This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa File: 0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa (raw, json) Hash identifier: sN2GuAK+asjYytPRx83YlOrZMzKlATS29wsQEpWpi4U= Subject key identifier: 64:A2:29:EE:D6:13:76:C0:31:3C:34:69:67:B2:5E:51:38:22:9D:34 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4BD872BBD6FD030A3EA700A1EA11ECAA120E6887 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa Signing time: Wed 10 Dec 2025 06:00:06 +0000 ROA not before: Wed 10 Dec 2025 06:00:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:d8:72:bb:d6:fd:03:0a:3e:a7:00:a1:ea:11:ec:aa:12:0e:68:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=91b263a2c5f41967ab0d95a732d11b439444206420c0eb6a1fbca3790a7121f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1d:62:be:42:b3:b2:85:24:6b:61:48:b5:70: 06:2e:4c:8d:fd:7e:86:02:33:74:58:dc:80:bc:8b: 79:8f:aa:8f:4a:f9:f6:2f:44:45:32:6a:2e:90:41: 4a:30:e2:68:d1:39:63:c5:32:41:f5:62:83:41:b2: d8:d3:a0:4c:83:ed:8b:21:ea:cd:14:99:b3:71:eb: 6f:24:b6:20:9c:35:d0:c9:c7:3e:1b:c6:ba:a3:ee: d8:fa:8b:a6:04:bb:8d:23:79:24:4a:24:ed:97:98: e5:9b:fd:0d:1d:07:d6:0d:3a:68:d7:e4:e7:5c:9f: d8:15:ff:91:d6:10:d9:10:11:57:18:34:04:5f:c4: f8:d2:70:93:20:b3:f4:97:7c:bb:4b:3c:90:a6:6a: d2:3a:99:ba:80:0e:1f:b3:3b:6b:ed:2f:2e:3c:2c: b6:d6:c9:9f:c3:74:19:8b:db:3d:06:63:5a:21:f1: 81:d3:c1:19:10:57:5d:44:6f:c0:f9:f1:ef:43:3a: 12:32:7c:0e:58:12:e1:64:b2:70:51:a5:2d:38:61: c2:07:46:43:b9:8b:2d:c0:37:dc:7b:ac:21:2e:8a: 3d:f2:5a:ad:16:66:77:96:71:75:df:c7:02:41:60: 61:87:d4:86:a2:cd:42:d6:1a:cb:db:73:e7:17:70: 36:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:A2:29:EE:D6:13:76:C0:31:3C:34:69:67:B2:5E:51:38:22:9D:34 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:a040::/48 Signature Algorithm: sha256WithRSAEncryption 7e:b3:ba:7b:53:90:51:9b:9e:d7:fd:2a:37:d5:5b:a5:54:dd: 81:39:b7:f2:b8:41:be:d7:4d:aa:92:2a:c5:79:4e:90:f0:fb: 28:d7:8a:36:74:65:62:fd:4b:42:1a:e2:8a:87:5c:2d:96:61: ae:c3:4b:3b:36:84:40:68:1c:60:28:84:00:18:f5:b5:02:8f: ff:27:af:36:2d:34:2e:ff:de:06:dc:ee:e4:88:5b:a5:08:8a: c6:49:ff:f3:be:23:11:28:60:7f:aa:ea:e2:04:83:86:ce:3d: 8c:ac:1d:09:a4:8b:83:10:17:da:5c:42:84:20:38:95:f1:9c: 67:16:c8:91:af:42:4b:6d:d9:43:8a:91:25:62:ba:68:e3:db: 2a:18:63:49:ee:a8:62:43:a8:3b:b3:28:f7:f0:af:01:fc:1f: 03:67:73:ae:f4:20:73:b3:d9:6b:0d:16:40:e4:4d:83:b8:11: aa:3e:fd:37:bd:f9:2e:eb:af:b8:ea:68:ed:e7:76:70:fc:e3: 71:ee:5f:77:9e:9b:3b:26:25:ff:ff:fe:fb:16:29:ae:77:07: 32:5e:9d:d2:ae:f0:c6:18:f2:8b:d5:be:5b:b3:5f:6f:70:af: 90:b4:ab:b2:f1:fe:31:95:2f:63:87:ca:9e:53:dc:98:02:e2: ce:f9:91:f1 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUS9hyu9b9Awo+pwCh6hHsqhIOaIcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDkxYjI2M2EyYzVmNDE5NjdhYjBkOTVhNzMyZDExYjQzOTQ0NDIwNjQyMGMw ZWI2YTFmYmNhMzc5MGE3MTIxZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALsdYr5Cs7KFJGthSLVwBi5Mjf1+hgIzdFjcgLyLeY+qj0r59i9ERTJqLpBB SjDiaNE5Y8UyQfVig0Gy2NOgTIPtiyHqzRSZs3HrbyS2IJw10MnHPhvGuqPu2PqL pgS7jSN5JEok7ZeY5Zv9DR0H1g06aNfk51yf2BX/kdYQ2RARVxg0BF/E+NJwkyCz 9Jd8u0s8kKZq0jqZuoAOH7M7a+0vLjwsttbJn8N0GYvbPQZjWiHxgdPBGRBXXURv wPnx70M6EjJ8DlgS4WSycFGlLThhwgdGQ7mLLcA33HusIS6KPfJarRZmd5Zxdd/H AkFgYYfUhqLNQtYay9tz5xdwNkcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkoinu 1hN2wDE8NGlnsl5ROCKdNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGExYTI1ZDctNjkzNS00MjBjLWE5NDktNGE5ZDBlNmE5NWQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg QDANBgkqhkiG9w0BAQsFAAOCAQEAfrO6e1OQUZue1/0qN9VbpVTdgTm38rhBvtdN qpIqxXlOkPD7KNeKNnRlYv1LQhriiodcLZZhrsNLOzaEQGgcYCiEABj1tQKP/yev Ni00Lv/eBtzu5IhbpQiKxkn/874jEShgf6rq4gSDhs49jKwdCaSLgxAX2lxChCA4 lfGcZxbIka9CS23ZQ4qRJWK6aOPbKhhjSe6oYkOoO7Mo9/CvAfwfA2dzrvQgc7PZ aw0WQORNg7gRqj79N735LuuvuOpo7ed2cPzjce5fd56bOyYl///++xYprncHMl6d 0q7wxhjyi9W+W7Nfb3CvkLSrsvH+MZUvY4fKnlPcmALizvmR8Q== -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:09 2025 by rpki-client