This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json) Hash identifier: QlFGEJSD3gQkBdhke2aH6zlIasH+IkhaH5BeyMAq7R0= Subject key identifier: 4F:4E:B9:CC:F2:F6:1B:C2:49:02:53:F1:81:2D:72:9F:27:C1:74:61 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6F71CD7BC75F8BEDA98258E6A4E8D5D8F8426B6C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa Signing time: Sat 15 Nov 2025 06:10:28 +0000 ROA not before: Sat 15 Nov 2025 06:10:28 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:71:cd:7b:c7:5f:8b:ed:a9:82:58:e6:a4:e8:d5:d8:f8:42:6b:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:28 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=3b7eb7ae4b95a9a9ffba0f1fca88260d877648053baf05d7e53552b0457a3495, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:5a:02:4c:5e:e6:ce:f2:b2:01:69:70:7b:a8: 11:3e:c8:dc:74:d8:ae:07:c9:a8:7a:6d:7e:be:b0: 37:a2:63:b1:f8:63:c9:30:6f:1f:47:1b:7a:24:03: a5:eb:f8:a8:ce:f8:35:48:6e:55:1f:9b:ab:58:f0: b5:f7:8c:74:12:39:52:54:54:e8:7d:96:5b:b7:40: 73:37:72:55:52:00:a7:95:a0:51:63:36:b2:ee:1f: 17:5a:11:f9:08:3b:f5:07:2f:9a:12:3b:96:5f:a5: 0c:c1:f9:b6:7a:54:d9:7e:2b:a4:86:fd:6c:5d:a4: 9e:8f:34:8c:1c:82:c2:2b:0d:ac:42:78:fa:da:48: 10:33:ac:5e:a7:ec:75:49:0c:0f:a5:f5:9e:d6:d9: 12:bd:c8:a2:b5:76:78:15:38:71:a7:ec:a3:54:ba: 95:8c:a0:3b:92:3a:98:cf:6f:30:05:2d:2e:df:8a: ae:88:48:06:bc:23:b6:34:ff:b4:21:d0:7b:f1:4c: 75:d5:af:86:25:28:8f:a3:a9:32:ab:94:0c:f9:35: 1b:0b:ef:ff:cc:e3:4a:07:b0:64:d4:14:bc:6c:7d: e8:22:d2:0d:60:86:3d:18:04:81:8a:13:71:8e:89: 77:30:f1:9f:22:de:12:be:a3:56:48:dd:68:46:e5: e9:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:4E:B9:CC:F2:F6:1B:C2:49:02:53:F1:81:2D:72:9F:27:C1:74:61 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:a040::/48 Signature Algorithm: sha256WithRSAEncryption 41:1a:4e:ae:ca:7f:74:c5:d3:a8:09:bb:a1:76:a0:74:e4:5b: 15:e5:cd:2f:f4:6d:cb:6c:b3:fc:1d:1c:36:85:96:6c:b8:dd: e6:6f:68:38:f6:4e:f9:20:fc:ec:51:6f:9f:81:1f:ba:9c:c4: 4e:10:3b:bc:d8:a5:4f:71:02:41:0e:a7:ee:ee:e8:5b:b5:c6: 29:d3:16:39:6f:51:d8:80:f6:f4:a5:b9:19:bc:b9:20:39:46: 08:43:84:1a:5a:b5:5f:9f:8d:de:e1:4e:54:51:6d:5a:d3:b9: 2e:28:3c:07:23:24:dc:38:49:85:26:a7:e3:71:42:36:9c:3b: d9:b6:77:1e:b3:0d:da:6d:79:00:e4:50:57:36:d2:32:e2:98: a9:14:58:80:68:ba:58:45:53:4e:ce:d4:51:3f:90:0c:10:a8: 47:a3:cb:4b:37:36:11:44:cf:d0:dc:9e:f8:97:cf:72:e6:ee: de:6e:1d:d1:71:ab:70:8b:83:7d:dc:68:40:60:80:c4:5e:7d: e3:2b:9c:3a:1f:91:92:9f:e9:64:93:fe:41:2c:01:b7:c3:b1: 29:1e:23:65:1f:d5:ad:87:58:f1:9a:be:cb:1f:68:6c:c1:7d: 4d:5f:40:e7:25:82:e3:20:b5:93:be:f7:4f:63:bf:df:20:8d: 7e:5d:6d:ac -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUb3HNe8dfi+2pgljmpOjV2PhCa2wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMjhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDNiN2ViN2FlNGI5NWE5YTlmZmJhMGYxZmNhODgyNjBkODc3NjQ4MDUzYmFm MDVkN2U1MzU1MmIwNDU3YTM0OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANZaAkxe5s7ysgFpcHuoET7I3HTYrgfJqHptfr6wN6JjsfhjyTBvH0cbeiQD pev4qM74NUhuVR+bq1jwtfeMdBI5UlRU6H2WW7dAczdyVVIAp5WgUWM2su4fF1oR +Qg79QcvmhI7ll+lDMH5tnpU2X4rpIb9bF2kno80jByCwisNrEJ4+tpIEDOsXqfs dUkMD6X1ntbZEr3IorV2eBU4cafso1S6lYygO5I6mM9vMAUtLt+KrohIBrwjtjT/ tCHQe/FMddWvhiUoj6OpMquUDPk1Gwvv/8zjSgewZNQUvGx96CLSDWCGPRgEgYoT cY6JdzDxnyLeEr6jVkjdaEbl6asCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRPTrnM 8vYbwkkCU/GBLXKfJ8F0YTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg QDANBgkqhkiG9w0BAQsFAAOCAQEAQRpOrsp/dMXTqAm7oXagdORbFeXNL/Rty2yz /B0cNoWWbLjd5m9oOPZO+SD87FFvn4EfupzEThA7vNilT3ECQQ6n7u7oW7XGKdMW OW9R2ID29KW5Gby5IDlGCEOEGlq1X5+N3uFOVFFtWtO5Lig8ByMk3DhJhSan43FC Npw72bZ3HrMN2m15AORQVzbSMuKYqRRYgGi6WEVTTs7UUT+QDBCoR6PLSzc2EUTP 0Nye+JfPcubu3m4d0XGrcIuDfdxoQGCAxF594yucOh+Rkp/pZJP+QSwBt8OxKR4j ZR/VrYdY8Zq+yx9obMF9TV9A5yWC4yC1k773T2O/3yCNfl1trA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:20 2025 by rpki-client