This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa File: 1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa (raw, json) Hash identifier: CMoPqZ+/xcJp3O9Y3t3IBktunce3O7v2KcGlQiFu0+0= Subject key identifier: 10:9D:66:69:26:99:A9:D3:16:36:C6:9F:A6:B1:66:F8:2C:29:80:0E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 705A6E2A97A15C9DD82F3A50B98754D579D89011 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa Signing time: Wed 10 Dec 2025 05:10:12 +0000 ROA not before: Wed 10 Dec 2025 05:10:12 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:5a:6e:2a:97:a1:5c:9d:d8:2f:3a:50:b9:87:54:d5:79:d8:90:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:10:12 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=5c1b09d4875eb593c07837433fbc02830128ae728fe2314cce08124c6e26c41f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6b:10:bf:8a:f6:05:1d:51:34:a7:89:c3:f8: 8d:a8:5b:6c:ad:83:1b:f9:47:25:1c:7f:25:3a:19: 6e:59:32:9c:53:b2:12:73:01:74:84:70:73:8c:2f: c4:37:1f:85:f6:bf:65:c7:0f:0e:f3:ce:4b:ce:5e: 95:32:3d:21:de:b9:bd:d4:c2:f9:08:1b:c2:6a:73: 35:c8:95:a4:96:c7:f8:21:d1:1a:38:96:6a:25:c8: 5f:c4:d0:c4:95:28:24:e5:81:c3:d9:00:03:ad:d3: bc:e5:d0:08:43:cb:df:f8:fc:2a:01:8c:f1:73:47: bb:e9:8f:6a:fa:dc:c1:22:6f:67:cd:5d:97:ea:6f: 90:be:3a:74:5b:e4:5e:de:63:b2:c8:e9:0e:b2:6f: c9:91:1a:a2:84:78:b6:ce:d7:47:0b:41:fe:52:19: b9:2a:77:af:6b:a1:9d:33:e9:aa:dd:3f:ab:6b:66: 5a:f2:63:75:1b:04:78:dd:9c:14:2c:b7:aa:1d:2e: 27:0d:99:57:e8:62:48:39:61:f1:e3:69:76:26:80: 43:54:56:01:0e:5f:18:54:a3:8c:bc:ad:c7:16:86: 7a:1d:d3:9c:0f:3e:d6:d1:41:b2:28:da:d9:f1:7c: 8e:1b:52:d1:5c:86:8b:cf:a4:98:86:7d:1f:02:c8: 46:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:9D:66:69:26:99:A9:D3:16:36:C6:9F:A6:B1:66:F8:2C:29:80:0E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:e000::/40 Signature Algorithm: sha256WithRSAEncryption 5d:03:f8:78:fe:5d:8e:6e:9b:b5:13:fd:46:0b:fd:8b:a2:76: 4b:12:06:52:84:cb:26:df:7d:9c:f7:68:3d:fa:cb:f6:1d:76: cc:7e:9d:79:6d:b7:1a:10:ce:45:8d:bc:ff:8b:6f:f4:24:2d: 34:35:e4:28:aa:84:f1:a8:de:0a:76:8d:62:7e:9d:38:68:21: a8:77:e4:03:5b:e2:80:99:50:8a:c6:44:20:90:d4:6c:b3:47: b4:75:4b:6d:37:3b:1d:20:40:9b:03:3b:55:93:43:92:51:47: 96:d4:c7:3f:bb:eb:6d:ef:a3:24:4e:91:12:35:8c:e9:4e:dd: 2d:2f:65:dd:d3:10:18:b6:94:cc:bb:62:1b:03:e8:57:1c:6d: e2:b6:8c:1c:e5:c7:85:7a:11:7f:5d:8c:83:fc:cc:46:ef:51: a3:d5:95:69:72:65:5d:4a:87:35:d7:a9:9e:33:aa:04:0d:ee: 68:91:66:eb:a1:de:db:d8:2c:22:b2:12:1e:85:e9:42:43:57: e5:b8:d4:e2:91:45:32:b8:65:fb:33:76:c5:30:60:e0:d1:f6: 27:db:f2:5c:74:e7:c0:06:28:88:19:df:8d:56:0b:d0:e3:7f: fb:63:46:2a:d1:de:16:c0:81:f5:48:7e:35:6e:52:bb:3d:68: 9c:64:f9:ab -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUcFpuKpehXJ3YLzpQuYdU1XnYkBEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTEwMTJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDVjMWIwOWQ0ODc1ZWI1OTNjMDc4Mzc0MzNmYmMwMjgzMDEyOGFlNzI4ZmUy MzE0Y2NlMDgxMjRjNmUyNmM0MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMxrEL+K9gUdUTSnicP4jahbbK2DG/lHJRx/JToZblkynFOyEnMBdIRwc4wv xDcfhfa/ZccPDvPOS85elTI9Id65vdTC+QgbwmpzNciVpJbH+CHRGjiWaiXIX8TQ xJUoJOWBw9kAA63TvOXQCEPL3/j8KgGM8XNHu+mPavrcwSJvZ81dl+pvkL46dFvk Xt5jssjpDrJvyZEaooR4ts7XRwtB/lIZuSp3r2uhnTPpqt0/q2tmWvJjdRsEeN2c FCy3qh0uJw2ZV+hiSDlh8eNpdiaAQ1RWAQ5fGFSjjLytxxaGeh3TnA8+1tFBsija 2fF8jhtS0VyGi8+kmIZ9HwLIRvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQnWZp Jpmp0xY2xp+msWb4LCmADjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWNjZmEzNjQtMDdhYi00YTVlLTgxYTktOTlmOWQ2YjNhMDY3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g MA0GCSqGSIb3DQEBCwUAA4IBAQBdA/h4/l2Obpu1E/1GC/2LonZLEgZShMsm332c 92g9+sv2HXbMfp15bbcaEM5Fjbz/i2/0JC00NeQoqoTxqN4Kdo1ifp04aCGod+QD W+KAmVCKxkQgkNRss0e0dUttNzsdIECbAztVk0OSUUeW1Mc/u+tt76MkTpESNYzp Tt0tL2Xd0xAYtpTMu2IbA+hXHG3itowc5ceFehF/XYyD/MxG71Gj1ZVpcmVdSoc1 16meM6oEDe5okWbrod7b2CwishIehelCQ1fluNTikUUyuGX7M3bFMGDg0fYn2/Jc dOfABiiIGd+NVgvQ43/7Y0Yq0d4WwIH1SH41blK7PWicZPmr -----END CERTIFICATE-----Generated at Tue Dec 16 09:42:42 2025 by rpki-client