This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json) Hash identifier: XzIisRQrYjoYw7/Vg5Ipxeus5vQ+BepaU4LEUk9YmMY= Subject key identifier: 1B:09:65:66:34:B5:7D:A2:89:32:1C:B5:1B:23:2D:9B:DD:8A:15:01 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 803B7E00B33EE12C67954D8254469415244688 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa Signing time: Wed 10 Dec 2025 05:30:14 +0000 ROA not before: Wed 10 Dec 2025 05:30:14 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 80:3b:7e:00:b3:3e:e1:2c:67:95:4d:82:54:46:94:15:24:46:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:14 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=0ada6287f5c4eab0f8fca338c8b7a7f5ae1a34250176f6a3d65a8c39d1b968e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:9f:93:d3:18:8c:19:bb:7c:0f:c1:78:b6:76: e6:bf:36:d0:ed:c5:4d:74:a6:fa:dc:f8:ae:8a:76: 2a:7c:66:7b:0d:c0:d4:59:b1:85:f2:4c:77:b1:58: 77:0f:92:57:5a:85:da:75:b0:7c:0a:45:97:24:fd: a1:44:f6:ef:8a:93:4f:be:29:a9:e2:b5:77:97:fa: 34:52:7e:9b:dc:8f:02:10:ea:0c:55:e2:38:a1:dc: 17:04:0a:b3:a2:7f:7c:1e:4c:2e:f2:56:39:b8:b6: b4:0b:eb:82:9e:44:09:a6:1f:e0:e4:12:c2:5c:51: 62:c2:11:fb:59:cc:6a:ca:02:15:79:ef:66:fa:0c: 18:9e:20:29:60:d5:f8:f5:38:dc:dd:31:61:7d:b8: 45:0a:c5:f7:09:0c:74:9a:62:2f:52:fe:b2:d7:7b: 20:91:ae:0a:0f:77:d3:18:68:31:8a:8e:6f:cb:05: 4d:eb:16:e1:80:ac:08:71:69:2c:39:a2:34:e0:d8: e8:32:74:4c:0b:22:6c:fc:13:7c:b7:03:2d:42:c7: 9d:a4:9e:db:78:d5:bf:37:4e:2c:5c:cc:49:0e:5e: a1:22:5c:b2:89:db:1d:a9:7f:00:92:c9:24:a7:55: 62:30:23:9b:7c:2d:e6:11:4f:35:50:89:46:21:ea: 33:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:09:65:66:34:B5:7D:A2:89:32:1C:B5:1B:23:2D:9B:DD:8A:15:01 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:40a0::/48 Signature Algorithm: sha256WithRSAEncryption ad:e4:ce:ad:c0:22:f8:b1:97:aa:cc:dd:6f:7b:82:ed:91:f2: 0e:f6:5d:6f:64:ba:75:91:aa:56:69:7d:6e:3d:7b:f6:81:b7: 91:51:59:c8:3c:28:7e:d2:d4:a4:7b:fa:ba:be:93:c7:08:aa: 89:6a:08:e9:f4:34:cc:1b:3c:6d:4c:d2:9b:5d:7d:c7:e6:59: 62:50:ad:21:3c:ee:97:96:b4:b4:93:bb:f0:b4:b9:70:5b:11: c0:02:70:91:b5:ae:ba:c3:16:01:24:b0:5f:2d:a1:0d:79:13: ad:8d:fb:ba:9d:9f:45:a0:69:20:07:af:f1:e6:b9:ab:f1:01: 43:4c:51:0f:3a:b6:8d:9b:07:a2:73:44:74:14:f2:ce:c7:86: 32:e8:fd:7f:af:fa:3f:1a:a6:8a:25:60:08:69:92:93:e8:cb: 37:8c:cd:a0:39:3f:51:cf:e8:c2:fd:40:c2:28:d5:79:5a:c8: a6:49:74:a8:f3:bd:a7:28:2e:de:b4:1c:99:4a:84:9e:6b:95: 10:25:62:85:03:71:c4:0e:50:f8:6c:fd:df:46:7d:b9:b2:03: f0:e1:f9:83:8b:e9:2e:bb:00:80:5a:b6:61:15:60:9b:29:13: 5b:4f:1c:41:fc:b1:82:0c:b4:b0:2d:4f:e3:ad:10:16:8a:75: e8:47:64:b7 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUAIA7fgCzPuEsZ5VNglRGlBUkRogwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwMTRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDBhZGE2Mjg3ZjVjNGVhYjBmOGZjYTMzOGM4YjdhN2Y1YWUxYTM0MjUwMTc2 ZjZhM2Q2NWE4YzM5ZDFiOTY4ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJufk9MYjBm7fA/BeLZ25r820O3FTXSm+tz4rop2Knxmew3A1FmxhfJMd7FY dw+SV1qF2nWwfApFlyT9oUT274qTT74pqeK1d5f6NFJ+m9yPAhDqDFXiOKHcFwQK s6J/fB5MLvJWObi2tAvrgp5ECaYf4OQSwlxRYsIR+1nMasoCFXnvZvoMGJ4gKWDV +PU43N0xYX24RQrF9wkMdJpiL1L+std7IJGuCg930xhoMYqOb8sFTesW4YCsCHFp LDmiNODY6DJ0TAsibPwTfLcDLULHnaSe23jVvzdOLFzMSQ5eoSJcsonbHal/AJLJ JKdVYjAjm3wt5hFPNVCJRiHqM5sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbCWVm NLV9ookyHLUbIy2b3YoVATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A oDANBgkqhkiG9w0BAQsFAAOCAQEAreTOrcAi+LGXqszdb3uC7ZHyDvZdb2S6dZGq Vml9bj179oG3kVFZyDwoftLUpHv6ur6TxwiqiWoI6fQ0zBs8bUzSm119x+ZZYlCt ITzul5a0tJO78LS5cFsRwAJwkbWuusMWASSwXy2hDXkTrY37up2fRaBpIAev8ea5 q/EBQ0xRDzq2jZsHonNEdBTyzseGMuj9f6/6PxqmiiVgCGmSk+jLN4zNoDk/Uc/o wv1AwijVeVrIpkl0qPO9pygu3rQcmUqEnmuVECVihQNxxA5Q+Gz930Z9ubID8OH5 g4vpLrsAgFq2YRVgmykTW08cQfyxggy0sC1P460QFop16Edktw== -----END CERTIFICATE-----Generated at Mon Dec 15 19:52:18 2025 by rpki-client