This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa File: 36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa (raw, json) Hash identifier: R2C+942+7lGnYiITE+9GIRvoj9/K7G3rrmgMwqhlFNw= Subject key identifier: EC:99:62:18:B2:80:B2:02:55:3C:5B:DD:FB:26:D0:71:63:31:E5:FB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 57485C46D57173697695C0854409F2D6A12C40BE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa Signing time: Wed 10 Dec 2025 06:20:59 +0000 ROA not before: Wed 10 Dec 2025 06:20:59 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:a020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:48:5c:46:d5:71:73:69:76:95:c0:85:44:09:f2:d6:a1:2c:40:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:59 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d5cbca9824a620550f901137fb07bf81c2782c4a56466f169d52136b6d55d720, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:49:ab:02:c1:98:eb:36:35:9b:a9:12:28:1b: 1d:d4:f7:35:43:7e:07:ad:22:c5:79:54:ac:3d:bc: 8d:b5:61:52:e1:e8:4b:6e:d6:52:dd:ea:c0:6c:96: 1b:0c:3a:35:27:98:0f:66:79:07:89:ca:b1:89:1f: 7c:92:12:41:ba:3b:46:d8:c8:b1:f2:7c:d3:93:56: c0:0c:08:0b:eb:ae:4e:56:08:5d:1b:5a:59:e1:0c: 26:f3:0c:6d:de:16:b7:84:2c:ef:c9:2b:bb:b4:e7: e8:62:73:10:4d:52:62:4e:21:12:d6:be:0a:14:58: f7:23:d8:2d:da:14:31:30:cf:1c:03:4d:27:2f:96: fc:10:b0:a0:35:5e:fd:ee:d5:e1:41:4e:a9:28:67: 66:96:c4:ac:82:fd:2c:ee:a9:e3:1d:91:3c:d5:ad: 05:33:27:84:6a:a3:49:b7:68:bf:f5:db:a9:8b:41: 7f:d5:bf:09:eb:46:48:5d:fd:57:2f:61:25:be:fe: a6:df:98:b1:fa:5c:d3:8d:a4:b7:f0:74:3d:2c:cb: 86:c8:c8:4e:74:a4:d6:b6:fa:37:b5:a2:2c:5b:61: b0:96:9b:88:e4:35:94:4a:99:77:b7:0a:08:68:b4: ab:97:b0:b8:6d:20:8a:3b:d7:06:ee:53:28:64:df: e3:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:99:62:18:B2:80:B2:02:55:3C:5B:DD:FB:26:D0:71:63:31:E5:FB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:a020::/48 Signature Algorithm: sha256WithRSAEncryption 8c:0e:ee:96:cd:4f:7a:b7:2f:60:2d:52:df:7f:f7:33:4e:73: c3:65:50:7d:7b:a4:37:94:77:e9:70:34:ad:47:dc:55:56:ac: d2:9a:35:b1:15:95:00:56:13:31:8f:40:12:fa:b3:e3:89:bb: f8:d0:a9:bb:94:12:00:95:a0:4a:cb:89:cc:02:1c:00:40:38: 28:98:aa:f8:7f:f6:87:72:f7:27:40:31:a2:ae:9e:20:96:7d: d0:c3:0a:af:9b:de:96:c6:69:99:69:6d:6a:a5:1f:d8:0c:d7: cd:67:bd:f1:71:80:ba:68:17:a5:95:13:c4:b7:29:cf:1a:2a: a9:2a:ee:d4:aa:d8:a5:d6:4f:c3:e1:90:e0:f1:62:4e:7d:fc: ee:45:b0:1f:1f:fc:d3:06:f1:46:24:db:2e:47:26:2a:e9:55: bd:50:64:dc:24:f9:7c:40:45:92:cb:d9:cd:6f:b7:da:2f:e9: 0e:e1:2e:bc:8f:d6:ff:da:9c:bd:78:e2:31:8e:89:61:5f:05: 76:1d:65:7c:07:7f:45:27:f6:53:a6:24:a4:32:00:8b:11:b2: c3:b5:42:aa:aa:6a:5d:ad:99:c2:39:d4:b9:21:c6:2d:6d:8f: 5a:aa:83:0a:4d:ca:12:03:56:21:2d:09:28:ad:ee:9c:46:69: da:47:b1:f8 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUV0hcRtVxc2l2lcCFRAny1qEsQL4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNTlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ1Y2JjYTk4MjRhNjIwNTUwZjkwMTEzN2ZiMDdiZjgxYzI3ODJjNGE1NjQ2 NmYxNjlkNTIxMzZiNmQ1NWQ3MjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9JqwLBmOs2NZupEigbHdT3NUN+B60ixXlUrD28jbVhUuHoS27WUt3qwGyW Gww6NSeYD2Z5B4nKsYkffJISQbo7RtjIsfJ805NWwAwIC+uuTlYIXRtaWeEMJvMM bd4Wt4Qs78kru7Tn6GJzEE1SYk4hEta+ChRY9yPYLdoUMTDPHANNJy+W/BCwoDVe /e7V4UFOqShnZpbErIL9LO6p4x2RPNWtBTMnhGqjSbdov/XbqYtBf9W/CetGSF39 Vy9hJb7+pt+Ysfpc042kt/B0PSzLhsjITnSk1rb6N7WiLFthsJabiOQ1lEqZd7cK CGi0q5ewuG0gijvXBu5TKGTf4yECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTsmWIY soCyAlU8W937JtBxYzHl+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzZmZGU0YzctMzA1Yy00ZTlkLThkMWYtYmE4NWMzNjUwMjc4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg IDANBgkqhkiG9w0BAQsFAAOCAQEAjA7uls1PercvYC1S33/3M05zw2VQfXukN5R3 6XA0rUfcVVas0po1sRWVAFYTMY9AEvqz44m7+NCpu5QSAJWgSsuJzAIcAEA4KJiq +H/2h3L3J0Axoq6eIJZ90MMKr5velsZpmWltaqUf2AzXzWe98XGAumgXpZUTxLcp zxoqqSru1KrYpdZPw+GQ4PFiTn387kWwHx/80wbxRiTbLkcmKulVvVBk3CT5fEBF ksvZzW+32i/pDuEuvI/W/9qcvXjiMY6JYV8Fdh1lfAd/RSf2U6YkpDIAixGyw7VC qqpqXa2ZwjnUuSHGLW2PWqqDCk3KEgNWIS0JKK3unEZp2kex+A== -----END CERTIFICATE-----Generated at Thu Dec 18 03:52:53 2025 by rpki-client