This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa File: 42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa (raw, json) Hash identifier: v/Pue077JdmPZlj4zE7jRoatiu6d4Cc6EK72gokX2+M= Subject key identifier: EE:D5:3A:0B:45:27:55:EA:0C:2C:30:A6:87:1A:85:85:5E:CA:23:DD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7B002DCF81E6246F173EA0878E16BED2CCC6DC21 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa Signing time: Sat 15 Nov 2025 05:40:04 +0000 ROA not before: Sat 15 Nov 2025 05:40:04 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:8090::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:00:2d:cf:81:e6:24:6f:17:3e:a0:87:8e:16:be:d2:cc:c6:dc:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:04 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a6a1824075eef1a090e969fdcfee175aa1190b2dff0605ebb0dbce0fa5c683f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:19:70:c2:3d:41:9a:88:4d:1e:4f:3b:84:d6: c6:0c:50:7a:9b:57:5d:0c:c7:99:02:43:fa:36:f6: ce:06:5a:d7:cd:3f:7d:6d:47:d6:a7:2c:c6:66:15: b3:71:1f:4a:b1:61:be:2e:42:79:08:cf:7d:c7:72: e4:90:20:57:f1:2e:94:72:29:6e:d4:7a:de:fc:8f: fc:0d:58:3e:40:bb:2a:79:9e:3b:e5:b2:19:2a:74: e1:78:7f:9b:9c:6a:5c:70:53:98:b3:d0:d2:05:b0: 31:65:21:a8:89:7d:1f:3a:0a:0d:62:90:d3:6f:9b: e0:b8:fd:ed:f3:4c:26:24:80:24:41:95:47:44:7a: 25:a5:1c:2b:6e:ad:85:64:6f:7a:b9:5a:f8:73:e9: 7d:4b:da:ea:da:eb:56:42:a5:45:78:5c:d7:43:20: bd:92:5e:6d:8c:a4:3d:1e:21:07:cb:21:55:2b:e6: f1:83:a5:6e:b0:3f:30:89:23:c7:7f:f5:99:5a:ae: da:b8:26:86:27:07:33:2c:b8:36:8d:59:58:02:9a: f0:9c:81:4b:ea:76:99:85:0b:02:71:ce:4b:bb:ec: 0c:81:96:86:4c:d6:cc:08:c9:5b:fd:f5:96:58:ef: f5:f5:70:e0:20:a6:1d:a6:70:82:c6:c9:2d:3b:73: 92:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:D5:3A:0B:45:27:55:EA:0C:2C:30:A6:87:1A:85:85:5E:CA:23:DD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:8090::/48 Signature Algorithm: sha256WithRSAEncryption 28:1b:11:a8:ec:7d:34:0f:80:f7:73:4b:59:6e:bd:63:0e:2c: 55:a8:81:08:9a:0f:d7:82:fb:16:93:96:fb:99:1e:bd:92:f5: 1b:f7:9d:92:6a:dd:b8:fc:82:25:31:c9:83:9f:b2:67:25:24: b1:f6:97:a2:de:19:70:cc:74:83:45:22:8a:a4:ce:e5:4e:38: c5:d6:b7:1d:70:ae:fe:9c:f5:da:c5:0b:f4:0f:c2:bc:92:0b: ae:70:e9:a7:6d:3e:ab:a6:ed:a2:51:85:24:38:6c:a6:a8:cd: d6:b7:f7:f8:56:31:16:e4:b2:ed:e2:f7:a3:7d:6b:a0:a5:38: 94:17:7a:3a:3d:66:a7:ba:c3:7f:16:e9:ad:4a:4f:0c:b3:e6: 6d:6c:25:cc:0d:a2:e0:99:9b:bb:d4:c4:72:50:48:6c:cc:7c: 6f:d5:73:b7:a8:69:3a:cc:5b:c8:d9:ad:ef:f2:b0:a0:3b:c6: fd:17:0b:0b:c9:36:36:fe:b7:10:80:0d:e9:d8:fe:ef:20:c7: d4:54:e1:9a:66:cf:bc:74:89:33:05:f1:e8:d7:a7:d8:77:3e: 16:72:3f:ef:03:42:45:52:6a:a0:3e:95:4e:e5:65:29:95:70: 4b:df:32:72:dc:1c:fd:11:87:de:a9:24:26:71:0d:12:38:16: 51:b7:fa:9d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUewAtz4HmJG8XPqCHjha+0szG3CEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwMDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGE2YTE4MjQwNzVlZWYxYTA5MGU5NjlmZGNmZWUxNzVhYTExOTBiMmRmZjA2 MDVlYmIwZGJjZTBmYTVjNjgzZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgZcMI9QZqITR5PO4TWxgxQeptXXQzHmQJD+jb2zgZa180/fW1H1qcsxmYV s3EfSrFhvi5CeQjPfcdy5JAgV/EulHIpbtR63vyP/A1YPkC7KnmeO+WyGSp04Xh/ m5xqXHBTmLPQ0gWwMWUhqIl9HzoKDWKQ02+b4Lj97fNMJiSAJEGVR0R6JaUcK26t hWRverla+HPpfUva6trrVkKlRXhc10MgvZJebYykPR4hB8shVSvm8YOlbrA/MIkj x3/1mVqu2rgmhicHMyy4No1ZWAKa8JyBS+p2mYULAnHOS7vsDIGWhkzWzAjJW/31 lljv9fVw4CCmHaZwgsbJLTtzkiMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTu1ToL RSdV6gwsMKaHGoWFXsoj3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDJlZjdkODktYjliZi00NjBmLWI5MDYtNzQ0M2Q5NmY0YTZmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA kDANBgkqhkiG9w0BAQsFAAOCAQEAKBsRqOx9NA+A93NLWW69Yw4sVaiBCJoP14L7 FpOW+5kevZL1G/edkmrduPyCJTHJg5+yZyUksfaXot4ZcMx0g0UiiqTO5U44xda3 HXCu/pz12sUL9A/CvJILrnDpp20+q6btolGFJDhspqjN1rf3+FYxFuSy7eL3o31r oKU4lBd6Oj1mp7rDfxbprUpPDLPmbWwlzA2i4Jmbu9TEclBIbMx8b9Vzt6hpOsxb yNmt7/KwoDvG/RcLC8k2Nv63EIAN6dj+7yDH1FThmmbPvHSJMwXx6Nen2Hc+FnI/ 7wNCRVJqoD6VTuVlKZVwS98yctwc/RGH3qkkJnENEjgWUbf6nQ== -----END CERTIFICATE-----Generated at Sat Dec 6 21:33:09 2025 by rpki-client