This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa File: 716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa (raw, json) Hash identifier: vfwPpf2VnsX19SeAfakt1aexe6aWg1xKnSX742Mk7lo= Subject key identifier: 69:77:01:5F:E8:FB:EF:37:88:B8:34:02:EB:47:E5:96:3D:45:1D:D3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3E7FD99D61A2FF336D5DB5266D2510F4169F72AE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa Signing time: Sun 23 Nov 2025 01:30:14 +0000 ROA not before: Sun 23 Nov 2025 01:30:14 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:7f:d9:9d:61:a2:ff:33:6d:5d:b5:26:6d:25:10:f4:16:9f:72:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:14 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=b2e29270349cfe89d8c4be6fd9a14c7efe85f5353fe60b275175f5ac15d9cc9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e1:75:c0:ac:f0:e1:82:c5:4e:ef:b0:98:6f: 02:d5:3a:ed:e7:5b:da:89:ba:56:ab:e1:b8:fa:62: 9c:68:d3:d5:3e:f5:80:60:34:79:28:0b:70:a1:f7: 7a:01:ae:bc:0f:4c:8c:a8:d8:15:d4:f0:6e:e5:0c: 80:c8:58:10:ee:e9:1c:2a:2d:0c:a6:ef:cd:47:a8: 19:f0:bd:a7:5d:3f:e0:ad:70:ab:bc:15:1f:78:45: 2b:21:ea:06:4f:27:7d:d4:3c:b7:9d:e6:58:fc:f3: 7c:d9:34:36:27:a3:69:06:97:a0:08:84:98:cf:35: 8a:f9:6a:87:96:e7:f9:c1:c5:b5:b5:3b:37:7d:55: e8:03:d7:98:80:c2:64:41:b6:ed:b7:00:3e:16:6c: 1b:29:7b:05:ba:ca:02:16:41:38:d2:7f:bc:f5:d4: d0:7a:c9:1f:eb:da:51:66:41:64:d8:6d:82:22:26: a0:fc:d9:14:9d:7e:97:1a:c4:d9:0e:7c:74:9f:d5: 30:5b:bd:48:5d:4f:83:a3:1c:f1:bd:b4:12:a5:9e: f1:51:d9:78:05:f3:e5:06:2f:53:b7:92:70:88:f1: 07:d6:42:f8:e5:3a:a8:bb:44:e2:2a:c3:98:39:51: 36:8c:8b:b6:7c:0c:66:7c:f9:70:77:f8:2e:94:f4: b5:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:77:01:5F:E8:FB:EF:37:88:B8:34:02:EB:47:E5:96:3D:45:1D:D3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/716a6c84-1e33-4881-b86c-cbc8a06c5f9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 49:b6:81:20:95:1f:12:fe:2b:b1:2e:6e:1f:74:3f:79:e7:e5: b5:9e:c1:93:ee:40:ac:13:c2:70:94:f5:6c:fb:bb:4c:39:bf: 85:6a:6c:ec:72:e4:a4:a6:6d:75:52:71:43:5e:53:a0:e9:26: 5e:65:73:23:48:51:90:9b:a1:ed:26:2f:6a:ca:7f:40:6d:4c: e7:0f:a9:26:ca:52:6b:0a:44:a1:40:90:3a:b5:6e:7e:15:72: c2:3f:95:5c:70:f1:00:c9:9c:a9:43:05:71:72:b6:06:e0:2a: 60:85:fd:d6:a4:a7:21:81:1b:04:26:c7:e2:ce:b3:4d:22:6e: 6e:fa:85:e4:19:48:ca:f2:7e:a6:91:4b:61:0a:9c:65:16:58: 2b:b4:4b:46:ac:7a:f1:88:47:75:08:2f:a0:f6:86:60:0c:2a: 13:34:45:c9:e8:40:fb:b3:41:09:c5:0a:b4:55:7f:e7:cd:27: 9f:e4:69:a6:09:49:a6:4c:97:30:bb:73:71:4f:f6:96:35:b4: d7:d5:62:3d:28:0e:19:6d:6f:af:c0:ba:24:aa:ca:bb:7d:6d: 62:b5:26:d2:22:d4:a4:47:53:49:5a:af:9f:f9:8b:9b:20:ad: 4d:0d:4a:58:29:82:9f:ad:be:34:d6:19:ea:67:cc:40:44:62: b4:40:bf:15 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUPn/ZnWGi/zNtXbUmbSUQ9Bafcq4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMTRaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGIyZTI5MjcwMzQ5Y2ZlODlkOGM0YmU2ZmQ5YTE0YzdlZmU4NWY1MzUzZmU2 MGIyNzUxNzVmNWFjMTVkOWNjOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjhdcCs8OGCxU7vsJhvAtU67edb2om6VqvhuPpinGjT1T71gGA0eSgLcKH3 egGuvA9MjKjYFdTwbuUMgMhYEO7pHCotDKbvzUeoGfC9p10/4K1wq7wVH3hFKyHq Bk8nfdQ8t53mWPzzfNk0NiejaQaXoAiEmM81ivlqh5bn+cHFtbU7N31V6APXmIDC ZEG27bcAPhZsGyl7BbrKAhZBONJ/vPXU0HrJH+vaUWZBZNhtgiImoPzZFJ1+lxrE 2Q58dJ/VMFu9SF1Pg6Mc8b20EqWe8VHZeAXz5QYvU7eScIjxB9ZC+OU6qLtE4irD mDlRNoyLtnwMZnz5cHf4LpT0tR8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpdwFf 6PvvN4i4NALrR+WWPUUd0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzE2YTZjODQtMWUzMy00ODgxLWI4NmMtY2JjOGEwNmM1ZjljLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqQ wDANBgkqhkiG9w0BAQsFAAOCAQEASbaBIJUfEv4rsS5uH3Q/eefltZ7Bk+5ArBPC cJT1bPu7TDm/hWps7HLkpKZtdVJxQ15ToOkmXmVzI0hRkJuh7SYvasp/QG1M5w+p JspSawpEoUCQOrVufhVywj+VXHDxAMmcqUMFcXK2BuAqYIX91qSnIYEbBCbH4s6z TSJubvqF5BlIyvJ+ppFLYQqcZRZYK7RLRqx68YhHdQgvoPaGYAwqEzRFyehA+7NB CcUKtFV/580nn+RppglJpkyXMLtzcU/2ljW019ViPSgOGW1vr8C6JKrKu31tYrUm 0iLUpEdTSVqvn/mLmyCtTQ1KWCmCn62+NNYZ6mfMQERitEC/FQ== -----END CERTIFICATE-----Generated at Sun Dec 7 00:27:41 2025 by rpki-client