This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa File: df59e31f-1e32-4e7a-a595-74adb3f93176.roa (raw, json) Hash identifier: M6gQvMeC1IF27x0xx9w8PNqkI9iXTFgFlsoNPK4Vij8= Subject key identifier: 71:5A:E5:FD:D3:CA:C5:99:66:F5:48:F5:B5:7B:DF:5D:14:7D:D8:F0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 39F50E45C2B4ABB9F3D38DF4CBCC366E331D4708 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa Signing time: Wed 10 Dec 2025 06:01:06 +0000 ROA not before: Wed 10 Dec 2025 06:01:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:f5:0e:45:c2:b4:ab:b9:f3:d3:8d:f4:cb:cc:36:6e:33:1d:47:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c1c20743afbd1b957c042de8bece18b2ed894d57c6c82caa022b599d7262f19c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ec:a1:64:3f:5a:06:77:c1:23:ce:e2:73:cf: 3c:32:34:95:f2:a2:61:68:fe:ef:d9:f3:fc:6c:0a: 83:41:7c:2b:ef:3f:b2:17:c5:08:e4:ff:64:43:8a: d4:fb:12:d5:50:d3:a9:18:91:c9:04:d5:5c:b2:57: a7:bc:7f:8d:fb:2e:8f:36:7b:37:f8:c3:a9:bc:a7: 1e:d5:09:5d:40:1f:b9:94:63:a2:06:36:43:06:94: 9d:9f:3b:5d:44:0b:08:99:57:dd:3c:36:94:80:fa: 95:da:15:2d:97:8e:1f:7c:db:98:02:e4:72:92:b0: 89:34:f7:80:ec:bf:ae:2e:8b:45:ef:f7:34:30:44: a2:da:dc:c0:da:11:72:08:a6:0a:06:3b:bf:0b:d4: 72:9c:c9:02:ea:aa:39:1f:c6:45:44:42:51:e6:ab: f5:2d:ba:9c:ba:23:d8:47:6a:d2:a3:84:ff:75:73: b6:79:8b:c4:27:2f:d8:dc:03:1d:db:e3:71:fd:95: b3:f4:37:09:b5:14:4b:28:70:eb:de:43:53:63:88: cf:4b:a1:95:0e:78:78:94:9b:28:e4:79:4e:2f:33: 15:7e:6c:2e:ca:bb:91:89:7e:19:d2:3d:3c:ef:e2: 5a:da:e1:8c:dc:e9:48:9f:16:bb:e9:d5:7f:30:88: f5:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:5A:E5:FD:D3:CA:C5:99:66:F5:48:F5:B5:7B:DF:5D:14:7D:D8:F0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:e000::/40 Signature Algorithm: sha256WithRSAEncryption 9f:11:b3:fc:c6:eb:db:59:9b:bf:1b:16:61:ea:38:11:1a:4a: f1:15:09:11:70:09:7a:53:81:fc:cb:74:56:e1:e2:a2:4a:2e: 7f:18:fb:02:a6:b3:9d:71:10:c6:90:1e:5f:57:e2:0a:43:f2: 60:21:62:b5:b6:57:6b:43:a2:b2:32:e6:8b:d3:78:58:b1:fa: 6e:8e:09:78:70:2c:f3:30:e0:fd:3f:b6:95:a9:47:c8:a7:e2: 7a:56:15:18:7d:15:03:2d:55:26:f3:4e:83:4d:ed:04:5b:a7: 1d:83:fb:9e:10:54:cb:37:fc:a0:0c:9d:17:3d:d4:06:76:7b: c8:48:12:2a:14:db:e3:26:d3:7a:48:55:88:5c:a5:8a:04:2f: d1:1b:77:fe:e4:ae:86:9b:05:0c:39:92:f1:ab:76:ae:1e:07: bb:11:76:51:e8:8a:e6:73:ee:f2:d1:f7:04:f8:65:b9:11:0d: 98:54:94:f2:8e:a4:14:f8:57:15:c2:4a:59:a1:2a:83:f9:c8: 2d:45:1f:e4:b1:5f:0a:ee:56:c8:a1:9a:b2:d4:cb:03:01:23: f3:a1:cd:d5:67:8d:84:3d:7b:5a:9c:8b:6c:31:13:86:7c:6e: 60:17:23:19:14:8f:71:a8:07:cc:04:67:98:82:6b:78:c5:4e: 60:b9:4b:56 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOfUORcK0q7nz0430y8w2bjMdRwgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGMxYzIwNzQzYWZiZDFiOTU3YzA0MmRlOGJlY2UxOGIyZWQ4OTRkNTdjNmM4 MmNhYTAyMmI1OTlkNzI2MmYxOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzsoWQ/WgZ3wSPO4nPPPDI0lfKiYWj+79nz/GwKg0F8K+8/shfFCOT/ZEOK 1PsS1VDTqRiRyQTVXLJXp7x/jfsujzZ7N/jDqbynHtUJXUAfuZRjogY2QwaUnZ87 XUQLCJlX3Tw2lID6ldoVLZeOH3zbmALkcpKwiTT3gOy/ri6LRe/3NDBEotrcwNoR cgimCgY7vwvUcpzJAuqqOR/GRURCUear9S26nLoj2Edq0qOE/3VztnmLxCcv2NwD Hdvjcf2Vs/Q3CbUUSyhw695DU2OIz0uhlQ54eJSbKOR5Ti8zFX5sLsq7kYl+GdI9 PO/iWtrhjNzpSJ8Wu+nVfzCI9d0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxWuX9 08rFmWb1SPW1e99dFH3Y8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGY1OWUzMWYtMWUzMi00ZTdhLWE1OTUtNzRhZGIzZjkzMTc2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHg MA0GCSqGSIb3DQEBCwUAA4IBAQCfEbP8xuvbWZu/GxZh6jgRGkrxFQkRcAl6U4H8 y3RW4eKiSi5/GPsCprOdcRDGkB5fV+IKQ/JgIWK1tldrQ6KyMuaL03hYsfpujgl4 cCzzMOD9P7aVqUfIp+J6VhUYfRUDLVUm806DTe0EW6cdg/ueEFTLN/ygDJ0XPdQG dnvISBIqFNvjJtN6SFWIXKWKBC/RG3f+5K6GmwUMOZLxq3auHge7EXZR6Irmc+7y 0fcE+GW5EQ2YVJTyjqQU+FcVwkpZoSqD+cgtRR/ksV8K7lbIoZqy1MsDASPzoc3V Z42EPXtanItsMROGfG5gFyMZFI9xqAfMBGeYgmt4xU5guUtW -----END CERTIFICATE-----Generated at Mon Dec 15 19:47:34 2025 by rpki-client