This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json) Hash identifier: xYXCJGNxVJUwG5dfF91dubWx+9UrFD1aT/tArGwyzEU= Subject key identifier: 52:5F:8C:21:A8:DA:68:F7:2B:55:68:46:F3:8E:A7:97:F5:69:04:84 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 78D33EEECC0B9F767390A962B491374D3FDA9711 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa Signing time: Sat 15 Nov 2025 06:10:28 +0000 ROA not before: Sat 15 Nov 2025 06:10:28 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d036::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:d3:3e:ee:cc:0b:9f:76:73:90:a9:62:b4:91:37:4d:3f:da:97:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:28 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=e3e31d5d9fd4f906ee20a635281de5c7f7b37454a969f9be5444994aee276093, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:fe:98:d0:e6:d7:7f:78:64:5c:57:ec:a6:59: 92:5d:6b:4e:6e:43:42:1e:56:f6:b2:48:00:72:7d: bc:21:cf:0f:37:86:aa:f3:95:1d:27:f5:79:b3:8a: 1a:4c:cf:2a:ed:c6:5b:32:66:0c:49:ce:a3:58:d0: 29:80:58:80:6f:04:0e:58:d5:05:e3:62:15:2f:be: 1d:61:4e:45:97:9a:8c:46:e0:30:a9:a7:d4:97:6a: c3:6b:61:79:a1:49:8f:f8:d4:05:11:20:3e:0f:a3: df:a4:a5:b4:5a:5b:9c:7c:65:bc:f4:46:34:0b:96: 5b:fb:c0:7e:e5:9e:1e:d5:e6:60:fc:e0:5f:30:93: 4a:20:6a:6b:89:fa:fc:f8:a9:d0:7d:b8:af:04:92: 3e:13:8a:84:5d:79:6c:f6:ad:42:b3:31:a5:3d:21: 80:1d:64:58:b5:70:9c:64:ff:aa:02:e6:f4:57:aa: 88:2d:31:6d:91:58:eb:fb:2c:30:f0:a9:83:d5:82: db:13:cb:8c:70:96:43:0e:e0:97:af:1f:4e:5f:9e: 5d:f9:0d:9b:74:e9:1b:65:0a:be:0e:33:0d:e7:b0: b6:92:18:82:ec:59:e9:78:5e:d9:e2:86:39:24:d2: 16:e5:6e:8c:45:d4:78:27:33:bf:34:60:0e:30:7a: 9f:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:5F:8C:21:A8:DA:68:F7:2B:55:68:46:F3:8E:A7:97:F5:69:04:84 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d036::/32 Signature Algorithm: sha256WithRSAEncryption 6a:57:4b:d7:88:a2:73:09:4a:a1:d4:9d:88:3c:eb:ee:cd:e3: 1f:2c:16:51:f8:bf:8b:af:5d:37:58:d5:fc:1b:d4:6b:24:23: 65:33:c8:ee:88:d0:c9:87:f6:d8:60:56:10:7a:5e:3c:ad:66: e3:a2:fd:87:17:53:2c:cc:45:e0:03:69:4a:85:09:26:de:b5: 27:50:74:63:c7:30:b6:10:bb:1b:36:ef:c4:ad:ed:8c:cf:c4: 06:18:ae:04:9f:d8:ba:0d:4a:8e:f5:ba:00:0d:a0:94:3d:74: 2e:87:84:39:5b:dc:0e:78:58:a0:fb:9c:14:97:b9:f4:a5:2b: a6:36:65:bb:a2:07:ec:70:62:80:2a:7b:39:d5:34:d5:ef:47: 31:86:bd:5f:2e:00:49:f8:e0:3a:eb:f9:d3:a3:c7:1e:0c:bc: 08:87:54:e8:23:5e:7c:ce:22:01:87:61:2d:65:cb:de:f5:2f: 0b:cc:e8:1c:1e:54:be:03:84:8b:de:a0:a0:ba:01:4f:2d:22: 32:8a:cc:08:86:e8:a9:f2:4b:c8:96:5e:81:75:f3:cf:df:34: 77:28:4d:18:37:ff:e0:2b:1f:6c:df:b3:7f:8a:11:42:8d:df: e6:85:46:bc:b1:a8:d8:f2:f0:2a:ea:5f:e0:69:84:52:fb:81: 45:7b:23:58 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUeNM+7swLn3ZzkKlitJE3TT/alxEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMjhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGUzZTMxZDVkOWZkNGY5MDZlZTIwYTYzNTI4MWRlNWM3ZjdiMzc0NTRhOTY5 ZjliZTU0NDQ5OTRhZWUyNzYwOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ/+mNDm1394ZFxX7KZZkl1rTm5DQh5W9rJIAHJ9vCHPDzeGqvOVHSf1ebOK GkzPKu3GWzJmDEnOo1jQKYBYgG8EDljVBeNiFS++HWFORZeajEbgMKmn1Jdqw2th eaFJj/jUBREgPg+j36SltFpbnHxlvPRGNAuWW/vAfuWeHtXmYPzgXzCTSiBqa4n6 /Pip0H24rwSSPhOKhF15bPatQrMxpT0hgB1kWLVwnGT/qgLm9FeqiC0xbZFY6/ss MPCpg9WC2xPLjHCWQw7gl68fTl+eXfkNm3TpG2UKvg4zDeewtpIYguxZ6Xhe2eKG OSTSFuVujEXUeCczvzRgDjB6nyUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRSX4wh qNpo9ytVaEbzjqeX9WkEhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw DQYJKoZIhvcNAQELBQADggEBAGpXS9eIonMJSqHUnYg86+7N4x8sFlH4v4uvXTdY 1fwb1GskI2UzyO6I0MmH9thgVhB6XjytZuOi/YcXUyzMReADaUqFCSbetSdQdGPH MLYQuxs278St7YzPxAYYrgSf2LoNSo71ugANoJQ9dC6HhDlb3A54WKD7nBSXufSl K6Y2ZbuiB+xwYoAqeznVNNXvRzGGvV8uAEn44Drr+dOjxx4MvAiHVOgjXnzOIgGH YS1ly971LwvM6BweVL4DhIveoKC6AU8tIjKKzAiG6KnyS8iWXoF188/fNHcoTRg3 /+ArH2zfs3+KEUKN3+aFRryxqNjy8CrqX+BphFL7gUV7I1g= -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:45 2025 by rpki-client