb XVCcH3BWVMVtZBgawWv6Oo4WAuw6E3ABgvkpq72/GB+wuEKfXQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:57 2025 by rpki-client