This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa File: 4a3909fa-da3d-4cd8-918f-7755304d49d1.roa (raw, json) Hash identifier: JgrRyUBQV32+8RN70OrNjpQuhvlq+rTfmy9QjsKhFuM= Subject key identifier: E4:DE:22:D2:66:BC:15:86:7D:D6:78:13:7C:94:FF:9C:0E:FD:FF:20 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3005DAA905B99B0006B6A15EE478E62BF92DA3B9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa Signing time: Sat 15 Nov 2025 05:20:40 +0000 ROA not before: Sat 15 Nov 2025 05:20:40 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:05:da:a9:05:b9:9b:00:06:b6:a1:5e:e4:78:e6:2b:f9:2d:a3:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:40 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=d5f34e3eb7cbdfe7cdfbf89fa21a183cd1e16a713081dead30f5c76c866cbc41, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:fb:fe:26:f5:f5:b3:c5:c6:9e:d7:48:3b:70: ce:c1:32:ea:9c:3d:2b:4d:86:21:2f:82:c7:62:08: 2a:b8:1d:82:b8:f3:7c:9a:c6:b8:a5:61:ad:2e:4f: a2:c9:22:75:ae:aa:db:6c:28:9a:46:22:13:bd:13: 90:2a:17:ef:78:33:d1:7c:b3:3a:e1:9f:f0:08:c6: 36:a5:9c:bf:62:f5:ef:56:7d:8c:f4:63:b5:ba:c1: 5d:2a:2c:4b:2e:f1:48:14:f0:d2:da:55:75:29:00: 8e:d1:72:b7:49:56:7b:5f:6b:32:d8:4f:d5:08:50: d1:45:34:d0:cb:dc:5c:8f:6b:b9:b1:b9:ae:21:8a: 70:cd:50:f6:3b:a7:89:e0:56:a4:35:06:f8:2c:de: bb:84:41:7b:22:12:a8:28:17:8c:80:db:b4:3a:69: 4f:3a:90:63:d1:2e:c3:73:f4:9e:31:e6:84:15:f8: 69:db:ed:a9:fb:ca:32:af:bf:45:5f:08:ed:44:fa: 68:d7:37:35:ef:a2:ec:21:37:f8:7c:e9:cf:d9:ec: 9f:3a:cc:93:77:5e:85:96:0a:d0:95:61:87:7a:9f: d0:b5:03:28:28:4a:a4:23:a6:86:81:7f:cd:53:2d: 65:8f:69:9d:18:79:da:49:41:5a:62:47:93:4a:0d: c9:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:DE:22:D2:66:BC:15:86:7D:D6:78:13:7C:94:FF:9C:0E:FD:FF:20 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:a000::/40 Signature Algorithm: sha256WithRSAEncryption ca:58:be:b9:19:97:43:70:c7:e8:0c:68:06:b0:1b:da:dc:d7: 65:cd:3a:b5:86:ba:b3:e7:74:5f:4a:51:46:1e:c1:01:c7:0e: 79:0e:b9:b1:9e:cb:17:e9:10:99:cc:11:18:bd:a7:4f:ba:59: a2:a4:ea:ca:cc:b0:f2:79:06:7d:55:5f:4d:6e:fc:89:bf:31: 75:9c:00:f2:5e:2c:b0:d6:f7:66:83:e7:66:76:10:a0:f2:34: 57:5e:d3:5a:9f:bb:5e:45:c4:5f:fa:e6:a8:4e:2f:f3:06:ef: cb:0c:6b:b6:b8:e4:22:91:1d:b3:36:30:fa:03:c4:bf:8e:f4: 7b:44:a9:90:66:e9:d2:c5:ec:39:cb:03:ff:b2:8b:f2:ff:f6: c9:d1:93:17:5b:8f:fd:cc:b3:1f:2b:54:ae:74:de:23:d2:be: 71:f0:1f:43:42:44:70:30:24:ec:40:60:87:9d:a8:35:49:4c: e1:de:ee:5a:2a:e4:9e:fd:bb:ec:75:3b:6c:0e:d7:e2:d8:58: 33:7f:62:f7:3f:70:73:b2:db:a3:d9:22:e9:79:62:78:1c:e8: 5b:d9:33:74:f0:73:18:6d:12:76:ef:18:1e:fa:ea:5f:56:33: 42:e6:9d:c3:44:2d:46:71:ea:e6:95:ff:ac:b6:81:bb:fd:6e: a3:d5:5e:45 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMAXaqQW5mwAGtqFe5HjmK/kto7kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwNDBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ1ZjM0ZTNlYjdjYmRmZTdjZGZiZjg5ZmEyMWExODNjZDFlMTZhNzEzMDgx ZGVhZDMwZjVjNzZjODY2Y2JjNDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOb7/ib19bPFxp7XSDtwzsEy6pw9K02GIS+Cx2IIKrgdgrjzfJrGuKVhrS5P oskida6q22womkYiE70TkCoX73gz0XyzOuGf8AjGNqWcv2L171Z9jPRjtbrBXSos Sy7xSBTw0tpVdSkAjtFyt0lWe19rMthP1QhQ0UU00MvcXI9rubG5riGKcM1Q9jun ieBWpDUG+Czeu4RBeyISqCgXjIDbtDppTzqQY9Euw3P0njHmhBX4advtqfvKMq+/ RV8I7UT6aNc3Ne+i7CE3+Hzpz9nsnzrMk3dehZYK0JVhh3qf0LUDKChKpCOmhoF/ zVMtZY9pnRh52klBWmJHk0oNyYkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTk3iLS ZrwVhn3WeBN8lP+cDv3/IDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGEzOTA5ZmEtZGEzZC00Y2Q4LTkxOGYtNzc1NTMwNGQ0OWQxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g MA0GCSqGSIb3DQEBCwUAA4IBAQDKWL65GZdDcMfoDGgGsBva3NdlzTq1hrqz53Rf SlFGHsEBxw55DrmxnssX6RCZzBEYvadPulmipOrKzLDyeQZ9VV9NbvyJvzF1nADy Xiyw1vdmg+dmdhCg8jRXXtNan7teRcRf+uaoTi/zBu/LDGu2uOQikR2zNjD6A8S/ jvR7RKmQZunSxew5ywP/sovy//bJ0ZMXW4/9zLMfK1SudN4j0r5x8B9DQkRwMCTs QGCHnag1SUzh3u5aKuSe/bvsdTtsDtfi2Fgzf2L3P3Bzstuj2SLpeWJ4HOhb2TN0 8HMYbRJ27xge+upfVjNC5p3DRC1Gcermlf+stoG7/W6j1V5F -----END CERTIFICATE-----Generated at Sat Dec 6 17:34:59 2025 by rpki-client