This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa File: 3af05485-fd97-4026-a50e-0227f46bd107.roa (raw, json) Hash identifier: xxzuiWrEov1P43f+rwHvi2rHy4aff/QSRuOOoasbmZo= Subject key identifier: 03:98:C3:F2:91:44:6D:15:B7:97:28:47:13:86:3C:4B:C0:FB:95:C3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6578E02A1402D1B49CD97BAF985DB1AC1068FC10 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa Signing time: Wed 10 Dec 2025 05:20:07 +0000 ROA not before: Wed 10 Dec 2025 05:20:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:78:e0:2a:14:02:d1:b4:9c:d9:7b:af:98:5d:b1:ac:10:68:fc:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=02e70fe6d28345050963d49d883dfcde7827e36dfe634b25c5ae8f0724e8bfeb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:eb:73:f8:a4:76:f6:4b:ed:47:48:9e:39:20: 45:38:9d:80:1a:67:4a:d1:e6:d3:60:1b:6f:aa:f5: 99:07:5e:31:f2:0c:66:b6:c3:4e:66:81:3d:d6:36: 0d:00:c2:92:50:4f:80:23:5c:41:3c:b9:c0:eb:ad: 7d:cb:d6:72:23:58:a4:92:14:51:19:74:ac:ff:33: 5c:46:a8:14:5d:4a:be:b9:a0:93:bd:5c:7a:6a:62: ec:04:de:5a:47:9b:48:c3:30:ac:ae:42:ec:ef:ea: ef:67:3f:da:2d:3b:ff:b2:85:06:1a:5f:f0:8b:0f: 88:b7:ed:c6:fb:e5:c1:d2:80:d7:c1:29:16:5b:f9: af:6e:31:0a:71:06:5e:37:68:88:80:71:06:c8:a7: 12:83:04:a0:0e:43:4d:94:aa:bb:8a:71:e2:8c:68: f7:69:9f:53:96:d1:19:b0:cd:4e:0a:30:82:8b:1a: d0:18:80:3d:0a:c8:95:8f:4d:c2:a9:28:f8:90:cc: 4f:b6:8e:1a:c1:67:72:ab:dc:d0:3e:0b:57:c7:33: fa:b3:14:fd:9d:e3:6a:4b:cd:f4:80:91:5b:57:c8: 8c:fb:ac:41:3f:02:33:7b:a3:a2:24:c5:e0:41:43: 79:96:e8:73:11:81:d9:70:6d:3c:9d:a7:a4:dc:8f: 4d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:98:C3:F2:91:44:6D:15:B7:97:28:47:13:86:3C:4B:C0:FB:95:C3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3af05485-fd97-4026-a50e-0227f46bd107.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:6000::/40 Signature Algorithm: sha256WithRSAEncryption 43:17:72:94:a0:c7:86:74:86:a7:82:bb:ba:e5:3f:c6:fe:2e: d0:9e:05:a0:fd:8d:50:92:c8:c1:c0:73:74:93:7e:3d:90:2b: ac:cb:23:b2:9e:88:55:f3:c4:59:9a:32:2e:09:eb:d9:fc:86: 3f:d7:37:2a:40:0b:3f:5b:74:89:f5:d0:b1:d6:99:ec:e3:a0: f3:45:e6:06:91:e6:5b:29:c5:b4:72:56:53:18:df:c4:f3:07: 68:83:0c:f8:f6:b5:c3:20:83:6d:44:2d:a4:89:ba:07:bf:ff: e7:45:4e:ac:c7:4e:3c:25:f6:5a:19:7d:01:3c:67:8f:44:8b: 9f:6c:9d:d8:44:6d:4d:f3:e1:20:52:65:ae:8a:95:dd:89:92: ad:cf:af:77:f7:2a:b6:39:c7:fc:c3:14:94:e4:fd:b5:55:77: 44:f5:ee:3b:11:bd:21:bf:b6:a8:fb:91:ee:9f:59:99:2d:aa: cf:89:39:60:35:b2:5b:ee:56:dd:f9:fc:70:bb:98:b2:4e:5d: a6:32:b9:54:71:2d:ae:c6:7a:f8:2f:d4:15:f6:ab:fd:97:7a: 68:e3:58:71:51:f3:03:bb:b9:73:5d:cb:55:bf:4c:50:e9:84: 4b:b9:12:22:35:00:52:90:d4:cf:fc:ac:27:36:79:5e:1b:ee: 52:fd:4d:1c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZXjgKhQC0bSc2XuvmF2xrBBo/BAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDAyZTcwZmU2ZDI4MzQ1MDUwOTYzZDQ5ZDg4M2RmY2RlNzgyN2UzNmRmZTYz NGIyNWM1YWU4ZjA3MjRlOGJmZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7rc/ikdvZL7UdInjkgRTidgBpnStHm02Abb6r1mQdeMfIMZrbDTmaBPdY2 DQDCklBPgCNcQTy5wOutfcvWciNYpJIUURl0rP8zXEaoFF1Kvrmgk71cempi7ATe WkebSMMwrK5C7O/q72c/2i07/7KFBhpf8IsPiLftxvvlwdKA18EpFlv5r24xCnEG XjdoiIBxBsinEoMEoA5DTZSqu4px4oxo92mfU5bRGbDNTgowgosa0BiAPQrIlY9N wqko+JDMT7aOGsFncqvc0D4LV8cz+rMU/Z3jakvN9ICRW1fIjPusQT8CM3ujoiTF 4EFDeZbocxGB2XBtPJ2npNyPTS8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDmMPy kURtFbeXKEcThjxLwPuVwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2FmMDU0ODUtZmQ5Ny00MDI2LWE1MGUtMDIyN2Y0NmJkMTA3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9g MA0GCSqGSIb3DQEBCwUAA4IBAQBDF3KUoMeGdIangru65T/G/i7QngWg/Y1QksjB wHN0k349kCusyyOynohV88RZmjIuCevZ/IY/1zcqQAs/W3SJ9dCx1pns46DzReYG keZbKcW0clZTGN/E8wdogwz49rXDIINtRC2kiboHv//nRU6sx048JfZaGX0BPGeP RIufbJ3YRG1N8+EgUmWuipXdiZKtz6939yq2Ocf8wxSU5P21VXdE9e47Eb0hv7ao +5Hun1mZLarPiTlgNbJb7lbd+fxwu5iyTl2mMrlUcS2uxnr4L9QV9qv9l3po41hx UfMDu7lzXctVv0xQ6YRLuRIiNQBSkNTP/KwnNnleG+5S/U0c -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:50 2025 by rpki-client