This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa File: 301d1d15-dd00-41e7-9f44-49159e46a51a.roa (raw, json) Hash identifier: w7Ncb1MdO/7Onp0ShPOIrEerk4lzXYZzLVvGvs4yacE= Subject key identifier: 35:65:E0:36:38:3A:25:61:73:76:44:9E:9E:F0:52:1A:67:EC:0B:51 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 138FA6FAF1E01F179E17938DA7214E4B3593E854 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa Signing time: Wed 10 Dec 2025 05:50:42 +0000 ROA not before: Wed 10 Dec 2025 05:50:42 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:8040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:8f:a6:fa:f1:e0:1f:17:9e:17:93:8d:a7:21:4e:4b:35:93:e8:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:42 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=dc1bc9e17dd58592d72bbaf711ac58e9fc0892397f03e40015939a580ddd1866, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:da:f3:33:aa:64:d2:cf:12:6f:2c:af:99:91: b5:82:12:02:41:d2:f2:ed:4c:6f:80:cd:b3:f9:2c: 3e:f0:1c:0c:8a:ea:f9:39:59:fa:3f:94:f1:14:22: a9:52:78:c2:7b:54:61:0a:aa:f4:f6:1c:1d:e1:12: 9e:72:a7:47:aa:c7:ba:0b:ca:a0:dc:61:0d:89:77: 85:76:c6:87:e6:17:1b:59:c7:de:f9:d3:34:90:7a: e7:69:c8:6b:8a:46:84:24:d8:16:62:76:55:00:73: f2:94:39:0c:3d:4e:61:1b:7a:12:17:e2:4a:87:86: 45:8d:fe:f0:f8:87:ef:7c:0f:b2:34:84:e3:90:5b: 55:38:e6:9d:e2:ff:52:e1:a3:4d:a4:4c:c8:17:4b: 11:60:42:36:b3:d6:05:58:0d:f2:27:88:34:ca:f5: fa:2f:ec:49:3e:91:76:d8:fc:2b:2e:a8:36:d2:07: ef:9d:3b:22:0c:97:7a:35:17:f8:16:31:9d:7d:f8: 4d:90:64:df:57:7b:59:b1:ef:a8:99:08:6a:1f:de: 7b:63:25:62:a1:a5:99:d8:9b:36:d7:2d:b3:3e:28: 28:14:b3:0f:62:c0:67:34:39:f0:4a:de:bf:ec:19: 51:d6:fa:72:f8:ca:87:aa:f0:1e:62:ef:21:86:d6: 69:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:65:E0:36:38:3A:25:61:73:76:44:9E:9E:F0:52:1A:67:EC:0B:51 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:8040::/48 Signature Algorithm: sha256WithRSAEncryption 0e:8e:10:e5:9f:8d:78:d5:82:81:b4:79:1f:b2:e8:3d:07:44: bb:25:98:db:22:a0:72:a4:d0:60:52:c5:25:0f:cf:84:99:cf: d7:2a:03:84:18:6b:bf:88:eb:87:6d:e9:e0:47:0e:47:c7:b5: bc:a8:e4:35:c2:e9:54:59:82:77:a1:29:67:7f:6c:0a:66:69: 4b:41:10:fb:d8:2c:e0:33:cb:f2:fe:f4:4c:51:98:7d:30:da: 35:02:e2:92:a9:5f:ff:54:42:61:f5:93:04:0c:f2:02:ab:d4: 4e:af:7b:ae:cf:34:56:88:6b:c6:8c:ee:f5:b1:8f:40:42:49: bb:11:6e:11:28:f9:86:40:35:8f:da:09:52:ca:e0:47:aa:31: 61:7d:a9:32:5a:44:0b:50:0e:f3:0b:50:09:3a:ec:ff:bc:ca: ba:2c:1a:c1:9b:ca:e1:17:1d:bd:71:a7:01:7a:4d:0a:91:eb: a1:0d:9a:de:30:89:40:52:71:8a:6b:36:7b:61:c3:48:9e:1d: 45:fa:a7:b7:33:a9:b9:66:9f:d5:fa:88:05:4b:6b:71:b9:bc: e6:c9:14:57:0c:f8:45:c0:f0:69:95:d3:b5:b6:9f:62:b0:41: 6e:49:4c:7e:ef:64:4a:4c:ce:8d:f8:ef:ef:f8:d0:9c:5f:95: 33:dc:d3:29 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUE4+m+vHgHxeeF5ONpyFOSzWT6FQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGRjMWJjOWUxN2RkNTg1OTJkNzJiYmFmNzExYWM1OGU5ZmMwODkyMzk3ZjAz ZTQwMDE1OTM5YTU4MGRkZDE4NjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMfa8zOqZNLPEm8sr5mRtYISAkHS8u1Mb4DNs/ksPvAcDIrq+TlZ+j+U8RQi qVJ4wntUYQqq9PYcHeESnnKnR6rHugvKoNxhDYl3hXbGh+YXG1nH3vnTNJB652nI a4pGhCTYFmJ2VQBz8pQ5DD1OYRt6EhfiSoeGRY3+8PiH73wPsjSE45BbVTjmneL/ UuGjTaRMyBdLEWBCNrPWBVgN8ieINMr1+i/sST6Rdtj8Ky6oNtIH7507IgyXejUX +BYxnX34TZBk31d7WbHvqJkIah/ee2MlYqGlmdibNtctsz4oKBSzD2LAZzQ58Ere v+wZUdb6cvjKh6rwHmLvIYbWaZ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ1ZeA2 ODolYXN2RJ6e8FIaZ+wLUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzAxZDFkMTUtZGQwMC00MWU3LTlmNDQtNDkxNTllNDZhNTFhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA QDANBgkqhkiG9w0BAQsFAAOCAQEADo4Q5Z+NeNWCgbR5H7LoPQdEuyWY2yKgcqTQ YFLFJQ/PhJnP1yoDhBhrv4jrh23p4EcOR8e1vKjkNcLpVFmCd6EpZ39sCmZpS0EQ +9gs4DPL8v70TFGYfTDaNQLikqlf/1RCYfWTBAzyAqvUTq97rs80Vohrxozu9bGP QEJJuxFuESj5hkA1j9oJUsrgR6oxYX2pMlpEC1AO8wtQCTrs/7zKuiwawZvK4Rcd vXGnAXpNCpHroQ2a3jCJQFJxims2e2HDSJ4dRfqntzOpuWaf1fqIBUtrcbm85skU Vwz4RcDwaZXTtbafYrBBbklMfu9kSkzOjfjv7/jQnF+VM9zTKQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:53 2025 by rpki-client