This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa File: 3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa (raw, json) Hash identifier: qhR2GeBQv0IO1F3s0Nkgw1pAsh8OyH8/peJ5KX5hwYA= Subject key identifier: F3:44:35:F5:33:5B:C8:36:B7:32:D9:33:BF:19:DB:3C:49:4A:35:91 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 075D23E5B5796F7EC8D5FC7686BBCFB78F05DBB6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa Signing time: Sat 15 Nov 2025 05:20:11 +0000 ROA not before: Sat 15 Nov 2025 05:20:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:5d:23:e5:b5:79:6f:7e:c8:d5:fc:76:86:bb:cf:b7:8f:05:db:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=41297a42286eaa1c1fd0df1f9979bfc08ee6bad56806b7813b688ca7bd132e15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:17:88:2d:30:2b:44:85:4e:ed:ef:69:6e:c5: e2:7a:ca:43:d0:36:fb:a0:af:98:36:2b:b8:1f:b3: 92:be:15:e3:97:a7:87:e9:cf:76:e1:e7:72:5c:4b: ce:7a:fb:d3:51:01:a4:fd:47:10:7f:4a:22:64:79: c9:27:0c:4f:6d:25:9f:c6:a5:78:63:98:38:08:6d: 03:be:6d:8a:a6:15:fe:d8:b8:49:aa:46:14:ba:18: 0a:f2:52:d3:b6:6b:6f:1d:ba:19:18:c7:63:9b:d2: dd:50:92:a3:1c:df:02:dc:06:69:cb:a3:82:ae:7e: 30:93:6a:fe:96:f2:37:d3:e7:4f:4e:c2:40:04:03: 61:f5:44:82:4c:47:00:d0:4f:32:74:0f:4f:b3:9c: 09:98:65:c1:d1:f0:2e:aa:9a:cd:98:63:1f:ee:df: 4e:22:7a:b5:f8:2f:53:6e:fe:18:3a:9b:fb:32:33: 00:cb:c2:2e:16:ae:66:5b:b2:e5:27:86:ff:d1:77: 24:81:03:eb:1f:9a:67:c3:df:24:79:15:f3:4d:86: c0:0a:d0:c1:0a:3f:1b:32:12:bd:72:08:30:1b:cb: e3:b3:38:b5:3a:62:50:5f:49:ad:4d:39:0e:ba:70: 40:93:07:90:3a:90:d8:9b:bd:0a:64:2e:f9:a2:72: ff:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:44:35:F5:33:5B:C8:36:B7:32:D9:33:BF:19:DB:3C:49:4A:35:91 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:c000::/40 Signature Algorithm: sha256WithRSAEncryption 5e:ec:0f:66:43:76:e0:87:07:15:0e:fe:8f:d1:fe:7c:e6:c1: ba:a1:a8:fb:f4:ab:fb:6f:c6:9a:b1:69:32:fa:2a:d1:80:7d: 87:c7:f3:27:7e:f5:05:0f:1c:76:30:53:03:db:b7:31:42:40: 93:8d:dc:88:6a:f4:bd:64:83:4b:c7:ba:99:9d:23:58:85:3b: 0e:1d:8e:06:a8:dd:4a:e5:0b:e7:73:0d:e2:2a:0a:4b:00:10: 4a:0d:0f:8f:a5:2c:88:ba:fe:11:bb:40:b1:b4:12:e6:16:f3: 1b:ab:ab:81:32:0e:48:e2:3c:be:6f:b7:cb:9b:7c:89:ee:c4: 87:b7:d9:c5:b7:a2:23:c4:81:7b:5c:f8:29:f7:93:68:39:a4: 3b:92:37:61:3b:d9:07:fe:db:a5:ec:ae:7a:80:02:c2:80:e0: 2e:ec:b8:f3:11:35:0c:69:2e:da:dd:07:35:ad:33:ae:d1:70: 99:1b:0c:54:5d:5f:6f:ff:0b:8d:34:4b:f9:3e:74:8e:c1:6e: d2:ad:a5:d1:28:22:f9:a8:e4:cd:00:20:84:77:b6:e9:21:c0: e7:2c:8c:87:97:9e:5a:a1:5f:1e:69:ae:7b:b2:d7:9f:1e:2c: c6:36:0a:46:18:03:91:a2:5f:13:f7:6f:c9:eb:8b:75:35:57: 84:44:16:46 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUB10j5bV5b37I1fx2hrvPt48F27YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQxMjk3YTQyMjg2ZWFhMWMxZmQwZGYxZjk5NzliZmMwOGVlNmJhZDU2ODA2 Yjc4MTNiNjg4Y2E3YmQxMzJlMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKcXiC0wK0SFTu3vaW7F4nrKQ9A2+6CvmDYruB+zkr4V45enh+nPduHnclxL znr701EBpP1HEH9KImR5yScMT20ln8aleGOYOAhtA75tiqYV/ti4SapGFLoYCvJS 07Zrbx26GRjHY5vS3VCSoxzfAtwGacujgq5+MJNq/pbyN9PnT07CQAQDYfVEgkxH ANBPMnQPT7OcCZhlwdHwLqqazZhjH+7fTiJ6tfgvU27+GDqb+zIzAMvCLhauZluy 5SeG/9F3JIED6x+aZ8PfJHkV802GwArQwQo/GzISvXIIMBvL47M4tTpiUF9JrU05 DrpwQJMHkDqQ2Ju9CmQu+aJy/zMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzRDX1 M1vINrcy2TO/Gds8SUo1kTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2I1YzY4ZDMtZTVhMS00NzQyLWE5MGMtNTliMWUyOWNmYzAwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/A MA0GCSqGSIb3DQEBCwUAA4IBAQBe7A9mQ3bghwcVDv6P0f585sG6oaj79Kv7b8aa sWky+irRgH2Hx/MnfvUFDxx2MFMD27cxQkCTjdyIavS9ZINLx7qZnSNYhTsOHY4G qN1K5Qvncw3iKgpLABBKDQ+PpSyIuv4Ru0CxtBLmFvMbq6uBMg5I4jy+b7fLm3yJ 7sSHt9nFt6IjxIF7XPgp95NoOaQ7kjdhO9kH/tul7K56gALCgOAu7LjzETUMaS7a 3Qc1rTOu0XCZGwxUXV9v/wuNNEv5PnSOwW7SraXRKCL5qOTNACCEd7bpIcDnLIyH l55aoV8eaa57stefHizGNgpGGAORol8T92/J64t1NVeERBZG -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:07 2025 by rpki-client