This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json) Hash identifier: RxkP4AwaxGrj/3R3xCg2wHDGz7+KE27xC5xKQCERpUU= Subject key identifier: 1B:34:1F:A9:C3:AC:AF:42:36:AB:C5:CE:43:77:B4:FB:D9:00:82:49 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3EB9617F5E330BCE43ADBFEABB735F4D6FD0AC9B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa Signing time: Wed 10 Dec 2025 06:30:10 +0000 ROA not before: Wed 10 Dec 2025 06:30:10 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d036:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:b9:61:7f:5e:33:0b:ce:43:ad:bf:ea:bb:73:5f:4d:6f:d0:ac:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:10 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=642efb0a33df8ed92576eaa214148473f46ed4b0c34d3000b77737750a3fd212, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:40:c8:a9:24:ea:61:0c:c5:85:92:92:6e:33: 1e:d3:ff:6f:75:77:31:fc:f5:30:c8:cc:5a:6a:28: d1:cd:de:ba:16:76:d5:c5:70:49:a0:4f:86:30:81: ce:c6:7f:bc:d5:8c:f1:40:55:53:6e:33:de:7d:fa: 1e:a4:cf:b6:58:e7:33:64:14:80:30:5d:8d:cb:51: 41:f5:b4:2b:df:27:41:a7:2e:73:0b:21:dd:07:7f: 4e:42:ed:22:5e:08:8f:98:07:0a:9c:ad:79:67:d3: 95:b5:04:67:32:a4:62:5a:ff:5b:c7:f2:53:15:24: 7a:d4:db:b0:ed:51:3c:5f:27:e6:7b:1b:9d:2c:11: ad:17:bd:b6:d1:cf:24:7a:11:73:1f:90:15:6b:0e: be:15:9e:ad:a4:96:bf:a1:87:6b:9c:ba:d8:2c:c8: c5:ab:e2:2e:1d:83:68:f3:29:9a:8a:87:91:4b:19: db:09:86:55:94:5e:37:13:4c:b9:dd:db:23:83:c0: b5:68:a3:f3:5f:e8:07:de:f2:e9:2a:4f:70:a6:da: 48:d2:c3:dc:04:a5:00:8b:7f:de:a5:66:b3:fb:fb: e7:2e:ad:29:3c:e8:10:27:50:fe:e5:d5:c2:b3:7e: 30:c7:0a:98:e7:27:84:33:06:47:b9:cb:15:a9:2a: af:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:34:1F:A9:C3:AC:AF:42:36:AB:C5:CE:43:77:B4:FB:D9:00:82:49 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d036:8000::/40 Signature Algorithm: sha256WithRSAEncryption 58:84:5d:5a:36:99:da:5d:69:bf:f2:61:fd:17:6e:69:c4:bd: f7:d3:45:42:97:99:6f:0e:ee:c1:6c:4c:80:c6:1c:b2:03:7d: 8f:67:3c:f8:38:33:00:2c:0a:91:47:07:12:19:1b:59:9f:af: 84:5f:31:e5:27:ec:3f:ff:74:5a:57:c9:a2:a3:40:41:62:b3: e5:58:8e:83:b3:ff:19:28:53:43:50:6c:68:62:3f:b2:ab:5c: 8c:69:9f:26:ca:fc:82:57:06:1f:b7:b4:73:e7:65:9b:d4:51: ef:22:30:22:0d:66:14:90:7b:ba:4b:ba:4d:4c:d1:b0:4b:af: e4:52:3e:1c:1d:71:25:43:7a:2a:34:b3:17:20:47:bc:c6:41: 96:d9:3b:30:85:a5:13:ed:91:aa:8d:ce:90:1a:9b:66:bf:2d: e1:b7:df:62:f1:fd:b0:7a:55:d6:90:80:57:de:bd:90:95:8b: 7b:2b:7f:e4:6c:bc:88:33:4e:84:75:47:6d:f1:ee:fa:d6:5f: 6f:ab:c1:00:21:0c:cc:db:bb:ce:ba:b2:db:dd:53:07:b5:7b: 17:46:dc:5f:85:be:fa:50:31:ad:bf:4c:a6:21:c6:3b:5c:71: ef:f3:73:74:d2:40:bf:3b:73:d9:94:5f:ab:26:30:9c:c0:a1: 17:5f:44:b6 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPrlhf14zC85Drb/qu3NfTW/QrJswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDY0MmVmYjBhMzNkZjhlZDkyNTc2ZWFhMjE0MTQ4NDczZjQ2ZWQ0YjBjMzRk MzAwMGI3NzczNzc1MGEzZmQyMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOFAyKkk6mEMxYWSkm4zHtP/b3V3Mfz1MMjMWmoo0c3euhZ21cVwSaBPhjCB zsZ/vNWM8UBVU24z3n36HqTPtljnM2QUgDBdjctRQfW0K98nQacucwsh3Qd/TkLt Il4Ij5gHCpyteWfTlbUEZzKkYlr/W8fyUxUketTbsO1RPF8n5nsbnSwRrRe9ttHP JHoRcx+QFWsOvhWeraSWv6GHa5y62CzIxaviLh2DaPMpmoqHkUsZ2wmGVZReNxNM ud3bI4PAtWij81/oB97y6SpPcKbaSNLD3ASlAIt/3qVms/v75y6tKTzoECdQ/uXV wrN+MMcKmOcnhDMGR7nLFakqrw0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbNB+p w6yvQjarxc5Dd7T72QCCSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA MA0GCSqGSIb3DQEBCwUAA4IBAQBYhF1aNpnaXWm/8mH9F25pxL3300VCl5lvDu7B bEyAxhyyA32PZzz4ODMALAqRRwcSGRtZn6+EXzHlJ+w//3RaV8mio0BBYrPlWI6D s/8ZKFNDUGxoYj+yq1yMaZ8myvyCVwYft7Rz52Wb1FHvIjAiDWYUkHu6S7pNTNGw S6/kUj4cHXElQ3oqNLMXIEe8xkGW2TswhaUT7ZGqjc6QGptmvy3ht99i8f2welXW kIBX3r2QlYt7K3/kbLyIM06EdUdt8e761l9vq8EAIQzM27vOurLb3VMHtXsXRtxf hb76UDGtv0ymIcY7XHHv83N00kC/O3PZlF+rJjCcwKEXX0S2 -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:03 2025 by rpki-client