This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa File: 278dd4fa-de02-446c-a4ac-184c5f35a577.roa (raw, json) Hash identifier: 9ojPgzeab4hlPAtr2GVdXvPz86L3zVX3EXQ30lef5TM= Subject key identifier: CE:ED:15:2C:66:C5:26:13:E5:63:CA:29:F9:17:F6:5D:F8:06:E9:40 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 021950AF38BD3E5211374F435AC0B91A1B684A1B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa Signing time: Wed 10 Dec 2025 06:30:43 +0000 ROA not before: Wed 10 Dec 2025 06:30:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:19:50:af:38:bd:3e:52:11:37:4f:43:5a:c0:b9:1a:1b:68:4a:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=037d458236fcbc68e257105cfc012826d2d4265cf1bfc0c441f753fb2c0031de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:34:1b:eb:52:9f:8d:37:bf:16:11:b7:b4:d4: 97:fa:e7:86:24:41:a4:3f:8e:4c:51:d2:d3:18:8f: 42:80:14:70:3a:97:f9:e6:bc:f6:68:31:4c:e9:07: fa:d9:27:fb:df:8c:f2:2f:e0:45:c2:f4:7f:c1:e8: b0:71:2c:33:05:d1:ea:e4:cf:f4:3f:83:e6:cc:f0: 00:a5:58:3c:7e:91:f8:ff:a4:b4:88:b7:67:07:93: ff:8f:84:63:67:ee:fc:c6:a1:88:11:f3:4d:a0:b7: a4:e0:ff:ff:72:7a:eb:5d:b9:a1:0f:5f:87:f1:e1: 5f:5b:f0:3a:a9:e0:f3:ca:f1:3e:dc:b9:b4:51:8c: eb:ab:c2:30:6a:88:57:e6:4c:cd:8e:9a:f2:32:88: 9f:71:11:aa:b2:97:e9:20:8c:65:03:e2:b8:a9:e4: 40:c3:28:e5:6c:a6:0a:6b:32:b3:d9:44:0d:85:0d: 7a:7d:29:cc:64:b0:fa:99:f3:d0:17:52:a0:19:76: eb:91:12:2d:6a:9c:8a:16:8f:28:e3:c5:2b:ce:bf: 52:4e:96:4d:19:5b:88:3d:cd:b8:cf:85:22:df:0e: 8a:84:51:86:60:59:f1:4e:46:5b:ba:0c:63:7d:f7: ec:1d:34:ef:d7:70:1d:1b:a2:2f:b7:a8:9c:3d:f4: 56:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:ED:15:2C:66:C5:26:13:E5:63:CA:29:F9:17:F6:5D:F8:06:E9:40 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:a000::/40 Signature Algorithm: sha256WithRSAEncryption 26:46:0a:de:c4:28:c5:b0:6e:d6:90:3d:41:6a:04:0d:27:54: f8:fe:c2:07:60:9a:8d:60:20:d0:25:36:f7:da:b5:25:c4:53: 33:7f:5a:06:f9:28:ee:15:46:18:27:a8:af:12:09:b1:20:42: 24:70:0e:c9:92:7e:37:ab:3e:ea:8a:07:f6:d7:1c:1f:6f:ba: ca:02:a7:44:b8:a3:b6:18:05:44:11:f6:27:de:5b:6b:5a:79: 51:3c:9b:13:79:e6:cb:25:fb:c3:65:ce:52:8c:be:d5:9e:1c: ee:aa:5b:ba:bf:65:72:14:77:ac:bc:9a:94:21:3e:b5:a6:bb: 87:c6:ba:d6:7d:c2:b7:c3:71:7b:e7:c6:08:7d:8a:9f:46:36: b6:7d:86:10:f8:e9:30:6b:2f:54:43:92:39:ca:31:65:b7:5a: de:26:e3:5a:6a:b3:5a:3e:6f:08:7e:6f:2e:54:73:90:08:fb: b8:c6:5b:a0:92:9e:7d:56:47:27:64:cd:f2:f0:8f:f2:44:de: 90:5f:a9:be:dc:5c:a0:c6:4a:33:75:1a:92:80:45:04:bb:c7: 95:68:d8:d9:83:df:cf:c7:22:73:f2:44:fb:be:3d:17:ee:2a: e2:92:bd:fe:5d:e9:da:b1:3f:f5:5f:bc:27:25:91:aa:9c:21: cc:4a:9b:20 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAhlQrzi9PlIRN09DWsC5GhtoShswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDAzN2Q0NTgyMzZmY2JjNjhlMjU3MTA1Y2ZjMDEyODI2ZDJkNDI2NWNmMWJm YzBjNDQxZjc1M2ZiMmMwMDMxZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOw0G+tSn403vxYRt7TUl/rnhiRBpD+OTFHS0xiPQoAUcDqX+ea89mgxTOkH +tkn+9+M8i/gRcL0f8HosHEsMwXR6uTP9D+D5szwAKVYPH6R+P+ktIi3ZweT/4+E Y2fu/MahiBHzTaC3pOD//3J66125oQ9fh/HhX1vwOqng88rxPty5tFGM66vCMGqI V+ZMzY6a8jKIn3ERqrKX6SCMZQPiuKnkQMMo5WymCmsys9lEDYUNen0pzGSw+pnz 0BdSoBl265ESLWqcihaPKOPFK86/Uk6WTRlbiD3NuM+FIt8OioRRhmBZ8U5GW7oM Y3337B0079dwHRuiL7eonD30VmECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTO7RUs ZsUmE+Vjyin5F/Zd+AbpQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Mjc4ZGQ0ZmEtZGUwMi00NDZjLWE0YWMtMTg0YzVmMzVhNTc3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+g MA0GCSqGSIb3DQEBCwUAA4IBAQAmRgrexCjFsG7WkD1BagQNJ1T4/sIHYJqNYCDQ JTb32rUlxFMzf1oG+SjuFUYYJ6ivEgmxIEIkcA7Jkn43qz7qigf21xwfb7rKAqdE uKO2GAVEEfYn3ltrWnlRPJsTeebLJfvDZc5SjL7Vnhzuqlu6v2VyFHesvJqUIT61 pruHxrrWfcK3w3F758YIfYqfRja2fYYQ+Okway9UQ5I5yjFlt1reJuNaarNaPm8I fm8uVHOQCPu4xlugkp59VkcnZM3y8I/yRN6QX6m+3FygxkozdRqSgEUEu8eVaNjZ g9/PxyJz8kT7vj0X7irikr3+XenasT/1X7wnJZGqnCHMSpsg -----END CERTIFICATE-----Generated at Mon Dec 15 15:28:31 2025 by rpki-client