This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json) Hash identifier: z4gefxss45bvXJHTWuJGXJPnTryCNXyQlSpNy3qLHEQ= Subject key identifier: 07:80:E9:EC:48:54:9E:22:A6:79:ED:C9:48:66:1E:1D:F7:87:E6:1F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 038E094517472F81E3911383E8F61F61A6463BF3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa Signing time: Wed 10 Dec 2025 05:20:07 +0000 ROA not before: Wed 10 Dec 2025 05:20:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:8e:09:45:17:47:2f:81:e3:91:13:83:e8:f6:1f:61:a6:46:3b:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=8bf3575f6387412803711b2a17c695ad3c3e7758dce96dd222da0775badb3456, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:4c:71:88:7c:e5:26:aa:2e:54:ec:82:e2:9f: a6:05:a8:06:f9:b4:3a:90:0d:67:fd:8a:ef:48:04: 45:27:f2:4e:95:cf:b6:8d:11:c5:01:53:5d:ee:9d: 44:e0:4e:54:1a:6e:61:97:67:57:e3:62:d0:cc:0e: 86:70:af:55:91:e5:66:3b:a4:08:3f:2b:e9:85:b4: 8d:2e:42:31:c1:6d:6d:53:1b:4e:1d:4e:e4:ff:19: f8:9c:0e:da:8d:9b:01:a2:c9:bc:88:6b:7d:dc:7a: 67:24:f8:38:c3:a1:d9:57:e0:4d:1b:0e:bb:0e:d6: ae:94:7f:ab:c0:65:73:09:82:91:85:b9:15:14:63: 8a:28:d1:b9:27:6e:45:90:0a:e1:47:76:c4:84:cf: a5:43:fa:23:77:fc:24:80:a2:1e:3a:60:40:2c:d5: 2a:f9:43:98:46:6f:74:fa:db:d9:2b:08:00:26:63: 61:c1:3f:9c:61:37:2a:80:d7:84:c9:45:55:c2:94: ca:da:f8:10:33:36:7c:76:df:4b:96:22:e7:0b:53: 27:80:93:7b:14:11:ff:58:2e:19:0d:79:f1:40:59: 5d:02:04:86:fe:a2:3c:90:82:33:9c:e5:ae:33:7d: 6a:e3:bd:63:83:a1:61:7f:7b:1a:0e:8c:4a:16:ae: 7e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:80:E9:EC:48:54:9E:22:A6:79:ED:C9:48:66:1E:1D:F7:87:E6:1F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:6000::/40 Signature Algorithm: sha256WithRSAEncryption 32:91:83:a1:b6:6d:87:2d:f7:26:0d:ad:1b:3f:d7:a4:ab:2b: d5:87:90:66:71:6d:db:24:63:21:a5:8b:95:3e:6e:68:0d:4e: d3:0b:02:a6:99:ed:10:64:c3:38:5b:22:66:79:07:72:d4:f4: 35:10:bf:e6:ab:bd:dd:b9:5c:f3:ca:5b:33:40:cd:bc:d0:e3: c0:ac:1c:69:69:fe:f5:b2:6f:a4:89:b9:d6:49:ac:a6:df:de: f9:58:7e:d3:cb:b6:e3:82:68:77:8d:bd:5f:a2:c3:2b:f6:57: 9f:28:af:74:77:4d:e6:4a:15:d5:2f:21:0e:48:47:75:e4:97: fe:11:57:57:13:74:ca:68:a6:11:51:95:a7:66:0b:1d:dd:a8: bd:8e:db:9a:5a:f2:00:22:93:ab:c2:ad:97:70:8a:ad:98:58: cb:35:da:2b:37:f8:ef:2e:87:de:97:27:42:16:13:5b:50:7b: b1:dd:db:bf:e5:35:39:9d:b3:da:b2:26:08:db:50:5e:34:36: 16:f2:db:0d:d0:65:1d:06:0d:59:bd:6b:c4:56:79:fd:85:82: d5:e3:14:68:42:18:86:14:76:6f:bc:83:a6:dc:f8:1c:4e:4f: c2:d8:08:1e:f4:03:99:6f:d9:8a:e1:ef:af:12:e4:78:fd:5f: b7:1e:2a:c7 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUA44JRRdHL4HjkROD6PYfYaZGO/MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDhiZjM1NzVmNjM4NzQxMjgwMzcxMWIyYTE3YzY5NWFkM2MzZTc3NThkY2U5 NmRkMjIyZGEwNzc1YmFkYjM0NTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJFMcYh85SaqLlTsguKfpgWoBvm0OpANZ/2K70gERSfyTpXPto0RxQFTXe6d ROBOVBpuYZdnV+Ni0MwOhnCvVZHlZjukCD8r6YW0jS5CMcFtbVMbTh1O5P8Z+JwO 2o2bAaLJvIhrfdx6ZyT4OMOh2VfgTRsOuw7WrpR/q8BlcwmCkYW5FRRjiijRuSdu RZAK4Ud2xITPpUP6I3f8JICiHjpgQCzVKvlDmEZvdPrb2SsIACZjYcE/nGE3KoDX hMlFVcKUytr4EDM2fHbfS5Yi5wtTJ4CTexQR/1guGQ158UBZXQIEhv6iPJCCM5zl rjN9auO9Y4OhYX97Gg6MShaufpMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHgOns SFSeIqZ57clIZh4d94fmHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg MA0GCSqGSIb3DQEBCwUAA4IBAQAykYOhtm2HLfcmDa0bP9ekqyvVh5BmcW3bJGMh pYuVPm5oDU7TCwKmme0QZMM4WyJmeQdy1PQ1EL/mq73duVzzylszQM280OPArBxp af71sm+kibnWSaym3975WH7Ty7bjgmh3jb1fosMr9lefKK90d03mShXVLyEOSEd1 5Jf+EVdXE3TKaKYRUZWnZgsd3ai9jtuaWvIAIpOrwq2XcIqtmFjLNdorN/jvLofe lydCFhNbUHux3du/5TU5nbPasiYI21BeNDYW8tsN0GUdBg1ZvWvEVnn9hYLV4xRo QhiGFHZvvIOm3PgcTk/C2Age9AOZb9mK4e+vEuR4/V+3HirH -----END CERTIFICATE-----Generated at Tue Dec 16 22:30:09 2025 by rpki-client