This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa File: 36e6bf1a-660d-40a9-a561-406ff743fc37.roa (raw, json) Hash identifier: qI9w/KmE95KZkBYxSdBbFHHQp2jF2IXFjWs+/gBrj9M= Subject key identifier: FC:A8:47:50:4A:B8:4F:64:DC:36:10:CC:EF:F1:8A:56:24:09:69:DA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: ABB85AEFE5EA05C40E74BE1EA5D25B0E00F526 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa Signing time: Sat 15 Nov 2025 06:21:08 +0000 ROA not before: Sat 15 Nov 2025 06:21:08 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d03a:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: ab:b8:5a:ef:e5:ea:05:c4:0e:74:be:1e:a5:d2:5b:0e:00:f5:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:21:08 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=47907a65d62c7a0414d4d1754eead606e6bfe5d2da03f3a053c39658240a6747, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:62:07:ff:47:ce:59:d1:15:86:93:ce:8f:66: b8:b4:6a:4b:4e:72:73:81:16:31:d1:81:73:69:39: bf:3b:ec:ec:41:c2:0e:d6:ec:48:3e:2e:d0:61:dd: 13:0e:bf:24:75:6d:c7:9a:2f:c0:3b:b5:de:3c:d4: af:78:15:60:6c:a4:6e:f2:5e:17:4a:2b:c7:9a:3f: 3c:d1:60:a6:37:ee:ef:1b:5b:35:3e:ba:c2:31:ef: 7a:35:eb:e8:ac:2d:a3:2a:ea:75:02:b4:1a:7a:fc: 34:cc:44:34:65:60:fb:74:74:a8:3e:f3:8a:2b:a5: a2:8a:d6:84:c4:a6:ec:80:b5:7f:7d:a0:2b:1d:82: 80:11:24:17:88:77:26:ae:86:6c:5a:55:03:42:b5: e2:d7:95:30:77:cb:f0:67:fb:52:d3:47:c0:70:99: 82:bc:db:2c:df:ec:72:8c:3a:90:f3:61:5e:c2:80: 0c:02:68:0f:8d:28:55:6c:4c:c3:c8:b3:9d:4a:59: da:d7:81:8f:2b:d4:b6:ea:53:93:23:9a:b3:85:5f: b8:88:37:33:23:ce:c0:67:78:1d:2c:f2:01:8c:db: 89:88:e6:1c:13:e4:d8:5b:de:f0:9c:c4:4a:3f:c1: 42:3e:66:b3:57:7d:99:c8:68:37:aa:64:00:c0:78: 98:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:A8:47:50:4A:B8:4F:64:DC:36:10:CC:EF:F1:8A:56:24:09:69:DA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36e6bf1a-660d-40a9-a561-406ff743fc37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d03a:1000::/40 Signature Algorithm: sha256WithRSAEncryption 9b:b7:3a:0a:2e:a4:8d:51:ab:a3:d2:e2:3b:83:5e:68:8b:88: d8:ae:53:5f:c8:0b:36:f2:c1:1f:15:f8:7d:cc:15:7b:df:18: 2c:72:3b:58:98:81:8c:0e:07:19:be:ec:c8:60:10:38:dd:40: 39:74:1c:69:59:d6:2d:ea:28:aa:67:89:6c:79:b1:5c:6d:10: 02:72:3e:c0:dd:b2:a5:bb:b3:e6:59:ad:ac:5c:52:f7:0a:f8: fb:ea:2d:14:48:f9:1a:87:49:55:8e:74:ec:ba:c9:8c:76:5b: 63:6c:7c:a1:72:16:f0:d4:18:41:7b:68:7d:8e:8a:2b:0b:48: 17:16:52:0f:90:c2:bd:b5:f6:22:f6:17:26:d0:f6:8f:85:e3: d0:7c:26:c5:d7:58:91:8e:63:31:63:01:ce:3c:03:74:71:cb: b0:41:f6:7b:cb:44:ec:9d:35:8b:46:d3:84:8c:c2:f3:97:ed: 09:d7:d8:18:04:ab:9d:41:81:04:b1:86:53:f5:84:35:79:92: ee:76:d0:03:c7:48:e9:d0:01:d9:82:2d:3d:03:7f:4d:4f:3d: fc:d6:a2:8f:ed:cf:a7:b8:60:e8:8c:00:47:cf:8f:0e:9f:31: 5b:72:d5:16:de:8e:c4:ac:c3:71:6d:06:2c:ec:df:e0:1b:d3: 30:18:03:a9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUAKu4Wu/l6gXEDnS+HqXSWw4A9SYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIxMDhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ3OTA3YTY1ZDYyYzdhMDQxNGQ0ZDE3NTRlZWFkNjA2ZTZiZmU1ZDJkYTAz ZjNhMDUzYzM5NjU4MjQwYTY3NDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxiB/9HzlnRFYaTzo9muLRqS05yc4EWMdGBc2k5vzvs7EHCDtbsSD4u0GHd Ew6/JHVtx5ovwDu13jzUr3gVYGykbvJeF0orx5o/PNFgpjfu7xtbNT66wjHvejXr 6KwtoyrqdQK0Gnr8NMxENGVg+3R0qD7ziiuloorWhMSm7IC1f32gKx2CgBEkF4h3 Jq6GbFpVA0K14teVMHfL8Gf7UtNHwHCZgrzbLN/scow6kPNhXsKADAJoD40oVWxM w8iznUpZ2teBjyvUtupTkyOas4VfuIg3MyPOwGd4HSzyAYzbiYjmHBPk2Fve8JzE Sj/BQj5ms1d9mchoN6pkAMB4mLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8qEdQ SrhPZNw2EMzv8YpWJAlp2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzZlNmJmMWEtNjYwZC00MGE5LWE1NjEtNDA2ZmY3NDNmYzM3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoQ MA0GCSqGSIb3DQEBCwUAA4IBAQCbtzoKLqSNUauj0uI7g15oi4jYrlNfyAs28sEf Ffh9zBV73xgscjtYmIGMDgcZvuzIYBA43UA5dBxpWdYt6iiqZ4lsebFcbRACcj7A 3bKlu7PmWa2sXFL3Cvj76i0USPkah0lVjnTsusmMdltjbHyhchbw1BhBe2h9joor C0gXFlIPkMK9tfYi9hcm0PaPhePQfCbF11iRjmMxYwHOPAN0ccuwQfZ7y0TsnTWL RtOEjMLzl+0J19gYBKudQYEEsYZT9YQ1eZLudtADx0jp0AHZgi09A39NTz381qKP 7c+nuGDojABHz48OnzFbctUW3o7ErMNxbQYs7N/gG9MwGAOp -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:25 2025 by rpki-client