This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json) Hash identifier: zcTCn4l0zGmlZcKxD2cdobBgH+J5pDaOKCWf/RT3vmM= Subject key identifier: 00:36:05:F2:EF:90:33:C0:C5:D1:9D:4C:10:64:B0:BE:1F:91:41:B8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 65D52EAC015DB0C5680CBE3E765F3EC3E9511CDC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa Signing time: Wed 10 Dec 2025 05:30:59 +0000 ROA not before: Wed 10 Dec 2025 05:30:59 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d026::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:d5:2e:ac:01:5d:b0:c5:68:0c:be:3e:76:5f:3e:c3:e9:51:1c:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:59 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d64b70cdf869740109557008690f6ca6dda94cd8bf48b6b88a473ed4b40aaacd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a1:26:ec:d5:76:77:b0:52:5e:66:7e:7b:c4: 79:38:a4:7e:b7:ec:92:16:4f:d8:30:57:d1:38:82: 62:2e:73:58:55:2a:81:14:d0:67:25:fe:5a:67:08: 06:7c:57:38:9b:20:6d:36:7f:7b:4f:82:83:59:62: 48:30:dd:09:6e:ca:bf:a4:9d:40:ac:31:27:c4:e7: 01:7e:63:f4:e4:63:9d:4c:54:e7:ef:f3:97:00:d9: e3:4d:f6:1e:12:4e:55:41:18:c7:93:75:43:b6:bb: 05:74:7d:c8:cf:84:9a:18:be:ce:9b:d9:ed:22:5f: 4e:7a:c7:6f:8c:c7:8d:5a:e2:0a:2a:74:c5:a7:22: 55:b5:13:dd:67:8e:ea:6d:47:03:fb:83:8e:79:cd: 04:08:10:06:bd:c8:a0:37:56:36:c5:31:71:79:40: 1e:67:31:23:32:fe:f6:14:7c:13:60:d7:fe:23:df: 55:a9:91:d3:01:49:68:68:83:44:a9:ef:16:df:4a: 2c:78:02:26:d8:5e:2a:f3:9a:a2:3c:36:90:9e:7c: a5:35:d1:6c:97:9a:5a:74:01:12:e2:b2:fe:cd:81: a9:83:4a:c8:75:10:14:67:25:03:83:ff:cb:2e:ba: 0a:32:2e:09:3d:ae:8f:6e:77:8b:25:b7:4a:83:23: e0:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:36:05:F2:EF:90:33:C0:C5:D1:9D:4C:10:64:B0:BE:1F:91:41:B8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d026::/36 Signature Algorithm: sha256WithRSAEncryption 00:23:f8:17:60:32:6c:75:4c:b0:77:b0:05:6f:85:9e:08:7a: 50:6d:86:94:bc:ab:27:f1:87:9f:96:b0:06:14:fa:9b:74:9b: 77:32:b8:3c:a1:94:fa:fd:7b:05:25:65:97:64:04:c7:a2:7e: 1a:65:fd:ac:a0:21:1e:a1:b1:4e:74:4b:f1:aa:d8:2c:ab:9a: 62:6f:f7:a6:c7:12:bb:ea:24:0a:40:5a:59:f8:62:8c:69:05: ad:1e:5a:4c:03:c0:6c:bb:2f:4d:25:05:af:c9:98:e4:bf:99: a0:fe:77:04:f5:73:58:7c:55:7a:d8:9f:7a:12:25:8e:98:a5: 83:5c:fe:7a:21:d8:ee:d0:4e:a4:0c:49:a2:c2:5f:f8:7a:1f: cd:1e:52:ab:d8:14:57:42:bf:dd:ca:02:93:70:0e:67:51:4b: 7f:ca:5c:06:99:7f:70:0a:d3:e3:26:fc:7b:7f:41:1c:04:63: df:40:db:f2:f3:bc:e7:35:1e:72:af:9c:c4:36:d4:d4:cc:80: 13:0d:65:43:14:9f:16:55:17:aa:67:fd:eb:7c:b1:c5:d4:e1: fb:bb:60:2f:0a:35:45:33:e5:86:cc:46:9b:70:6a:7f:5e:b9: 19:5a:62:ce:fb:b4:33:d2:e1:14:ac:36:8a:25:9c:d0:28:45: 21:ab:73:71 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZdUurAFdsMVoDL4+dl8+w+lRHNwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNTlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ2NGI3MGNkZjg2OTc0MDEwOTU1NzAwODY5MGY2Y2E2ZGRhOTRjZDhiZjQ4 YjZiODhhNDczZWQ0YjQwYWFhY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN2hJuzVdnewUl5mfnvEeTikfrfskhZP2DBX0TiCYi5zWFUqgRTQZyX+WmcI BnxXOJsgbTZ/e0+Cg1liSDDdCW7Kv6SdQKwxJ8TnAX5j9ORjnUxU5+/zlwDZ4032 HhJOVUEYx5N1Q7a7BXR9yM+Emhi+zpvZ7SJfTnrHb4zHjVriCip0xaciVbUT3WeO 6m1HA/uDjnnNBAgQBr3IoDdWNsUxcXlAHmcxIzL+9hR8E2DX/iPfVamR0wFJaGiD RKnvFt9KLHgCJtheKvOaojw2kJ58pTXRbJeaWnQBEuKy/s2BqYNKyHUQFGclA4P/ yy66CjIuCT2uj253iyW3SoMj4IMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQANgXy 75AzwMXRnUwQZLC+H5FBuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA MA0GCSqGSIb3DQEBCwUAA4IBAQAAI/gXYDJsdUywd7AFb4WeCHpQbYaUvKsn8Yef lrAGFPqbdJt3Mrg8oZT6/XsFJWWXZATHon4aZf2soCEeobFOdEvxqtgsq5pib/em xxK76iQKQFpZ+GKMaQWtHlpMA8Bsuy9NJQWvyZjkv5mg/ncE9XNYfFV62J96EiWO mKWDXP56Idju0E6kDEmiwl/4eh/NHlKr2BRXQr/dygKTcA5nUUt/ylwGmX9wCtPj Jvx7f0EcBGPfQNvy87znNR5yr5zENtTUzIATDWVDFJ8WVReqZ/3rfLHF1OH7u2Av CjVFM+WGzEabcGp/XrkZWmLO+7Qz0uEUrDaKJZzQKEUhq3Nx -----END CERTIFICATE-----Generated at Thu Dec 18 03:52:51 2025 by rpki-client