This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa File: 70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa (raw, json) Hash identifier: aSxlq6XgUEPdrN7aiO/95MMfjMBr9dOv0HEUl1BOeSE= Subject key identifier: 26:F8:3A:75:B1:38:4E:BF:B1:E5:5F:48:C4:94:FA:90:C4:5F:FA:4F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 74C15228796965BC0045303EF644249100810DC9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa Signing time: Wed 10 Dec 2025 06:01:23 +0000 ROA not before: Wed 10 Dec 2025 06:01:23 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:c1:52:28:79:69:65:bc:00:45:30:3e:f6:44:24:91:00:81:0d:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:23 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=19a8da7495b7f65efcf696c5524886d0a713d8ce428369f2434b75481bd981f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:90:27:19:c7:64:e3:c9:48:4b:0a:81:19:99: 0a:c9:37:9e:4d:1c:19:c2:8c:36:01:88:5a:d0:b5: 2f:5f:91:d3:bf:1b:5c:54:c4:18:4c:31:41:1d:42: 16:3a:54:5a:44:9c:39:88:0a:34:c6:47:f8:09:92: 1d:12:64:c8:63:e2:64:6d:94:1b:c5:91:28:c0:9c: a5:9c:a1:49:76:f4:04:bc:99:a1:71:c1:e2:0d:61: 4c:7a:61:01:5a:b8:c1:27:f1:78:f5:2e:11:cb:7d: da:d4:99:63:8f:bc:fc:6c:85:09:3a:ae:85:cc:39: 89:68:26:28:cb:29:82:94:54:01:57:a1:81:3b:e2: 30:e2:e0:75:d4:4c:91:47:69:cf:72:86:57:19:19: 1d:48:01:0e:bb:d6:d4:54:99:b6:f5:14:54:47:78: 3d:c4:65:09:59:de:5d:b3:b5:94:fc:52:9b:de:2f: 30:69:0f:58:b0:9a:4f:18:3b:62:bb:25:f0:54:4c: dc:a5:00:9e:6a:1f:38:c5:ab:24:44:ab:83:88:f7: 35:e9:59:3c:0c:6d:d3:15:e0:b3:54:39:5d:62:e5: d6:b6:b8:3e:fd:3d:d5:b8:b8:34:99:f3:8e:1d:67: 67:b5:2c:75:69:97:a5:dc:fb:65:14:67:06:4c:69: a0:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:F8:3A:75:B1:38:4E:BF:B1:E5:5F:48:C4:94:FA:90:C4:5F:FA:4F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:e000::/40 Signature Algorithm: sha256WithRSAEncryption 00:b1:39:af:af:22:e8:c2:b5:fb:23:8b:92:2b:fc:44:b8:24: d9:9d:42:71:de:59:a6:60:d4:98:11:9b:e3:87:0e:e5:33:21: c9:8d:62:8b:28:0d:02:67:d8:0a:5d:cb:af:c5:4f:c9:16:04: cc:14:08:5b:03:b8:45:83:af:44:71:0e:12:d7:c5:ea:44:aa: 4e:ca:9e:15:1b:76:2c:a8:1e:fa:bb:5b:20:ff:8b:79:9a:45: 96:a4:af:fc:ac:b9:21:68:a3:79:23:2a:70:cc:a4:99:99:7f: d7:b2:aa:45:e5:4e:2f:1a:2e:e5:2b:93:ed:4e:7f:d1:96:fd: ef:3f:d6:76:39:48:9e:be:3e:7a:70:06:7b:d9:a9:2c:19:33: ed:41:92:a4:55:b3:17:24:18:98:1f:a1:fe:0b:f3:c4:e7:77: 5f:3b:be:b1:6f:1e:49:72:db:0e:f6:0a:0b:ee:32:28:45:20: ab:ab:b6:f1:37:bb:4f:93:97:63:45:3c:18:1d:ce:21:d7:bf: f2:4a:94:bf:12:dd:b0:30:1f:69:6d:14:e2:76:2f:7b:ed:8f: 3e:aa:66:95:a6:e7:2e:d2:52:ee:08:10:7a:f1:b1:b9:4f:4d: fa:ec:7f:99:9b:cd:f2:ee:e3:9b:c2:11:19:42:1b:ca:aa:37: b3:6e:40:0a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdMFSKHlpZbwARTA+9kQkkQCBDckwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMjNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDE5YThkYTc0OTViN2Y2NWVmY2Y2OTZjNTUyNDg4NmQwYTcxM2Q4Y2U0Mjgz NjlmMjQzNGI3NTQ4MWJkOTgxZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuQJxnHZOPJSEsKgRmZCsk3nk0cGcKMNgGIWtC1L1+R078bXFTEGEwxQR1C FjpUWkScOYgKNMZH+AmSHRJkyGPiZG2UG8WRKMCcpZyhSXb0BLyZoXHB4g1hTHph AVq4wSfxePUuEct92tSZY4+8/GyFCTquhcw5iWgmKMspgpRUAVehgTviMOLgddRM kUdpz3KGVxkZHUgBDrvW1FSZtvUUVEd4PcRlCVneXbO1lPxSm94vMGkPWLCaTxg7 Yrsl8FRM3KUAnmofOMWrJESrg4j3NelZPAxt0xXgs1Q5XWLl1ra4Pv091bi4NJnz jh1nZ7UsdWmXpdz7ZRRnBkxpoFcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQm+Dp1 sThOv7HlX0jElPqQxF/6TzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzBhMmJjNmYtYWUwZi00ZjEzLTk0OTktNzhjNTA1YTVmN2M5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fjg MA0GCSqGSIb3DQEBCwUAA4IBAQAAsTmvryLowrX7I4uSK/xEuCTZnUJx3lmmYNSY EZvjhw7lMyHJjWKLKA0CZ9gKXcuvxU/JFgTMFAhbA7hFg69EcQ4S18XqRKpOyp4V G3YsqB76u1sg/4t5mkWWpK/8rLkhaKN5IypwzKSZmX/XsqpF5U4vGi7lK5PtTn/R lv3vP9Z2OUievj56cAZ72aksGTPtQZKkVbMXJBiYH6H+C/PE53dfO76xbx5JctsO 9goL7jIoRSCrq7bxN7tPk5djRTwYHc4h17/ySpS/Et2wMB9pbRTidi977Y8+qmaV pucu0lLuCBB68bG5T0367H+Zm83y7uObwhEZQhvKqjezbkAK -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:32 2025 by rpki-client