This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa File: 357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa (raw, json) Hash identifier: WmNRr/UDVl2wKuxVvrpfUaWifUAFgCGBeH8qw8nwm1w= Subject key identifier: 87:05:A5:FD:A3:82:8C:38:CC:73:74:7B:D5:54:D6:57:2A:28:97:32 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3674D75942E47EA5681950004B7D4577ACB4EE7B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa Signing time: Sat 15 Nov 2025 06:20:51 +0000 ROA not before: Sat 15 Nov 2025 06:20:51 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:74:d7:59:42:e4:7e:a5:68:19:50:00:4b:7d:45:77:ac:b4:ee:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:51 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=ead03e27c605683a880c010be4a7f7f724af6d2562829b4d8a84c31198aa1e6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:53:0f:42:a2:92:5f:24:21:14:fd:28:92:ba: bc:9e:5c:e3:4f:23:6d:df:ac:19:f0:c0:a3:ec:42: f6:56:d3:a0:06:ef:3f:e2:e5:71:58:ed:00:f4:64: a3:89:bb:8b:05:82:1c:68:c3:bb:91:66:43:ee:14: 0e:f1:4c:46:c5:89:43:ac:9e:c9:fb:a4:b8:7e:e8: 58:0d:b3:ee:5b:cc:97:34:dc:14:48:f5:04:c3:04: 07:6b:cf:b2:eb:cf:ed:78:6e:30:3e:4c:ad:d0:86: 89:8d:66:33:47:41:41:60:b7:2b:d8:44:83:f2:0d: ef:cd:11:8d:a8:2c:7d:ee:94:b9:19:5d:5c:d9:44: 71:2e:f3:bf:ef:01:72:9f:92:1f:fa:da:de:17:ca: ce:52:f0:18:90:3b:ed:f3:d3:92:60:0c:18:8e:4a: 69:29:3e:8b:26:14:80:4b:4f:fc:f2:04:2b:7d:e1: 65:65:bb:1f:b0:e8:fd:e4:e3:ed:c0:22:b8:46:af: a9:e4:6a:8d:2d:8e:96:96:9b:27:61:22:17:76:44: d9:e5:00:9d:30:55:e1:0d:94:89:9d:52:f3:e8:16: 47:d3:78:cd:4e:0b:d9:6e:17:64:bb:68:48:b8:9a: 7e:88:7a:14:8c:95:93:b7:bc:a8:fd:b6:a4:08:dd: 78:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:05:A5:FD:A3:82:8C:38:CC:73:74:7B:D5:54:D6:57:2A:28:97:32 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:1000::/40 Signature Algorithm: sha256WithRSAEncryption 5a:17:5a:d3:bc:a4:9e:3a:1f:64:9b:a9:f5:5c:6d:6a:96:39: e9:73:ff:f3:a8:be:ff:58:cb:cf:6b:dc:3e:69:59:c0:e5:35: 1f:2e:94:f0:7e:af:53:00:65:79:b7:f5:bd:69:47:de:23:37: c3:81:f7:39:db:1c:90:31:32:93:f8:2b:d9:43:6d:35:1f:33: 89:f4:e0:84:9a:8c:47:3f:f7:3d:fc:85:5c:94:79:48:27:72: ae:74:b1:32:35:95:ef:1c:31:a1:a3:9c:65:0a:12:70:ed:cb: 29:34:1c:d6:72:37:9d:0c:93:b0:7d:29:09:0c:99:3e:2b:60: 8e:08:4e:f7:b6:41:01:f6:47:95:0a:a4:41:70:84:b7:23:3b: 1b:b9:97:c9:74:3e:96:2f:c6:5c:ff:13:1f:01:89:44:d6:8a: ec:00:ff:a5:4c:ed:24:82:02:31:0b:7e:2a:82:a7:8d:20:be: 32:f5:15:1b:c2:e6:f2:41:71:40:62:78:e0:ad:cc:e6:cb:ee: 2f:04:c6:a8:02:1f:b3:dd:45:76:51:0e:4b:69:33:64:d7:2f: 9b:e2:b4:dd:28:c9:5c:b9:f0:39:3b:2b:bb:45:c4:cc:9c:19: 61:62:65:52:66:73:8a:a1:33:da:ac:12:5f:1b:8f:4b:0b:22: 5b:67:c0:42 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNnTXWULkfqVoGVAAS31Fd6y07nswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwNTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGVhZDAzZTI3YzYwNTY4M2E4ODBjMDEwYmU0YTdmN2Y3MjRhZjZkMjU2Mjgy OWI0ZDhhODRjMzExOThhYTFlNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFTD0Kikl8kIRT9KJK6vJ5c408jbd+sGfDAo+xC9lbToAbvP+LlcVjtAPRk o4m7iwWCHGjDu5FmQ+4UDvFMRsWJQ6yeyfukuH7oWA2z7lvMlzTcFEj1BMMEB2vP suvP7XhuMD5MrdCGiY1mM0dBQWC3K9hEg/IN780Rjagsfe6UuRldXNlEcS7zv+8B cp+SH/ra3hfKzlLwGJA77fPTkmAMGI5KaSk+iyYUgEtP/PIEK33hZWW7H7Do/eTj 7cAiuEavqeRqjS2OlpabJ2EiF3ZE2eUAnTBV4Q2UiZ1S8+gWR9N4zU4L2W4XZLto SLiafoh6FIyVk7e8qP22pAjdeEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHBaX9 o4KMOMxzdHvVVNZXKiiXMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzU3YzY2MjItOTE2MS00NGQ3LWFiMTMtNmVhNmUwYmVkMmU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ MA0GCSqGSIb3DQEBCwUAA4IBAQBaF1rTvKSeOh9km6n1XG1qljnpc//zqL7/WMvP a9w+aVnA5TUfLpTwfq9TAGV5t/W9aUfeIzfDgfc52xyQMTKT+CvZQ201HzOJ9OCE moxHP/c9/IVclHlIJ3KudLEyNZXvHDGho5xlChJw7cspNBzWcjedDJOwfSkJDJk+ K2COCE73tkEB9keVCqRBcIS3IzsbuZfJdD6WL8Zc/xMfAYlE1orsAP+lTO0kggIx C34qgqeNIL4y9RUbwubyQXFAYnjgrczmy+4vBMaoAh+z3UV2UQ5LaTNk1y+b4rTd KMlcufA5Oyu7RcTMnBlhYmVSZnOKoTParBJfG49LCyJbZ8BC -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:39 2025 by rpki-client