This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json) Hash identifier: 62xYSn1pQzAWqT4IKdg7NvhjrywS5FvtS88wnb2WMIA= Subject key identifier: 4F:2E:07:15:6E:FF:38:59:B7:29:5E:FD:09:81:69:55:B0:54:14:2F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 21C7C6670EDF0262C0417BF31DFC7F10B630B9A6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa Signing time: Sat 15 Nov 2025 05:41:20 +0000 ROA not before: Sat 15 Nov 2025 05:41:20 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:c7:c6:67:0e:df:02:62:c0:41:7b:f3:1d:fc:7f:10:b6:30:b9:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:20 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=19c280e1f7c2a9ed950f9a5aa8c24c49ab7a4939a20cbcd67118b87c787d7f2d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:89:42:af:dd:17:6f:ff:61:6d:f8:9c:db:b1: 3c:c0:5a:bf:13:d6:c7:cc:e0:87:e4:bb:01:e8:40: e6:85:3f:37:08:91:8f:f9:98:bd:50:5d:0f:72:a5: 33:14:26:1c:c7:75:3c:ad:a1:d9:aa:47:6f:7d:33: c5:54:43:7b:83:f8:52:d6:ed:e8:1e:ef:08:85:a0: fa:d4:2c:02:2f:b8:eb:85:29:1d:23:ec:56:e2:33: d2:c9:82:cd:86:d1:6b:d3:66:9a:7e:b5:78:0e:b3: 49:e2:99:8c:7d:63:9a:79:6d:cd:09:0a:a7:6e:93: ac:c2:77:27:b1:af:a9:da:1a:e7:91:b9:46:0c:3b: 50:82:73:b2:4d:a0:7f:fa:1e:36:f8:d8:55:27:90: e3:6c:bc:f7:4f:46:e8:ba:26:57:75:0f:12:ae:d8: 66:72:84:b9:6c:93:31:c8:32:2e:ea:72:30:9e:cc: f1:c3:e6:b6:30:2b:0f:47:e7:b9:23:25:73:1d:3a: f0:9f:19:d0:f3:6e:d6:a0:c6:e3:2b:11:74:9a:4e: 21:c9:4d:68:3a:97:6c:da:4f:5e:63:b9:02:a1:b2: 27:38:8b:60:55:10:0a:38:56:a5:12:3d:e1:16:61: 8c:3e:e4:7f:29:c2:81:92:19:49:8c:15:ba:79:a7: d0:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:2E:07:15:6E:FF:38:59:B7:29:5E:FD:09:81:69:55:B0:54:14:2F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:9040::/48 Signature Algorithm: sha256WithRSAEncryption 99:cf:49:53:fe:50:e8:f2:48:c4:95:b8:a6:ae:62:63:14:00: fc:00:40:64:1f:04:a6:f7:c3:5b:4b:5e:82:52:e1:82:58:6d: de:3e:4d:79:18:50:3e:84:82:5e:10:8e:b6:7c:27:c3:38:35: a5:ef:ff:46:54:aa:c0:a7:a5:0b:a3:bd:77:53:ae:0a:b0:ae: 9b:d9:5e:3b:eb:f5:fb:9e:f1:52:ac:38:37:a5:22:0c:68:f2: 14:aa:11:eb:a3:bb:4b:ac:72:82:2c:a9:49:db:a5:05:f7:86: 34:52:73:2c:0c:68:43:5d:2c:be:9e:5a:50:c2:99:f2:cc:8a: 0c:51:21:1e:38:2a:f6:00:68:44:40:e6:59:ea:ec:79:7c:60: b3:bf:f9:3b:0a:de:4f:af:23:e2:d1:7a:3b:fd:d9:9b:5b:08: 5d:b4:2a:19:d7:e3:57:23:b1:2a:5a:f1:ac:6e:eb:1d:b9:18: 21:c5:be:d3:db:80:55:c3:d8:da:e7:4c:ff:39:b8:3a:00:35: d0:b7:2b:c7:ea:98:2b:8f:81:62:58:e4:05:e9:55:2e:c3:1d: 04:a3:5d:34:b2:ed:64:e5:fa:0a:58:8e:13:ec:cb:6c:20:68: 7e:af:a8:33:f8:27:0b:52:d3:b2:d9:1e:16:15:98:40:ad:7c: ca:97:73:90 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUIcfGZw7fAmLAQXvzHfx/ELYwuaYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMjBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDE5YzI4MGUxZjdjMmE5ZWQ5NTBmOWE1YWE4YzI0YzQ5YWI3YTQ5MzlhMjBj YmNkNjcxMThiODdjNzg3ZDdmMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuJQq/dF2//YW34nNuxPMBavxPWx8zgh+S7AehA5oU/NwiRj/mYvVBdD3Kl MxQmHMd1PK2h2apHb30zxVRDe4P4Utbt6B7vCIWg+tQsAi+464UpHSPsVuIz0smC zYbRa9Nmmn61eA6zSeKZjH1jmnltzQkKp26TrMJ3J7Gvqdoa55G5Rgw7UIJzsk2g f/oeNvjYVSeQ42y8909G6LomV3UPEq7YZnKEuWyTMcgyLupyMJ7M8cPmtjArD0fn uSMlcx068J8Z0PNu1qDG4ysRdJpOIclNaDqXbNpPXmO5AqGyJziLYFUQCjhWpRI9 4RZhjD7kfynCgZIZSYwVunmn0HcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRPLgcV bv84WbcpXv0JgWlVsFQULzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ QDANBgkqhkiG9w0BAQsFAAOCAQEAmc9JU/5Q6PJIxJW4pq5iYxQA/ABAZB8EpvfD W0teglLhglht3j5NeRhQPoSCXhCOtnwnwzg1pe//RlSqwKelC6O9d1OuCrCum9le O+v1+57xUqw4N6UiDGjyFKoR66O7S6xygiypSdulBfeGNFJzLAxoQ10svp5aUMKZ 8syKDFEhHjgq9gBoREDmWerseXxgs7/5OwreT68j4tF6O/3Zm1sIXbQqGdfjVyOx KlrxrG7rHbkYIcW+09uAVcPY2udM/zm4OgA10Lcrx+qYK4+BYljkBelVLsMdBKNd NLLtZOX6CliOE+zLbCBofq+oM/gnC1LTstkeFhWYQK18ypdzkA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:44 2025 by rpki-client