This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa File: 1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa (raw, json) Hash identifier: 1ezebmostYx7d4fAYJBTz6vpNeJK0uqSa1kF3Yy3WUA= Subject key identifier: 9E:4D:84:E9:75:FC:49:98:6E:D8:79:AA:F3:EA:13:35:CE:2C:E6:29 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 29AF5E5162DD22726327B1E64EE609B0EEBDFDDE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa Signing time: Wed 10 Dec 2025 06:20:58 +0000 ROA not before: Wed 10 Dec 2025 06:20:58 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:af:5e:51:62:dd:22:72:63:27:b1:e6:4e:e6:09:b0:ee:bd:fd:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:58 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=836c80789d42bc528b4fba91c68d4d275b92ef45c31a4ff0a33bfef2c909829b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:6c:a6:03:99:02:3e:0e:d0:66:40:e5:c1:3c: df:91:da:29:38:5c:07:26:7d:24:80:03:95:7a:0c: b2:ca:ba:be:75:38:2b:54:49:fd:87:c7:b5:5a:44: a9:c6:29:33:6b:9e:4c:fa:e9:0c:c2:58:90:0e:05: 94:a2:0d:44:56:a6:85:d9:17:f5:24:dc:d1:47:f5: 3a:20:34:be:bd:fa:10:61:0f:f9:fa:59:7d:c0:cd: b4:85:0f:ae:8b:1e:68:ee:45:69:a9:5e:28:4a:b5: 7e:42:0a:41:ce:e5:d6:a0:8c:d1:e8:75:bc:c1:64: 9b:1a:db:07:e7:23:a5:c4:59:4b:0f:b7:43:3e:02: 3b:fb:0b:67:5d:15:04:2e:0e:13:65:51:8f:2b:26: 01:26:9c:08:12:ae:a2:06:b4:d8:55:72:b5:7d:bb: cc:c9:6a:2d:cb:eb:f1:09:c7:0a:0c:46:ca:de:6e: 6d:21:95:04:1d:f7:86:23:68:0c:4d:f9:d4:2d:88: e9:01:d4:f8:6d:f7:2f:05:50:cc:f9:f4:37:bc:94: 55:c8:0f:b6:f7:5d:5d:10:0c:8f:93:fa:37:9e:ab: b6:08:4f:48:7a:d6:1d:87:2e:6b:33:3a:24:80:63: ef:8c:3a:e7:5f:df:61:5c:23:45:48:f2:86:24:64: e1:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:4D:84:E9:75:FC:49:98:6E:D8:79:AA:F3:EA:13:35:CE:2C:E6:29 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:8080::/48 Signature Algorithm: sha256WithRSAEncryption 3e:04:33:b8:92:80:2b:1d:b6:dd:ff:49:78:91:50:c8:8f:71: 25:46:35:9f:d2:a4:cf:b3:59:79:08:a6:58:c0:9f:b2:da:6b: 02:cf:12:4c:4f:f7:b7:cf:4f:8a:2e:ca:0c:f8:fc:37:f8:f9: 73:78:c7:d0:25:d8:30:9c:9e:b9:50:fa:54:f3:d6:f9:4a:bc: c2:80:7a:7e:c2:cd:c2:61:e0:25:6c:0d:66:fa:9a:99:ad:12: 28:26:7d:c1:6a:36:f9:4f:f8:93:94:20:93:a4:ba:3c:50:d9: f0:32:03:dd:94:31:52:b6:90:ac:ef:3a:a4:3a:e6:7e:c1:6c: 0b:5f:78:e2:a7:bf:bb:52:5b:1e:95:d9:70:88:db:75:6e:df: c0:bc:2f:04:09:87:bd:2a:42:eb:02:09:c3:87:0c:97:48:35: 5d:88:f7:2e:d1:1e:60:de:1a:a4:11:d3:bd:51:65:91:80:16: 59:66:02:aa:5b:59:cc:15:7f:af:63:55:b8:8e:a7:ed:53:73: bc:aa:4c:23:45:dc:2a:ef:5e:2d:c0:5d:88:8c:29:01:30:f7: 16:62:c4:3d:59:e7:a0:ca:84:74:ec:13:29:10:5a:37:e6:e5: 41:4b:c5:2c:e2:0a:29:2f:78:8c:c5:06:5c:87:88:50:fd:7b: 4b:e1:2e:fb -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUKa9eUWLdInJjJ7HmTuYJsO69/d4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNThaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDgzNmM4MDc4OWQ0MmJjNTI4YjRmYmE5MWM2OGQ0ZDI3NWI5MmVmNDVjMzFh NGZmMGEzM2JmZWYyYzkwOTgyOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJxspgOZAj4O0GZA5cE835HaKThcByZ9JIADlXoMssq6vnU4K1RJ/YfHtVpE qcYpM2ueTPrpDMJYkA4FlKINRFamhdkX9STc0Uf1OiA0vr36EGEP+fpZfcDNtIUP roseaO5FaaleKEq1fkIKQc7l1qCM0eh1vMFkmxrbB+cjpcRZSw+3Qz4CO/sLZ10V BC4OE2VRjysmASacCBKuoga02FVytX27zMlqLcvr8QnHCgxGyt5ubSGVBB33hiNo DE351C2I6QHU+G33LwVQzPn0N7yUVcgPtvddXRAMj5P6N56rtghPSHrWHYcuazM6 JIBj74w651/fYVwjRUjyhiRk4fUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSeTYTp dfxJmG7Yearz6hM1zizmKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWE4ZDllMTQtY2ZhOS00NDAwLWFmYTgtYjhjMGQ5ZWVlNGU0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA gDANBgkqhkiG9w0BAQsFAAOCAQEAPgQzuJKAKx223f9JeJFQyI9xJUY1n9Kkz7NZ eQimWMCfstprAs8STE/3t89Pii7KDPj8N/j5c3jH0CXYMJyeuVD6VPPW+Uq8woB6 fsLNwmHgJWwNZvqama0SKCZ9wWo2+U/4k5Qgk6S6PFDZ8DID3ZQxUraQrO86pDrm fsFsC1944qe/u1JbHpXZcIjbdW7fwLwvBAmHvSpC6wIJw4cMl0g1XYj3LtEeYN4a pBHTvVFlkYAWWWYCqltZzBV/r2NVuI6n7VNzvKpMI0XcKu9eLcBdiIwpATD3FmLE PVnnoMqEdOwTKRBaN+blQUvFLOIKKS94jMUGXIeIUP17S+Eu+w== -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:51 2025 by rpki-client