This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa File: 543bc67d-08f9-4a99-bf5e-68100e034395.roa (raw, json) Hash identifier: ibF9+/oHVvg8sbAW5Faq/XQbVDwU9C84UIRXTGO4rws= Subject key identifier: 90:16:FF:53:A8:D9:D1:5A:78:32:FC:6E:43:C9:76:B0:8D:EF:9A:19 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0B27B15ED2E8B31558E1D25C994544C15D954AB3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa Signing time: Sat 15 Nov 2025 06:10:27 +0000 ROA not before: Sat 15 Nov 2025 06:10:27 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:27:b1:5e:d2:e8:b3:15:58:e1:d2:5c:99:45:44:c1:5d:95:4a:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:27 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b2a0d41a25b17817119a24f935261f8d0aff8c551aa9d05e5836b5f6bfc55e26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:be:d2:85:50:34:99:f2:60:b0:83:fd:24:0a: 7e:82:5e:da:6f:09:9b:f3:9c:c0:61:f7:9f:08:ce: da:89:28:92:b3:89:e7:bd:76:46:8f:4a:cb:c3:88: a7:a6:4c:3e:b4:49:c9:a5:54:80:b6:60:89:72:20: bd:f2:3c:3b:02:41:82:18:e3:4f:f2:55:53:38:e9: dc:70:d3:ea:22:a6:09:74:48:0f:ab:a7:a0:ab:e3: e9:ce:50:e5:c5:3e:f1:22:bc:40:f5:fc:08:60:1f: 73:95:5d:1a:01:e4:6d:cd:e5:c1:cb:18:a9:e5:bc: 2e:9e:c4:ff:b1:43:d9:48:3e:35:49:a4:69:8d:c6: 67:fe:a8:a2:10:1b:d7:bb:47:24:b1:de:96:9a:4e: c0:70:80:9a:32:69:23:c6:a6:57:d8:08:71:ff:a1: 79:6a:e2:6d:14:b6:35:96:fb:1c:97:2b:10:f6:4e: 23:b2:25:c8:bd:4b:2b:ab:20:c7:ab:40:20:97:49: 40:a4:36:91:36:12:ba:6e:47:4d:88:28:2e:4e:63: b9:40:5a:1e:ab:c6:0e:a2:f2:95:5b:e1:a2:78:77: 4e:b5:64:1a:0a:5b:14:10:a2:db:69:07:20:e7:59: 4d:39:a5:3e:2f:7b:f2:92:97:84:db:da:ec:cb:a6: 69:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:16:FF:53:A8:D9:D1:5A:78:32:FC:6E:43:C9:76:B0:8D:EF:9A:19 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:4080::/48 Signature Algorithm: sha256WithRSAEncryption 86:f5:0f:2d:4c:1b:11:c7:ad:77:47:ca:23:3e:1a:32:bb:22: 1f:6e:99:b4:d1:e0:76:76:40:97:64:e4:00:06:b1:13:0f:56: 0d:55:f4:34:2d:4f:6b:b9:09:ca:d3:2e:68:43:b0:47:9b:69: f2:0e:87:ef:3b:93:ad:d8:8c:9e:62:df:6d:34:62:5d:91:fc: 24:3e:32:af:87:69:18:5e:23:b5:8e:d3:de:ec:96:b0:04:96: 71:f4:7c:87:da:24:e3:98:fd:77:c1:09:c9:2b:0f:00:1b:fb: da:47:f9:79:d0:73:12:1d:f7:4b:58:08:2d:78:94:53:44:dd: ae:87:a8:47:26:71:e0:d1:50:b4:53:18:cd:72:9f:76:c8:6c: 93:d9:09:0e:80:88:19:b1:ad:58:2b:ad:80:41:f0:d2:19:05: 35:6f:19:fa:ee:91:ae:80:c1:bb:19:ac:f0:7e:28:71:4f:5e: 3d:6d:39:d8:e4:c3:97:52:5b:d2:4f:61:b2:fa:e1:67:ec:15: f0:28:19:20:30:c3:4a:7a:0a:ee:83:31:e3:f3:b0:a6:c7:6c: 17:1a:58:6e:cf:1c:1d:47:4a:f5:42:e3:01:4a:55:b9:29:06: 1d:9f:1a:d1:db:83:46:36:0a:51:8c:a2:ac:c9:d4:10:12:1b: 8c:79:ed:20 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUCyexXtLosxVY4dJcmUVEwV2VSrMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMjdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGIyYTBkNDFhMjViMTc4MTcxMTlhMjRmOTM1MjYxZjhkMGFmZjhjNTUxYWE5 ZDA1ZTU4MzZiNWY2YmZjNTVlMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMe+0oVQNJnyYLCD/SQKfoJe2m8Jm/OcwGH3nwjO2okokrOJ5712Ro9Ky8OI p6ZMPrRJyaVUgLZgiXIgvfI8OwJBghjjT/JVUzjp3HDT6iKmCXRID6unoKvj6c5Q 5cU+8SK8QPX8CGAfc5VdGgHkbc3lwcsYqeW8Lp7E/7FD2Ug+NUmkaY3GZ/6oohAb 17tHJLHelppOwHCAmjJpI8amV9gIcf+heWribRS2NZb7HJcrEPZOI7IlyL1LK6sg x6tAIJdJQKQ2kTYSum5HTYgoLk5juUBaHqvGDqLylVvhonh3TrVkGgpbFBCi22kH IOdZTTmlPi978pKXhNva7MumaT8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSQFv9T qNnRWngy/G5DyXawje+aGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTQzYmM2N2QtMDhmOS00YTk5LWJmNWUtNjgxMDBlMDM0Mzk1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA gDANBgkqhkiG9w0BAQsFAAOCAQEAhvUPLUwbEcetd0fKIz4aMrsiH26ZtNHgdnZA l2TkAAaxEw9WDVX0NC1Pa7kJytMuaEOwR5tp8g6H7zuTrdiMnmLfbTRiXZH8JD4y r4dpGF4jtY7T3uyWsASWcfR8h9ok45j9d8EJySsPABv72kf5edBzEh33S1gILXiU U0TdroeoRyZx4NFQtFMYzXKfdshsk9kJDoCIGbGtWCutgEHw0hkFNW8Z+u6RroDB uxms8H4ocU9ePW052OTDl1Jb0k9hsvrhZ+wV8CgZIDDDSnoK7oMx4/OwpsdsFxpY bs8cHUdK9ULjAUpVuSkGHZ8a0duDRjYKUYyirMnUEBIbjHntIA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:29 2025 by rpki-client