This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa File: 19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa (raw, json) Hash identifier: 2BnYlJ/x8uU3N+kXtoJuunNpZB0M5rudFqaenQ0nNYU= Subject key identifier: 84:1C:F5:BB:50:56:99:8C:50:75:9D:02:CD:24:1C:5E:7F:28:2F:30 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4C017F8E28FCE0D7C32CC43A1CC06DD784BFD192 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa Signing time: Sat 15 Nov 2025 05:40:46 +0000 ROA not before: Sat 15 Nov 2025 05:40:46 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:5080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:01:7f:8e:28:fc:e0:d7:c3:2c:c4:3a:1c:c0:6d:d7:84:bf:d1:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:46 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=45dedfd483d2f322d0363238f94db5735ded2487bc2af7572b6f84e74e96f8c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:6c:7b:64:6d:ca:6b:64:71:42:88:70:b8:c7: f6:cb:df:b3:e0:91:ec:1a:7c:7f:7c:04:23:01:9c: e8:e1:63:e9:22:0a:55:5f:32:f2:60:86:43:6a:60: 3e:8b:c2:a5:db:de:ee:2f:7b:ff:b0:b2:3f:1b:0b: 13:47:65:cb:8c:98:ea:0c:49:fc:f3:41:f1:23:cb: c0:6b:3d:46:42:bb:19:77:dd:7e:2d:63:a6:86:1e: b5:31:b8:3b:44:12:e2:eb:51:95:c0:04:84:8e:6b: c0:4a:9c:1f:55:00:12:f9:91:cc:58:99:cd:61:68: 7a:05:96:8a:35:f8:60:cb:e1:b6:1a:ce:61:02:c8: 51:48:de:09:b0:8b:f6:81:17:12:ea:2f:4c:42:24: 53:1a:0d:d8:92:22:34:38:99:4b:94:3f:4d:2c:7f: 8c:5a:d4:0b:40:e2:fe:86:cc:c1:df:a6:6a:63:82: c7:7a:07:cc:8e:c3:c8:58:4c:55:29:3d:f1:ae:81: 06:09:9c:91:b0:06:23:88:cf:98:12:88:9f:ed:1e: e6:30:9d:fc:da:8b:7e:7d:af:fd:ac:77:83:be:e7: 69:b5:74:b3:23:1e:ad:c6:57:69:8d:58:5b:72:63: da:3e:e1:4f:76:59:94:09:fa:58:39:dc:b6:1d:b9: 2f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:1C:F5:BB:50:56:99:8C:50:75:9D:02:CD:24:1C:5E:7F:28:2F:30 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a27d9f-3cc9-4ac4-9afb-399f66bee60b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:5080::/48 Signature Algorithm: sha256WithRSAEncryption a4:a4:71:5e:96:2c:de:02:32:29:7e:41:f9:72:7b:69:56:c0: 00:31:7c:b6:3e:4a:74:92:47:50:c3:ba:51:56:52:94:78:78: 12:89:3f:73:be:ed:a9:64:fc:24:66:d5:f4:ff:f8:49:97:68: b0:6d:18:83:02:0c:9d:3a:85:d0:24:6a:7b:1f:43:dc:fc:17: ba:85:63:0b:41:d4:12:0d:cf:a8:fd:e7:c4:b8:c0:6d:3e:ad: e1:ca:b8:4b:d1:53:59:90:48:3a:81:18:0b:df:d4:99:10:ef: f1:90:b7:d9:f7:13:58:51:cc:60:35:1c:4a:dd:49:b1:c4:3d: 1d:ef:79:4b:67:45:a8:ef:63:c6:db:ad:59:9c:bd:21:d2:29: 38:11:41:6a:26:99:3d:9f:31:32:27:5c:e9:16:1a:15:ae:e3: ce:9d:50:57:a6:a5:fd:3e:a5:47:7a:8e:e1:c8:c5:2e:e0:d3: ad:29:43:4d:38:1c:a3:e5:8a:61:25:e7:29:38:ee:32:fa:70: 9b:0f:a7:4b:84:da:d6:52:45:b2:63:0e:e1:0a:71:5e:4b:c4: ce:75:e0:64:08:bb:bf:71:34:8a:90:b3:75:8b:29:c8:d7:df: 65:79:1c:3b:9c:89:05:f9:7e:86:f5:96:b9:af:ea:98:7b:9a: ab:45:29:8c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUTAF/jij84NfDLMQ6HMBt14S/0ZIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwNDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ1ZGVkZmQ0ODNkMmYzMjJkMDM2MzIzOGY5NGRiNTczNWRlZDI0ODdiYzJh Zjc1NzJiNmY4NGU3NGU5NmY4YzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9se2RtymtkcUKIcLjH9svfs+CR7Bp8f3wEIwGc6OFj6SIKVV8y8mCGQ2pg PovCpdve7i97/7CyPxsLE0dly4yY6gxJ/PNB8SPLwGs9RkK7GXfdfi1jpoYetTG4 O0QS4utRlcAEhI5rwEqcH1UAEvmRzFiZzWFoegWWijX4YMvhthrOYQLIUUjeCbCL 9oEXEuovTEIkUxoN2JIiNDiZS5Q/TSx/jFrUC0Di/obMwd+mamOCx3oHzI7DyFhM VSk98a6BBgmckbAGI4jPmBKIn+0e5jCd/NqLfn2v/ax3g77nabV0syMercZXaY1Y W3Jj2j7hT3ZZlAn6WDncth25LwMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSEHPW7 UFaZjFB1nQLNJBxefygvMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTlhMjdkOWYtM2NjOS00YWM0LTlhZmItMzk5ZjY2YmVlNjBiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q gDANBgkqhkiG9w0BAQsFAAOCAQEApKRxXpYs3gIyKX5B+XJ7aVbAADF8tj5KdJJH UMO6UVZSlHh4Eok/c77tqWT8JGbV9P/4SZdosG0YgwIMnTqF0CRqex9D3PwXuoVj C0HUEg3PqP3nxLjAbT6t4cq4S9FTWZBIOoEYC9/UmRDv8ZC32fcTWFHMYDUcSt1J scQ9He95S2dFqO9jxtutWZy9IdIpOBFBaiaZPZ8xMidc6RYaFa7jzp1QV6al/T6l R3qO4cjFLuDTrSlDTTgco+WKYSXnKTjuMvpwmw+nS4Ta1lJFsmMO4QpxXkvEznXg ZAi7v3E0ipCzdYspyNffZXkcO5yJBfl+hvWWua/qmHuaq0UpjA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:07 2025 by rpki-client