This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa File: 4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa (raw, json) Hash identifier: SUj62kAIWHqpayNa8x+0QPDh5t1Gs94+LG26qx6xFYM= Subject key identifier: 35:79:81:A3:CC:E5:8E:00:2A:1F:33:EC:C0:99:26:19:6D:FB:3B:5A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3E5CB86A25CAA700B4FD2D5DFEA965D67DB93567 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa Signing time: Tue 02 Dec 2025 01:51:24 +0000 ROA not before: Tue 02 Dec 2025 01:51:24 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d030:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:5c:b8:6a:25:ca:a7:00:b4:fd:2d:5d:fe:a9:65:d6:7d:b9:35:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:51:24 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=047442e8f790ddd4aee0efdedd4e77223b1989a770f319cec0f2ae3e0a9791ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:84:90:d8:ee:57:9c:29:a0:d3:4b:e5:79:93: 43:13:f4:3d:53:b4:21:97:8e:37:05:f2:76:88:9a: f9:53:ee:a4:e5:2c:10:79:97:68:55:79:4d:8d:43: f1:73:32:ab:45:77:9f:90:ec:13:83:bb:bf:f4:84: 3d:fc:ad:bb:7b:29:52:75:88:6c:08:23:83:47:bc: c4:f1:1c:86:ff:19:04:44:fe:1d:66:74:cf:07:50: ff:77:6f:55:c1:2f:25:ce:8a:50:9a:ba:14:da:18: 94:64:7d:51:1c:49:17:c3:ed:33:5e:26:e5:fc:61: dd:11:25:9c:d4:10:5d:5f:63:b7:66:1d:79:4b:33: a0:6c:e3:88:6d:14:c9:fc:b5:88:2d:f7:69:94:2d: 60:14:5b:e2:e8:bf:cb:4f:3e:95:ac:20:30:30:2a: 31:63:ed:ba:87:56:09:b4:be:2a:8f:9f:11:92:9c: 4b:65:d4:d3:79:59:0a:a3:07:ba:5a:95:90:5f:63: 1c:b8:0f:0b:c4:fe:b8:1e:7b:ca:c9:e4:e1:2b:98: 09:87:96:b7:7c:c6:05:16:27:a4:3e:01:1a:ec:0b: 44:1c:ab:47:d8:f6:9b:96:40:6b:e1:a9:b5:99:98: a8:ba:70:4c:45:20:cc:b3:40:66:1b:d8:e2:e5:6f: 6a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:79:81:A3:CC:E5:8E:00:2A:1F:33:EC:C0:99:26:19:6D:FB:3B:5A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e91376d-8b45-49e6-bf21-9f8e5d21208b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d030:5000::/40 Signature Algorithm: sha256WithRSAEncryption 52:ab:67:cf:ec:06:3a:59:fd:b8:34:71:a7:c6:96:a2:29:77: 9f:8b:61:c3:d1:47:da:52:7b:26:00:ec:06:0f:d3:7e:c4:70: d4:09:5e:69:c8:c2:e7:5e:9b:1e:50:d0:2e:e2:ba:44:58:37: 80:24:19:01:95:86:63:dd:30:11:7e:24:f2:29:44:01:5e:36: e5:98:2d:0d:b0:e6:8e:6c:32:4c:ed:b0:09:52:4e:bf:62:2e: 07:3d:31:55:ea:c4:2f:37:b8:89:93:b5:2c:47:2e:7f:bb:7b: 8f:8c:61:a1:ed:c5:d3:fd:c7:49:53:30:40:32:b3:00:f0:30: c7:39:4a:61:d3:80:84:84:ad:63:76:b0:28:ff:8d:8a:ee:73: 8d:67:76:c5:5d:60:3d:47:4c:85:39:3c:54:3c:fb:51:59:7e: 62:c4:cc:e0:6a:ef:3f:9a:fd:4b:2b:77:d0:37:b7:d7:dd:ae: df:1c:ad:25:0c:da:b9:58:31:f1:ca:be:43:83:05:dc:76:aa: 2d:a6:18:c9:fc:28:2c:a4:47:cc:dd:cf:be:de:a4:b6:1c:fc: a8:07:a1:e4:43:cc:a0:4e:d1:a1:b8:dc:5b:29:2e:f6:87:90: 9a:2b:47:1b:25:9b:15:e9:bc:ad:de:49:49:50:b0:dc:c7:07: 55:d8:db:67 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPly4aiXKpwC0/S1d/qll1n25NWcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUxMjRaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDA0NzQ0MmU4Zjc5MGRkZDRhZWUwZWZkZWRkNGU3NzIyM2IxOTg5YTc3MGYz MTljZWMwZjJhZTNlMGE5NzkxZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+EkNjuV5wpoNNL5XmTQxP0PVO0IZeONwXydoia+VPupOUsEHmXaFV5TY1D 8XMyq0V3n5DsE4O7v/SEPfytu3spUnWIbAgjg0e8xPEchv8ZBET+HWZ0zwdQ/3dv VcEvJc6KUJq6FNoYlGR9URxJF8PtM14m5fxh3RElnNQQXV9jt2YdeUszoGzjiG0U yfy1iC33aZQtYBRb4ui/y08+lawgMDAqMWPtuodWCbS+Ko+fEZKcS2XU03lZCqMH ulqVkF9jHLgPC8T+uB57ysnk4SuYCYeWt3zGBRYnpD4BGuwLRByrR9j2m5ZAa+Gp tZmYqLpwTEUgzLNAZhvY4uVvajUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1eYGj zOWOACofM+zAmSYZbfs7WjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGU5MTM3NmQtOGI0NS00OWU2LWJmMjEtOWY4ZTVkMjEyMDhiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ MA0GCSqGSIb3DQEBCwUAA4IBAQBSq2fP7AY6Wf24NHGnxpaiKXefi2HD0UfaUnsm AOwGD9N+xHDUCV5pyMLnXpseUNAu4rpEWDeAJBkBlYZj3TARfiTyKUQBXjblmC0N sOaObDJM7bAJUk6/Yi4HPTFV6sQvN7iJk7UsRy5/u3uPjGGh7cXT/cdJUzBAMrMA 8DDHOUph04CEhK1jdrAo/42K7nONZ3bFXWA9R0yFOTxUPPtRWX5ixMzgau8/mv1L K3fQN7fX3a7fHK0lDNq5WDHxyr5DgwXcdqotphjJ/CgspEfM3c++3qS2HPyoB6Hk Q8ygTtGhuNxbKS72h5CaK0cbJZsV6byt3klJULDcxwdV2Ntn -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:17 2025 by rpki-client