This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json) Hash identifier: /Es6lJgj8hPsHI5J+P6cuWgNwaGYr+JS6zpr7pUNuuU= Subject key identifier: 49:6A:B6:24:EA:4A:D4:18:01:6D:E6:8B:BC:7B:95:54:3D:93:2F:DB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4A8AF3AD05A4E1727BB4C1BFAF0B1EE8CC02ADF6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa Signing time: Sat 15 Nov 2025 06:10:06 +0000 ROA not before: Sat 15 Nov 2025 06:10:06 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07a:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:8a:f3:ad:05:a4:e1:72:7b:b4:c1:bf:af:0b:1e:e8:cc:02:ad:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:06 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5b2d6eee019a066980f5857d56a13c54274231810353a7ab265d0e2800c53365, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:e0:ea:d8:44:09:0e:f5:38:2c:59:ea:60:b2: c5:b6:05:cd:00:b6:14:95:9b:eb:aa:90:4b:6e:47: 98:fe:48:7c:74:f3:9f:9f:31:32:5c:c1:bf:e1:b9: 1d:7b:61:50:42:38:fd:dc:36:df:55:cb:24:18:ac: fd:03:85:94:5a:4f:24:92:a9:4e:61:76:97:29:a5: 81:5f:ea:95:e7:41:7e:f5:b8:ce:de:29:30:b2:31: 1c:c6:a0:6c:d3:bb:9b:10:e4:85:a8:78:3e:6c:89: 5a:18:9a:af:d0:7c:aa:8b:3e:4e:d5:4a:10:5d:83: 6d:03:a4:5a:d3:4e:1a:b9:25:0c:05:ec:76:0e:a7: 6c:2e:fb:63:f1:ce:02:cc:f3:f7:8d:84:0f:5f:ff: ec:81:89:9e:27:90:4e:62:17:aa:e0:41:b2:d7:84: a4:e6:5f:57:42:33:c8:47:35:be:d6:74:61:ef:6a: 79:36:e8:14:8e:ec:e0:93:64:20:8a:28:08:f1:6a: fe:c1:97:d5:37:08:82:1e:04:40:87:1c:8e:61:da: 93:00:94:44:6a:af:e0:ab:4e:9c:dd:33:41:a8:82: 4d:64:19:c4:a4:43:bb:3c:83:d4:50:17:b9:3f:41: 15:16:6d:af:83:91:89:eb:ac:39:52:7c:a1:bb:a2: a2:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:6A:B6:24:EA:4A:D4:18:01:6D:E6:8B:BC:7B:95:54:3D:93:2F:DB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07a:2000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:6c:19:b8:ce:c3:ef:2c:8b:c7:74:fd:51:9c:a7:6e:48:5e: e3:e7:48:48:9e:be:8e:d2:c2:4b:19:1b:be:2a:ab:33:1e:09: b5:ea:3b:60:85:25:64:4c:5b:2d:ef:0d:ae:a2:3f:e5:01:cd: 9e:a1:72:b9:36:4d:14:ad:21:12:14:f2:8d:dd:b1:80:f5:df: 69:7b:82:94:b1:ce:23:20:ca:26:ea:6f:e1:78:37:ce:ea:f8: 16:2d:61:62:9b:86:af:25:0d:90:f7:a6:7d:9a:fd:8d:4a:63: 1b:14:52:a2:5e:c8:d5:4d:a9:98:18:6b:59:6e:ed:56:37:48: cf:f2:fa:24:0f:f5:3a:30:b7:dd:0e:a9:0d:09:26:38:5b:5c: 51:0d:2c:01:04:6c:44:8b:9a:55:14:c0:0e:b0:31:fc:cb:66: 8a:cc:c0:7e:3e:06:8b:1f:2d:62:5c:d7:7e:4b:3f:a7:ff:29: e2:a4:59:7c:14:ec:7d:b9:00:bb:37:7f:29:71:6b:7c:2c:6d: c2:67:b6:a9:31:bb:e0:87:94:47:ed:ae:90:25:fe:66:a7:93: ef:24:46:2d:c7:a1:41:58:15:a6:fc:85:80:71:67:7b:a2:1b: 43:59:b6:28:4d:a6:fd:1b:37:b3:14:55:1c:2d:86:00:72:5c: 0f:25:e6:84 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUSorzrQWk4XJ7tMG/rwse6MwCrfYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDViMmQ2ZWVlMDE5YTA2Njk4MGY1ODU3ZDU2YTEzYzU0Mjc0MjMxODEwMzUz YTdhYjI2NWQwZTI4MDBjNTMzNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANjg6thECQ71OCxZ6mCyxbYFzQC2FJWb66qQS25HmP5IfHTzn58xMlzBv+G5 HXthUEI4/dw231XLJBis/QOFlFpPJJKpTmF2lymlgV/qledBfvW4zt4pMLIxHMag bNO7mxDkhah4PmyJWhiar9B8qos+TtVKEF2DbQOkWtNOGrklDAXsdg6nbC77Y/HO Aszz942ED1//7IGJnieQTmIXquBBsteEpOZfV0IzyEc1vtZ0Ye9qeTboFI7s4JNk IIooCPFq/sGX1TcIgh4EQIccjmHakwCURGqv4KtOnN0zQaiCTWQZxKRDuzyD1FAX uT9BFRZtr4ORieusOVJ8obuios8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJarYk 6krUGAFt5ou8e5VUPZMv2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog MA0GCSqGSIb3DQEBCwUAA4IBAQB9bBm4zsPvLIvHdP1RnKduSF7j50hInr6O0sJL GRu+KqszHgm16jtghSVkTFst7w2uoj/lAc2eoXK5Nk0UrSESFPKN3bGA9d9pe4KU sc4jIMom6m/heDfO6vgWLWFim4avJQ2Q96Z9mv2NSmMbFFKiXsjVTamYGGtZbu1W N0jP8vokD/U6MLfdDqkNCSY4W1xRDSwBBGxEi5pVFMAOsDH8y2aKzMB+PgaLHy1i XNd+Sz+n/ynipFl8FOx9uQC7N38pcWt8LG3CZ7apMbvgh5RH7a6QJf5mp5PvJEYt x6FBWBWm/IWAcWd7ohtDWbYoTab9GzezFFUcLYYAclwPJeaE -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:39 2025 by rpki-client