This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa File: 63af811a-6e40-455f-b7a8-223951036a11.roa (raw, json) Hash identifier: h7GntUyG9gq301ge/iIeHghHDIXqobrG6z08RZew0U4= Subject key identifier: AD:86:91:CF:7C:99:1D:94:07:EC:82:E4:4C:63:AC:46:B6:D2:A1:4E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 54196039A5633ED0BCAFBBFC0DB763FC5AC6CA8F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa Signing time: Wed 10 Dec 2025 06:11:02 +0000 ROA not before: Wed 10 Dec 2025 06:11:02 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:19:60:39:a5:63:3e:d0:bc:af:bb:fc:0d:b7:63:fc:5a:c6:ca:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:02 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1df232fd1be76383084458aff77e86971bd9d6283413694afce459b4a547b230, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:1c:79:6b:ef:20:75:2f:fc:dd:ad:2b:89:eb: 7e:f3:d2:60:7b:a8:03:e1:b1:0b:5e:4d:67:90:0b: 27:cb:83:16:72:3d:be:c5:0b:cb:29:f6:a1:21:b2: 84:03:86:89:43:68:b8:20:87:c7:38:35:8e:ca:82: 3a:09:3f:70:cb:4d:96:55:37:37:4a:58:ab:0b:70: 66:e2:17:b7:b5:f7:37:73:32:70:8e:e5:54:f8:4a: 45:bb:f8:a9:47:b0:c7:25:31:e8:2c:dc:a3:b5:62: c2:08:f5:d9:73:32:a5:dd:1b:3f:3a:70:94:c9:95: 32:eb:15:68:4c:b0:db:61:66:c7:a2:ce:57:b9:45: 56:8e:a6:83:2b:27:26:e0:30:f7:98:71:86:0b:95: c1:c5:02:14:6e:26:5d:88:2e:85:3e:5d:08:e6:2f: 71:3b:dd:e0:6d:13:2d:ab:9d:0d:d2:f8:7e:f4:4a: b5:ea:a6:13:cc:0f:67:1e:2e:70:e4:0f:0c:84:67: ae:e0:e8:e8:5a:ba:fc:71:52:e6:35:d8:78:6e:58: c1:fa:34:8b:24:32:a8:a1:97:8c:27:05:be:c4:2c: 50:98:f5:26:04:0f:73:52:ad:73:37:25:67:1f:42: d1:4b:12:4f:0c:76:e5:8e:be:c6:51:cb:63:24:49: fa:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:86:91:CF:7C:99:1D:94:07:EC:82:E4:4C:63:AC:46:B6:D2:A1:4E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:9000::/40 Signature Algorithm: sha256WithRSAEncryption 05:0d:a3:9b:f9:47:93:f4:82:1d:f4:ae:c3:56:34:ff:db:ed: 76:3a:1b:50:39:74:9d:10:1b:38:48:76:0a:31:46:33:de:97: 13:7e:d1:1f:32:47:4a:95:18:4a:fb:f0:78:f8:28:43:a9:58: 3b:c5:f3:24:a4:e4:86:2d:c3:6f:fc:ad:33:93:5d:42:1a:22: 5b:cd:06:a2:6e:17:3e:13:4c:0f:15:4d:9f:2d:2a:d8:be:cf: 49:da:46:24:3c:1d:24:f6:07:8b:7a:8c:4c:b0:2e:af:d0:c9: c8:43:61:d1:f0:e8:03:29:72:0c:81:27:af:fb:b0:c5:81:21: e3:1f:b1:af:a8:00:05:2f:66:4a:1f:d3:fd:c6:72:9f:a5:3c: 77:50:3d:dc:d7:c4:d2:7f:79:e3:3b:42:27:c8:aa:fa:75:1c: 25:76:f9:c2:84:fb:57:fe:bf:c7:ad:1b:bd:a9:54:ca:78:dc: ba:f6:53:76:02:0e:cb:80:bd:9d:fd:12:1a:1d:c6:50:4b:bf: de:29:f7:9b:87:03:dc:8c:6e:8a:26:35:63:e7:2a:06:7e:51: 40:cf:35:7b:73:ad:06:4e:89:a8:65:be:69:10:9c:3d:86:48: c6:93:67:db:c0:01:70:f6:cf:cc:7e:5f:5e:82:aa:13:e7:c4: d8:50:dc:d3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVBlgOaVjPtC8r7v8Dbdj/FrGyo8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFkZjIzMmZkMWJlNzYzODMwODQ0NThhZmY3N2U4Njk3MWJkOWQ2MjgzNDEz Njk0YWZjZTQ1OWI0YTU0N2IyMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAP0ceWvvIHUv/N2tK4nrfvPSYHuoA+GxC15NZ5ALJ8uDFnI9vsULyyn2oSGy hAOGiUNouCCHxzg1jsqCOgk/cMtNllU3N0pYqwtwZuIXt7X3N3MycI7lVPhKRbv4 qUewxyUx6Czco7Viwgj12XMypd0bPzpwlMmVMusVaEyw22Fmx6LOV7lFVo6mgysn JuAw95hxhguVwcUCFG4mXYguhT5dCOYvcTvd4G0TLaudDdL4fvRKteqmE8wPZx4u cOQPDIRnruDo6Fq6/HFS5jXYeG5Ywfo0iyQyqKGXjCcFvsQsUJj1JgQPc1Ktczcl Zx9C0UsSTwx25Y6+xlHLYyRJ+lcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSthpHP fJkdlAfsguRMY6xGttKhTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjNhZjgxMWEtNmU0MC00NTVmLWI3YTgtMjIzOTUxMDM2YTExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKQ MA0GCSqGSIb3DQEBCwUAA4IBAQAFDaOb+UeT9IId9K7DVjT/2+12OhtQOXSdEBs4 SHYKMUYz3pcTftEfMkdKlRhK+/B4+ChDqVg7xfMkpOSGLcNv/K0zk11CGiJbzQai bhc+E0wPFU2fLSrYvs9J2kYkPB0k9geLeoxMsC6v0MnIQ2HR8OgDKXIMgSev+7DF gSHjH7GvqAAFL2ZKH9P9xnKfpTx3UD3c18TSf3njO0InyKr6dRwldvnChPtX/r/H rRu9qVTKeNy69lN2Ag7LgL2d/RIaHcZQS7/eKfebhwPcjG6KJjVj5yoGflFAzzV7 c60GTomoZb5pEJw9hkjGk2fbwAFw9s/Mfl9egqoT58TYUNzT -----END CERTIFICATE-----Generated at Mon Dec 15 15:28:34 2025 by rpki-client