This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa File: dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa (raw, json) Hash identifier: JXB/v4ii5nkDFxgt0CNBWPEsR8U+Uh8PUl3QgDVsi/c= Subject key identifier: 87:26:03:CB:71:2D:A6:2B:FB:26:96:6E:F9:65:4C:8F:25:2D:76:7C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 205022A1BF4AC39662595AFA705E1C385E2B3749 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa Signing time: Wed 10 Dec 2025 06:21:29 +0000 ROA not before: Wed 10 Dec 2025 06:21:29 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:50:22:a1:bf:4a:c3:96:62:59:5a:fa:70:5e:1c:38:5e:2b:37:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:29 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1571e4eb7a0276bd898ad081bcc3587abd096b989f3f24e35c69160187dace97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a5:c3:17:fb:be:17:52:da:d3:15:bf:75:27: 3f:f1:d3:db:ae:93:3d:82:44:21:e6:0f:33:26:a2: a1:0d:15:c8:59:ed:6c:ac:98:39:32:b9:56:f4:ec: c4:88:40:a1:aa:15:3a:41:10:71:31:97:6c:b6:a7: 2d:36:de:4e:0a:42:92:d8:54:c9:25:52:5d:7a:1d: d2:65:6d:67:c0:19:65:f0:c9:d5:a4:51:01:53:7f: e0:e1:91:23:8b:0d:ec:7a:b4:09:fc:71:8a:81:c5: 5f:76:08:6f:8b:e9:7d:28:0f:cd:5b:db:54:20:5d: 2e:55:b7:66:9a:8b:ba:db:32:92:1d:7c:d9:40:d2: 93:33:fa:df:1c:26:01:f8:ea:3c:88:20:0c:d2:1a: 13:e4:d0:35:7d:e1:59:65:fc:7e:69:c0:70:b9:59: dd:9d:ec:49:6f:3c:81:a8:b5:04:cb:21:e8:d0:62: 56:97:d5:25:37:ea:6c:b9:c7:ab:83:dc:ae:c9:51: 0e:47:38:31:d1:c0:f8:99:4a:b0:ed:b9:ed:41:04: 79:ed:ab:18:e1:ce:45:75:42:e8:0c:a1:61:25:33: ec:e8:08:91:a1:e2:9b:c2:79:0d:0a:39:75:1a:bb: 4b:6a:b6:22:83:c0:e5:b5:61:60:47:36:b9:47:5e: d1:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:26:03:CB:71:2D:A6:2B:FB:26:96:6E:F9:65:4C:8F:25:2D:76:7C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:9040::/48 Signature Algorithm: sha256WithRSAEncryption 39:1e:61:ab:0b:1e:5d:e6:a6:4f:42:cb:a5:ae:80:b5:fd:e8: 8e:ee:96:39:10:17:78:9a:18:5d:5a:aa:c4:28:eb:20:7b:3d: 5f:91:4c:9e:e3:dc:ab:d2:20:ee:ef:31:f8:ec:6a:e0:da:17: 3e:08:f9:f1:29:a2:a8:e8:1e:b0:bb:62:ac:5a:2b:97:98:6b: 53:d8:5a:a4:95:c1:ee:fc:8b:6d:f9:6d:64:34:b3:22:0c:f8: a9:65:62:bc:05:03:55:87:82:f4:de:ad:66:a6:a2:f3:4d:37: 9d:25:6d:0e:eb:0d:de:a8:fc:4c:ea:29:45:77:0e:9f:9b:50: 7d:aa:c4:e2:15:20:74:b8:0a:35:df:5a:a6:ae:96:6e:51:ca: bc:ae:89:bc:be:db:c6:7e:2a:0a:7d:a9:38:d0:d0:2e:d3:0f: 4b:6d:24:cd:21:39:a3:0d:61:eb:88:76:e1:e6:86:ff:dd:ef: 9d:18:c9:1c:a0:95:d3:07:39:17:c3:18:3f:0e:35:c3:0c:d0: 6f:38:da:1f:4a:f1:c0:c8:8d:ac:49:1a:f7:62:e9:59:62:96: 3c:b4:6b:62:31:42:6a:ad:4c:91:db:0a:90:a3:57:06:a7:13: 10:a7:d9:96:04:e6:9f:5b:6d:42:0e:7d:2e:1b:13:e4:05:36: 13:94:ef:35 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUIFAiob9Kw5ZiWVr6cF4cOF4rN0kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMjlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDE1NzFlNGViN2EwMjc2YmQ4OThhZDA4MWJjYzM1ODdhYmQwOTZiOTg5ZjNm MjRlMzVjNjkxNjAxODdkYWNlOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANClwxf7vhdS2tMVv3UnP/HT266TPYJEIeYPMyaioQ0VyFntbKyYOTK5VvTs xIhAoaoVOkEQcTGXbLanLTbeTgpCkthUySVSXXod0mVtZ8AZZfDJ1aRRAVN/4OGR I4sN7Hq0CfxxioHFX3YIb4vpfSgPzVvbVCBdLlW3ZpqLutsykh182UDSkzP63xwm AfjqPIggDNIaE+TQNX3hWWX8fmnAcLlZ3Z3sSW88gai1BMsh6NBiVpfVJTfqbLnH q4PcrslRDkc4MdHA+JlKsO257UEEee2rGOHORXVC6AyhYSUz7OgIkaHim8J5DQo5 dRq7S2q2IoPA5bVhYEc2uUde0YcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHJgPL cS2mK/smlm75ZUyPJS12fDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGMwYWFiNGUtOWRiYy00YjY4LTkzOGQtODAyMDJlM2QwYmQwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q QDANBgkqhkiG9w0BAQsFAAOCAQEAOR5hqwseXeamT0LLpa6Atf3oju6WORAXeJoY XVqqxCjrIHs9X5FMnuPcq9Ig7u8x+Oxq4NoXPgj58SmiqOgesLtirForl5hrU9ha pJXB7vyLbfltZDSzIgz4qWVivAUDVYeC9N6tZqai8003nSVtDusN3qj8TOopRXcO n5tQfarE4hUgdLgKNd9apq6WblHKvK6JvL7bxn4qCn2pONDQLtMPS20kzSE5ow1h 64h24eaG/93vnRjJHKCV0wc5F8MYPw41wwzQbzjaH0rxwMiNrEka92LpWWKWPLRr YjFCaq1MkdsKkKNXBqcTEKfZlgTmn1ttQg59LhsT5AU2E5TvNQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:32 2025 by rpki-client