This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json) Hash identifier: /tF9/kL382qt3fdrDPJXqLMfPtvAwKOW/MlP6bs++Os= Subject key identifier: 62:5D:DA:B5:27:E4:69:0A:74:0F:2F:D9:34:0C:91:D1:7F:5E:13:AB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 45791DE0617C52A3150C2C264A7A74B4216B8606 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa Signing time: Wed 10 Dec 2025 06:01:22 +0000 ROA not before: Wed 10 Dec 2025 06:01:22 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d010:8800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:79:1d:e0:61:7c:52:a3:15:0c:2c:26:4a:7a:74:b4:21:6b:86:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:22 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3bbd94b3d4fc22796b4154f45c376ec9a0fb0b604ae41ef9a0d75a04e6262d24, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ab:91:64:ff:ee:68:03:2f:f5:5c:04:a4:71: f5:e3:e4:f8:83:bb:55:02:22:4f:de:21:27:05:ab: 4f:a3:6c:46:b3:49:95:dc:1c:ef:22:6c:4b:39:34: 5e:7c:d0:96:a8:c6:7a:69:89:09:b1:68:f4:bd:2b: 6c:83:14:d8:37:f2:82:09:cd:74:aa:50:d9:07:8b: 6a:ec:89:44:96:b4:78:3e:cf:ef:0b:c1:22:78:18: 90:a4:e2:dc:b2:44:26:45:16:fd:19:b1:16:04:9a: 36:d2:ca:2a:d5:4e:14:08:1c:1f:6a:31:aa:cf:75: 2c:2a:ea:15:7b:e5:85:06:84:fc:30:89:80:8d:69: 76:7c:db:38:da:8f:9e:99:e8:83:97:73:c9:ac:6a: 25:1f:89:8a:f4:d7:48:e5:c4:d5:7a:b1:02:5e:19: ad:6b:6a:28:16:ea:d6:a7:8c:31:0b:6b:11:bf:47: 35:04:41:a6:03:cd:0d:cf:3a:27:fd:fb:84:7c:be: 06:b5:da:16:86:c1:76:eb:ed:2f:d2:ed:57:0f:4f: b4:44:13:78:22:fa:eb:d6:5d:52:66:3f:05:73:44: 09:26:c5:1c:3a:05:de:f4:2f:ca:4e:ad:cc:89:66: 9b:7d:c7:f7:26:43:3c:7e:0c:95:e1:a7:46:32:15: 95:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:5D:DA:B5:27:E4:69:0A:74:0F:2F:D9:34:0C:91:D1:7F:5E:13:AB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d010:8800::/38 Signature Algorithm: sha256WithRSAEncryption 13:c9:c3:4e:9d:b7:ba:40:ce:34:32:d6:eb:c0:6f:6c:11:b0: e5:6c:03:5c:89:fc:7b:3d:f6:82:e7:18:c2:b4:6f:f0:b7:17: d1:40:fd:5d:91:cd:4f:b7:c6:d6:6e:9d:37:a1:1e:70:da:51: bd:4c:91:6f:bd:42:d3:ad:50:ad:ca:4f:cd:e3:45:f6:bd:70: 55:1f:81:57:da:fa:73:e0:6c:af:ec:96:05:7b:fe:3e:3e:a7: 78:15:e1:83:f7:89:44:06:42:23:28:22:f7:7b:b2:97:b0:0b: 35:98:45:d2:3a:5f:64:e5:a3:72:e4:06:fe:bd:d6:81:15:78: 06:ed:99:8b:04:7b:b1:54:5d:e1:9a:c2:a9:85:7f:f5:e6:37: ad:d7:2a:36:00:0c:fb:9e:05:b9:0e:5c:21:89:25:2e:d2:3d: 6f:6e:27:7a:4e:79:f2:2b:9f:67:64:8d:ec:d9:33:db:37:75: 22:d3:ff:cf:b7:62:33:8b:f0:1a:7e:c9:83:74:5b:79:ff:b4: 06:f7:1e:14:41:80:a4:81:9a:a2:e3:41:ce:93:b0:d9:53:53: 19:ee:9a:14:63:bd:b7:71:3f:71:bf:00:ee:f5:0f:44:43:e3: 40:f2:64:a8:2e:0b:69:a2:f4:c2:4c:d0:e8:c6:d8:c1:93:9e: 01:d4:b3:1e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURXkd4GF8UqMVDCwmSnp0tCFrhgYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMjJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNiYmQ5NGIzZDRmYzIyNzk2YjQxNTRmNDVjMzc2ZWM5YTBmYjBiNjA0YWU0 MWVmOWEwZDc1YTA0ZTYyNjJkMjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqrkWT/7mgDL/VcBKRx9ePk+IO7VQIiT94hJwWrT6NsRrNJldwc7yJsSzk0 XnzQlqjGemmJCbFo9L0rbIMU2DfyggnNdKpQ2QeLauyJRJa0eD7P7wvBIngYkKTi 3LJEJkUW/RmxFgSaNtLKKtVOFAgcH2oxqs91LCrqFXvlhQaE/DCJgI1pdnzbONqP npnog5dzyaxqJR+JivTXSOXE1XqxAl4ZrWtqKBbq1qeMMQtrEb9HNQRBpgPNDc86 J/37hHy+BrXaFobBduvtL9LtVw9PtEQTeCL669ZdUmY/BXNECSbFHDoF3vQvyk6t zIlmm33H9yZDPH4MleGnRjIVlQECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRiXdq1 J+RpCnQPL9k0DJHRf14TqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI MA0GCSqGSIb3DQEBCwUAA4IBAQATycNOnbe6QM40MtbrwG9sEbDlbANcifx7PfaC 5xjCtG/wtxfRQP1dkc1Pt8bWbp03oR5w2lG9TJFvvULTrVCtyk/N40X2vXBVH4FX 2vpz4Gyv7JYFe/4+Pqd4FeGD94lEBkIjKCL3e7KXsAs1mEXSOl9k5aNy5Ab+vdaB FXgG7ZmLBHuxVF3hmsKphX/15jet1yo2AAz7ngW5DlwhiSUu0j1vbid6TnnyK59n ZI3s2TPbN3Ui0//Pt2Izi/AafsmDdFt5/7QG9x4UQYCkgZqi40HOk7DZU1MZ7poU Y723cT9xvwDu9Q9EQ+NA8mSoLgtpovTCTNDoxtjBk54B1LMe -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:17 2025 by rpki-client