This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json) Hash identifier: bGCMkNk7fMrw+I+8m4tUJG7y/dorEbo5ckDq1OqPA0o= Subject key identifier: 32:4C:FC:A6:9B:BA:F4:6C:36:21:BB:1E:5C:EC:29:A8:13:E5:34:92 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 45398C7AE254EFA0E29E27D40C87C699B493B49B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa Signing time: Sat 15 Nov 2025 06:10:42 +0000 ROA not before: Sat 15 Nov 2025 06:10:42 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07a:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:39:8c:7a:e2:54:ef:a0:e2:9e:27:d4:0c:87:c6:99:b4:93:b4:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:42 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5dab77fbdae0a23296ecc63565684bfe6cb5bddfdf47baf8b7043b674bfe81ac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e5:56:d1:24:7f:28:8d:ab:5a:02:92:f7:5c: 90:88:a3:3a:b4:5d:8b:79:02:37:a4:d0:01:30:7d: 8a:22:98:b2:b9:f3:37:e9:b7:58:0d:da:50:5e:d0: ba:c0:39:e1:ab:e9:8f:fd:9e:78:6c:04:b7:9d:56: 6e:83:9f:aa:97:50:f1:2d:75:d0:73:d1:5d:c3:f2: 28:7a:8b:2c:52:42:c4:5c:99:ed:5b:af:f7:22:42: d3:3a:d2:87:e9:4b:df:a8:a0:15:42:cb:f8:d0:13: 4c:fd:89:9b:30:30:3d:28:39:73:38:22:43:61:83: a1:38:b4:45:5b:25:1e:56:5a:93:28:3c:c1:8a:fb: d1:fc:76:57:18:88:8e:f5:22:4d:b3:4e:57:f3:fd: 7a:84:68:8a:3d:2b:e7:71:f4:1d:6b:d9:a2:34:78: c6:8f:22:88:db:2e:8c:d5:df:4e:fc:ca:b1:d8:30: 85:41:e3:63:fe:ab:1a:04:78:40:ab:a0:da:8c:d2: 2b:25:a1:56:da:7a:6c:a6:95:4f:1d:c5:7c:90:ab: 82:7c:f6:80:6c:7b:73:98:e9:c6:bc:2b:64:8d:b7: ef:6a:40:67:6b:fa:1e:fb:89:f0:32:35:93:a3:a6: cf:a8:fb:61:e1:ff:02:55:59:41:27:3f:90:8d:32: 0a:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:4C:FC:A6:9B:BA:F4:6C:36:21:BB:1E:5C:EC:29:A8:13:E5:34:92 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07a:e000::/40 Signature Algorithm: sha256WithRSAEncryption 16:29:ad:70:ac:fe:13:fd:c4:22:bd:9a:2e:63:89:58:d6:7c: 9d:04:3b:51:3c:2b:a2:61:c5:66:ae:b8:be:85:47:0e:2c:99: e8:23:63:9b:80:6e:31:e9:24:5e:61:0e:1c:ed:63:9b:d2:08: 76:b5:aa:dc:f5:fe:5e:8d:60:53:00:ff:69:a4:66:1b:28:1f: 6f:fd:07:a7:ce:d7:e7:29:5e:18:ad:2d:87:ce:44:27:fd:04: e9:f4:4a:a3:45:cd:78:a6:a9:2c:1a:7b:e3:5e:bf:eb:44:bc: 91:4f:a4:e2:f2:d5:95:25:ac:9f:68:80:85:a3:93:2e:72:ae: 0a:7d:44:e7:d4:3e:33:0e:8f:5b:9a:78:2a:ad:00:57:ed:b4: 11:ed:a8:00:1d:46:3c:ab:b5:8d:2f:a1:fe:fc:24:d4:bc:c7: a0:fa:73:45:b1:55:25:3e:97:32:71:b6:76:ef:f3:cf:d7:8b: 44:9a:c7:fe:d1:6d:de:8f:58:95:3f:12:03:8f:85:2a:2f:fe: b6:e4:9c:31:99:f2:56:ba:81:16:10:1a:32:53:07:0d:00:b1: b2:3a:10:be:36:7b:5e:18:d1:47:4f:44:39:ec:a7:73:1e:c0: bc:8b:f4:99:2a:d4:32:30:49:bc:09:dc:ab:09:37:0a:55:21: b1:da:18:3f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURTmMeuJU76DinifUDIfGmbSTtJswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwNDJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVkYWI3N2ZiZGFlMGEyMzI5NmVjYzYzNTY1Njg0YmZlNmNiNWJkZGZkZjQ3 YmFmOGI3MDQzYjY3NGJmZTgxYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALblVtEkfyiNq1oCkvdckIijOrRdi3kCN6TQATB9iiKYsrnzN+m3WA3aUF7Q usA54avpj/2eeGwEt51WboOfqpdQ8S110HPRXcPyKHqLLFJCxFyZ7Vuv9yJC0zrS h+lL36igFULL+NATTP2JmzAwPSg5czgiQ2GDoTi0RVslHlZakyg8wYr70fx2VxiI jvUiTbNOV/P9eoRoij0r53H0HWvZojR4xo8iiNsujNXfTvzKsdgwhUHjY/6rGgR4 QKug2ozSKyWhVtp6bKaVTx3FfJCrgnz2gGx7c5jpxrwrZI2372pAZ2v6HvuJ8DI1 k6Omz6j7YeH/AlVZQSc/kI0yCvkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyTPym m7r0bDYhux5c7CmoE+U0kjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg MA0GCSqGSIb3DQEBCwUAA4IBAQAWKa1wrP4T/cQivZouY4lY1nydBDtRPCuiYcVm rri+hUcOLJnoI2ObgG4x6SReYQ4c7WOb0gh2tarc9f5ejWBTAP9ppGYbKB9v/Qen ztfnKV4YrS2HzkQn/QTp9EqjRc14pqksGnvjXr/rRLyRT6Ti8tWVJayfaICFo5Mu cq4KfUTn1D4zDo9bmngqrQBX7bQR7agAHUY8q7WNL6H+/CTUvMeg+nNFsVUlPpcy cbZ27/PP14tEmsf+0W3ej1iVPxIDj4UqL/625JwxmfJWuoEWEBoyUwcNALGyOhC+ NnteGNFHT0Q57KdzHsC8i/SZKtQyMEm8CdyrCTcKVSGx2hg/ -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:59 2025 by rpki-client