This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json) Hash identifier: 3cPaTgA7yKjEYgQbPwgr17/uV2Z/AiKhtcEvtBStq3E= Subject key identifier: FD:A7:CB:DC:BB:24:B1:49:13:67:71:76:DF:6C:0A:CF:6E:24:C0:8B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 445E91E11D58EB6E49A49DCB06E3F46E169724A3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa Signing time: Wed 10 Dec 2025 05:40:44 +0000 ROA not before: Wed 10 Dec 2025 05:40:44 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:5e:91:e1:1d:58:eb:6e:49:a4:9d:cb:06:e3:f4:6e:16:97:24:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:44 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=09c007ef9575a50ed32ebae00221275294215f617c901cb4c96846c2b3b728db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:14:1f:ef:cb:df:52:9d:da:3a:97:13:94:1c: 8f:af:cc:ac:c4:56:2d:24:8c:3a:be:9f:b4:62:bc: 9e:8d:25:df:41:2c:04:0e:0e:b0:a9:bc:1e:02:5e: 86:fc:5d:3a:f2:4c:09:b5:54:cb:bd:14:eb:16:65: d9:65:8c:25:a4:63:0c:61:45:08:8e:54:18:83:38: b6:d9:41:b2:1a:6f:ae:cc:5a:ff:c3:87:89:02:06: 23:84:6c:38:13:c1:a6:61:77:cf:bc:36:b9:db:c0: df:e5:5e:c7:c5:6c:85:6f:3d:fa:45:be:7e:99:33: 28:e3:d8:4b:41:74:15:e8:0e:86:61:e6:e2:0d:87: e5:10:8d:89:81:4b:a5:32:b6:81:d1:45:51:5d:23: a6:11:79:98:fa:fb:7e:5d:63:99:06:eb:4f:2c:c3: f1:77:4d:5a:61:1d:8f:f0:23:2c:0a:64:03:b3:99: b9:b9:96:86:12:ab:ba:eb:e4:44:05:90:36:2b:4d: fd:37:d7:0e:14:48:68:30:1f:c4:2f:36:90:2b:d7: 21:7d:43:dd:5b:1e:7f:3a:67:59:14:18:27:a6:49: 1f:9c:de:3e:f5:47:48:4f:36:a0:ef:e4:9e:2d:fa: 30:99:5d:e5:8f:f4:cd:bc:9a:8e:a2:a2:fd:5d:76: 11:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:A7:CB:DC:BB:24:B1:49:13:67:71:76:DF:6C:0A:CF:6E:24:C0:8B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:2000::/40 Signature Algorithm: sha256WithRSAEncryption 43:33:c8:9f:c4:70:d9:76:54:7f:ef:0a:7b:7c:20:ba:8a:a2: f5:8d:86:1f:e4:9e:6d:37:25:cb:8f:d1:79:47:be:6a:a2:31: eb:28:21:a4:1d:4f:e2:21:e6:45:e2:35:90:35:3c:5a:97:04: 49:3b:4c:cb:44:96:98:fd:13:89:b8:e3:ab:fd:d3:9f:3b:a7: 06:62:97:b0:29:ef:f3:f5:3b:d5:d5:44:79:79:a7:cf:9a:f6: bd:d1:e2:4a:1e:77:3b:99:32:32:17:79:0a:68:71:d5:c5:96: c3:4f:93:83:a2:1c:a1:d3:7d:fa:07:0b:9d:ce:a7:ab:1f:94: 5e:bf:ca:e9:73:78:e5:cb:29:f9:93:20:a4:a3:d9:67:e5:d6: b7:47:32:db:36:27:b3:47:30:54:89:ea:69:98:8b:cb:af:6d: 81:a9:75:03:07:b2:a1:21:ff:d9:c3:9e:c8:79:ca:f4:a4:4e: 0c:dc:b2:f2:f1:59:13:96:5d:84:1d:ac:98:31:5e:5a:36:a6: e5:7d:7d:62:99:7c:1f:f6:fa:2d:93:61:4e:59:e0:e8:e2:28: e3:de:d1:b0:fb:f4:d2:eb:a0:11:ae:68:a4:71:a1:c8:fa:33: 54:39:ea:46:61:e4:ce:ea:78:66:d2:79:dd:b7:e0:38:87:4d: d1:6b:84:86 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURF6R4R1Y625JpJ3LBuP0bhaXJKMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA5YzAwN2VmOTU3NWE1MGVkMzJlYmFlMDAyMjEyNzUyOTQyMTVmNjE3Yzkw MWNiNGM5Njg0NmMyYjNiNzI4ZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALEUH+/L31Kd2jqXE5Qcj6/MrMRWLSSMOr6ftGK8no0l30EsBA4OsKm8HgJe hvxdOvJMCbVUy70U6xZl2WWMJaRjDGFFCI5UGIM4ttlBshpvrsxa/8OHiQIGI4Rs OBPBpmF3z7w2udvA3+Vex8VshW89+kW+fpkzKOPYS0F0FegOhmHm4g2H5RCNiYFL pTK2gdFFUV0jphF5mPr7fl1jmQbrTyzD8XdNWmEdj/AjLApkA7OZubmWhhKruuvk RAWQNitN/TfXDhRIaDAfxC82kCvXIX1D3VsefzpnWRQYJ6ZJH5zePvVHSE82oO/k ni36MJld5Y/0zbyajqKi/V12EXMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9p8vc uySxSRNncXbfbArPbiTAizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg MA0GCSqGSIb3DQEBCwUAA4IBAQBDM8ifxHDZdlR/7wp7fCC6iqL1jYYf5J5tNyXL j9F5R75qojHrKCGkHU/iIeZF4jWQNTxalwRJO0zLRJaY/ROJuOOr/dOfO6cGYpew Ke/z9TvV1UR5eafPmva90eJKHnc7mTIyF3kKaHHVxZbDT5ODohyh0336Bwudzqer H5Rev8rpc3jlyyn5kyCko9ln5da3RzLbNiezRzBUieppmIvLr22BqXUDB7KhIf/Z w57Iecr0pE4M3LLy8VkTll2EHayYMV5aNqblfX1imXwf9votk2FOWeDo4ijj3tGw +/TS66ARrmikcaHI+jNUOepGYeTO6nhm0nndt+A4h03Ra4SG -----END CERTIFICATE-----Generated at Tue Dec 16 04:36:02 2025 by rpki-client