This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json) Hash identifier: iKsKFMgJ+XSd1D2YafB7pCuKcJ2Ks0LQE2r1B1szJhk= Subject key identifier: 26:6F:D8:6B:EB:FD:2C:93:D9:E1:AE:6C:33:DA:CF:00:3A:CA:0F:E9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0A0C53AC15F50AE4BDEAF6222D5C6CA3A9CC0E3A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa Signing time: Wed 10 Dec 2025 05:50:40 +0000 ROA not before: Wed 10 Dec 2025 05:50:40 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:0c:53:ac:15:f5:0a:e4:bd:ea:f6:22:2d:5c:6c:a3:a9:cc:0e:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:40 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b01367a47e211a1dfce8d62e74d20665ebe2b8b7b0ecac672e6c9045a3c23f94, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e3:3b:b3:3b:3f:1c:18:c9:1d:3f:b0:f2:d4: ca:3d:d8:d7:01:3d:20:ff:50:0d:a4:00:80:58:30: 75:c1:fe:69:27:a2:92:ef:c0:eb:09:ff:b1:8a:d0: f5:01:3d:a5:af:9b:9e:03:83:fe:28:6a:54:28:c4: 4e:26:9e:0c:1e:f8:ec:f3:a7:c4:fb:f9:62:54:95: 08:4c:80:3e:7e:c5:1b:28:ac:62:b9:01:1a:52:13: 61:48:f2:94:5c:de:f9:b9:4a:b6:fb:94:17:fe:86: 83:4f:43:c0:f6:fe:b9:9e:38:77:f6:bf:59:91:87: 6e:ea:fb:4d:28:59:e0:93:fb:e6:1c:08:c5:93:b7: bf:5b:e1:a2:d1:d3:ea:13:34:44:94:cc:13:df:52: 97:f6:63:ae:88:18:7f:36:ff:11:c5:4b:3e:7e:b0: e1:5f:f3:ad:07:4c:23:b7:cb:ae:0c:93:03:fe:d9: a0:53:9e:7a:0c:6a:85:3e:24:99:53:98:36:89:08: b5:6c:d3:15:a0:ad:25:40:4a:fc:f3:6a:91:ca:e1: 37:d8:f1:61:8d:b1:eb:d6:1d:ec:e9:64:0c:af:30: 66:99:f0:80:73:e7:ea:9b:d0:fb:ed:01:a2:ef:ea: 48:a3:4a:40:a6:30:46:6e:d2:b9:27:43:66:a2:49: 1a:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:6F:D8:6B:EB:FD:2C:93:D9:E1:AE:6C:33:DA:CF:00:3A:CA:0F:E9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:8000::/40 Signature Algorithm: sha256WithRSAEncryption 4d:71:fe:c4:67:ac:41:e3:b6:60:8d:9a:b4:0f:ea:7a:e3:db: ca:88:5b:af:2a:4a:6e:a1:68:fc:0f:67:b1:ee:05:98:ae:de: ba:31:51:bd:c5:b2:cf:02:d3:69:67:c3:6e:de:f0:b5:00:6a: f4:11:f3:ce:b3:bb:26:9d:4b:76:76:cf:92:a1:c9:11:6c:44: 97:38:ac:25:c3:a5:0e:c3:f6:67:ba:10:0d:70:29:48:e8:29: 9e:bd:16:74:12:aa:72:aa:0f:01:c8:88:3a:21:30:1b:d4:94: 8e:4f:51:6e:62:76:4a:ea:1e:7a:7f:f9:bc:02:85:d6:82:c3: 0a:df:60:f8:70:d5:60:e2:82:89:e0:b7:f0:ed:9f:d9:8a:0f: b9:2d:37:1c:1d:60:76:47:4e:e9:0b:3e:72:9d:a9:d8:73:a9: 31:d1:e8:c3:8a:cb:02:69:9a:d7:b5:21:4a:e0:49:0e:b8:d0: 17:67:0e:d1:41:9a:d7:53:5f:0a:d0:eb:d3:a3:c3:3f:84:77: cf:4d:60:b0:fd:60:b1:f3:d9:22:c9:cd:a1:45:cd:fe:2b:28: 27:6a:81:58:07:4c:c8:e8:90:a9:f9:c4:44:cf:c3:a7:c8:5b: bf:8a:2e:06:98:bf:4e:f6:69:16:64:cb:e4:ec:c7:8f:52:c6: b3:f9:21:ad -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUCgxTrBX1CuS96vYiLVxso6nMDjowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwNDBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGIwMTM2N2E0N2UyMTFhMWRmY2U4ZDYyZTc0ZDIwNjY1ZWJlMmI4YjdiMGVj YWM2NzJlNmM5MDQ1YTNjMjNmOTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfjO7M7PxwYyR0/sPLUyj3Y1wE9IP9QDaQAgFgwdcH+aSeiku/A6wn/sYrQ 9QE9pa+bngOD/ihqVCjETiaeDB747POnxPv5YlSVCEyAPn7FGyisYrkBGlITYUjy lFze+blKtvuUF/6Gg09DwPb+uZ44d/a/WZGHbur7TShZ4JP75hwIxZO3v1vhotHT 6hM0RJTME99Sl/ZjrogYfzb/EcVLPn6w4V/zrQdMI7fLrgyTA/7ZoFOeegxqhT4k mVOYNokItWzTFaCtJUBK/PNqkcrhN9jxYY2x69Yd7OlkDK8wZpnwgHPn6pvQ++0B ou/qSKNKQKYwRm7SuSdDZqJJGo0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmb9hr 6/0sk9nhrmwz2s8AOsoP6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA MA0GCSqGSIb3DQEBCwUAA4IBAQBNcf7EZ6xB47ZgjZq0D+p649vKiFuvKkpuoWj8 D2ex7gWYrt66MVG9xbLPAtNpZ8Nu3vC1AGr0EfPOs7smnUt2ds+SockRbESXOKwl w6UOw/ZnuhANcClI6CmevRZ0Eqpyqg8ByIg6ITAb1JSOT1FuYnZK6h56f/m8AoXW gsMK32D4cNVg4oKJ4Lfw7Z/Zig+5LTccHWB2R07pCz5ynanYc6kx0ejDissCaZrX tSFK4EkOuNAXZw7RQZrXU18K0OvTo8M/hHfPTWCw/WCx89kiyc2hRc3+KygnaoFY B0zI6JCp+cREz8OnyFu/ii4GmL9O9mkWZMvk7MePUsaz+SGt -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:52 2025 by rpki-client