This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json) Hash identifier: qCeQEtRTNeaVw10spYkWSy2VTBUPQ1vnBxoUs4C3fvA= Subject key identifier: 6C:7A:9B:A6:34:51:5F:D9:27:35:B9:71:E9:F1:E5:57:1E:7C:BE:44 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 62384C5DD31079226B04633E511025E3E6E59DAF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa Signing time: Wed 10 Dec 2025 06:11:01 +0000 ROA not before: Wed 10 Dec 2025 06:11:01 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:38:4c:5d:d3:10:79:22:6b:04:63:3e:51:10:25:e3:e6:e5:9d:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:01 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f92b413473a6fbfca7507fa35cc62f8f9742f640532031a29464820a3fc8d764, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:49:fc:32:51:25:ab:25:d7:fb:6e:8f:37:c6: 13:0e:6d:8b:a4:29:2d:21:36:8a:3e:f0:40:a2:89: dd:d0:55:ce:cd:44:e5:2c:a6:b5:ec:61:a1:f8:0d: ab:83:57:07:14:a2:cb:3a:b3:18:e7:19:78:39:4b: 98:06:e9:7f:47:8a:06:c4:d6:2c:3f:65:3a:2f:89: 68:60:2c:b7:37:37:d7:66:c7:f9:61:f2:18:9f:e6: e3:9c:13:c2:b1:bb:f8:f3:6d:ac:e2:d9:a4:aa:bd: ed:06:90:78:d4:ee:91:60:a5:96:8f:02:f6:01:0e: 0c:65:31:df:86:da:69:e5:28:a3:3c:23:78:fa:3c: 0e:a9:58:0e:78:d6:51:0f:b4:97:f2:bd:28:43:0c: 5d:86:1d:85:58:ca:ef:2f:c6:1b:24:fb:66:9c:ed: 56:07:52:04:c3:b0:0c:03:b3:49:6f:72:f5:80:07: fd:05:6e:14:d1:62:89:6a:31:8b:18:d5:c9:91:2c: c7:97:29:03:00:03:35:67:c8:89:0a:f1:5b:49:2f: 93:1a:11:fb:08:58:8e:4a:de:f1:34:17:e2:67:51: 3b:b8:cc:c7:b7:84:13:f3:41:4d:8c:dc:68:fe:f0: a9:8d:11:88:2c:2c:50:79:51:ff:5e:f5:2f:99:d6: d8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:7A:9B:A6:34:51:5F:D9:27:35:B9:71:E9:F1:E5:57:1E:7C:BE:44 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:4000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:a8:ae:ea:b9:cc:97:60:51:29:3c:c2:a8:52:23:81:1e:a1: 0d:38:52:18:60:2e:02:97:d1:1a:5d:1f:33:44:ad:a7:04:6d: 2f:0b:db:b8:e5:bd:26:59:b1:bd:2a:59:b5:5e:d2:60:e9:53: 04:9c:88:0a:16:9d:bb:19:8e:03:d4:c7:cb:63:f4:60:36:86: 72:97:79:b3:f8:1d:7c:f2:50:c7:da:1b:06:1d:35:2a:76:e6: c8:b7:3f:a7:6d:97:c7:71:e5:72:61:b8:d4:d3:e2:01:44:22: b6:0e:37:ec:ab:8c:99:20:bf:b6:92:b3:50:70:fa:47:54:dd: c1:51:d0:f9:44:86:a7:2e:cf:76:7a:47:84:87:86:c8:35:cb: 73:75:e3:37:71:00:9a:7f:a5:34:8f:26:6e:ef:2d:8c:51:6d: e9:3d:1a:f2:11:8c:a2:97:92:32:15:28:ea:f5:a7:5c:0e:fe: 09:e1:1d:06:d1:eb:52:8f:f4:79:21:a8:4a:a6:fb:77:8a:be: 44:01:27:f3:c5:a0:83:ba:2a:9e:94:63:4a:76:96:d4:cb:f5: d7:d3:a0:8e:6d:7c:65:a9:e3:d6:40:db:99:62:7b:2d:c9:ab: c1:7a:9f:fb:2f:ae:54:e7:fb:80:10:09:a4:4e:2a:03:e1:b3: ec:a9:68:14 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYjhMXdMQeSJrBGM+URAl4+blna8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY5MmI0MTM0NzNhNmZiZmNhNzUwN2ZhMzVjYzYyZjhmOTc0MmY2NDA1MzIw MzFhMjk0NjQ4MjBhM2ZjOGQ3NjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALhJ/DJRJasl1/tujzfGEw5ti6QpLSE2ij7wQKKJ3dBVzs1E5SymtexhofgN q4NXBxSiyzqzGOcZeDlLmAbpf0eKBsTWLD9lOi+JaGAstzc312bH+WHyGJ/m45wT wrG7+PNtrOLZpKq97QaQeNTukWCllo8C9gEODGUx34baaeUoozwjePo8DqlYDnjW UQ+0l/K9KEMMXYYdhVjK7y/GGyT7ZpztVgdSBMOwDAOzSW9y9YAH/QVuFNFiiWox ixjVyZEsx5cpAwADNWfIiQrxW0kvkxoR+whYjkre8TQX4mdRO7jMx7eEE/NBTYzc aP7wqY0RiCwsUHlR/171L5nW2CcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsepum NFFf2Sc1uXHp8eVXHny+RDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA MA0GCSqGSIb3DQEBCwUAA4IBAQAOqK7qucyXYFEpPMKoUiOBHqENOFIYYC4Cl9Ea XR8zRK2nBG0vC9u45b0mWbG9Klm1XtJg6VMEnIgKFp27GY4D1MfLY/RgNoZyl3mz +B188lDH2hsGHTUqdubItz+nbZfHceVyYbjU0+IBRCK2Djfsq4yZIL+2krNQcPpH VN3BUdD5RIanLs92ekeEh4bINctzdeM3cQCaf6U0jyZu7y2MUW3pPRryEYyil5Iy FSjq9adcDv4J4R0G0etSj/R5IahKpvt3ir5EASfzxaCDuiqelGNKdpbUy/XX06CO bXxlqePWQNuZYnstyavBep/7L65U5/uAEAmkTioD4bPsqWgU -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:55 2025 by rpki-client