This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json) Hash identifier: /GDAQDY/F18gq0R/srmVu9WsVDvT103+56hvCP514w8= Subject key identifier: 52:3F:CD:34:54:B2:D4:A6:CA:79:20:76:37:75:84:6A:32:D6:64:52 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7B2F218C20D340B6A8B934E966D6E24A87F64A19 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa Signing time: Sat 15 Nov 2025 05:51:05 +0000 ROA not before: Sat 15 Nov 2025 05:51:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01a:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:2f:21:8c:20:d3:40:b6:a8:b9:34:e9:66:d6:e2:4a:87:f6:4a:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:51:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a697049c095c5c795f50868a0aaa858d9ae09e336e65ca9ba07f5fb53c2ccfd5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1b:05:61:ea:5b:b7:05:06:df:18:a8:37:86: 08:88:3f:47:d4:b3:1a:63:24:78:28:e1:69:2f:be: 48:84:4e:46:69:aa:d3:c2:0f:48:ef:cb:f6:84:ee: af:d3:76:cf:87:8d:f4:57:94:da:60:4c:a1:80:b1: d6:d6:11:52:c0:c0:c4:79:7a:8c:e5:da:0d:d0:5e: 33:4f:5c:e0:5c:77:bc:10:9f:42:de:01:bf:62:2d: cf:36:b1:fe:a6:e9:79:84:45:d0:e7:64:82:41:b9: c8:c5:93:a3:6c:f6:3e:7e:ae:ec:71:c0:eb:a2:44: 2d:43:ba:44:33:a7:92:a9:f5:35:1f:5f:30:b6:ad: 7f:73:70:d8:a0:d0:09:91:96:3c:d7:ae:50:5b:36: 79:fe:4e:eb:74:e1:e2:c1:5c:db:c9:70:dd:8b:89: 00:4d:ab:b5:ae:36:f3:1c:26:b9:c2:0a:a9:89:10: e2:f5:4b:8a:92:ca:56:06:3e:d8:e8:12:98:7a:fb: 75:5f:2c:b5:fa:8b:d2:2f:1c:f1:16:53:ef:a4:8c: 71:47:0b:5f:61:d2:19:b9:c2:7a:1c:f5:84:e0:34: f0:75:f6:68:2b:bb:af:4e:47:38:6b:b9:c0:b9:11: 0e:57:83:ef:9a:67:63:6c:66:02:a7:ee:d1:b8:13: 1b:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:3F:CD:34:54:B2:D4:A6:CA:79:20:76:37:75:84:6A:32:D6:64:52 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01a:800::/38 Signature Algorithm: sha256WithRSAEncryption 72:d8:06:b9:ef:a6:8a:86:b3:6d:c8:35:f8:d3:57:73:36:20: 1e:17:18:43:ca:c6:c6:9f:c4:ea:d0:15:b3:74:bc:c3:12:61: be:8a:0d:1d:ae:5f:cd:e3:3d:ed:fc:69:34:c7:c6:d5:23:c8: fd:91:56:f6:88:fc:ee:82:57:34:da:08:88:95:a2:0d:da:d1: 26:82:18:fa:6e:9c:55:97:1d:34:6a:f6:2a:ba:33:77:78:14: f0:98:ed:e0:b6:18:f8:da:df:bb:8b:30:ee:62:51:67:cc:81: cf:e5:fb:33:69:a5:94:30:62:ee:ad:21:12:96:78:2f:91:20: cb:3a:bf:2e:8b:08:aa:92:60:81:ca:0b:c8:ad:fc:ed:ac:36: fb:cc:68:ca:ec:76:7e:9b:36:50:90:33:6b:c2:a5:82:07:30: 55:f9:01:68:f6:a2:9c:dd:73:f2:f9:fe:fd:bf:92:e0:36:18: 90:9e:4e:a6:d0:4f:b6:82:6a:46:98:2d:e5:71:c8:8b:7d:c1: 96:68:50:55:7f:ab:e9:ca:51:67:74:6c:fe:2a:4c:22:9b:79: 9b:43:1a:52:d3:e3:18:c6:94:e8:b5:9b:24:97:60:01:6f:e4: 45:c3:24:95:01:04:ba:25:c7:d7:1a:6b:a7:71:29:9e:82:3a: 3c:e0:9b:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUey8hjCDTQLaouTTpZtbiSof2ShkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUxMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGE2OTcwNDljMDk1YzVjNzk1ZjUwODY4YTBhYWE4NThkOWFlMDllMzM2ZTY1 Y2E5YmEwN2Y1ZmI1M2MyY2NmZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0bBWHqW7cFBt8YqDeGCIg/R9SzGmMkeCjhaS++SIRORmmq08IPSO/L9oTu r9N2z4eN9FeU2mBMoYCx1tYRUsDAxHl6jOXaDdBeM09c4Fx3vBCfQt4Bv2Itzzax /qbpeYRF0OdkgkG5yMWTo2z2Pn6u7HHA66JELUO6RDOnkqn1NR9fMLatf3Nw2KDQ CZGWPNeuUFs2ef5O63Th4sFc28lw3YuJAE2rta428xwmucIKqYkQ4vVLipLKVgY+ 2OgSmHr7dV8stfqL0i8c8RZT76SMcUcLX2HSGbnCehz1hOA08HX2aCu7r05HOGu5 wLkRDleD75pnY2xmAqfu0bgTG/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSP800 VLLUpsp5IHY3dYRqMtZkUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI MA0GCSqGSIb3DQEBCwUAA4IBAQBy2Aa576aKhrNtyDX401dzNiAeFxhDysbGn8Tq 0BWzdLzDEmG+ig0drl/N4z3t/Gk0x8bVI8j9kVb2iPzuglc02giIlaIN2tEmghj6 bpxVlx00avYqujN3eBTwmO3gthj42t+7izDuYlFnzIHP5fszaaWUMGLurSESlngv kSDLOr8uiwiqkmCBygvIrfztrDb7zGjK7HZ+mzZQkDNrwqWCBzBV+QFo9qKc3XPy +f79v5LgNhiQnk6m0E+2gmpGmC3lcciLfcGWaFBVf6vpylFndGz+Kkwim3mbQxpS 0+MYxpTotZskl2ABb+RFwySVAQS6JcfXGmuncSmegjo84JvU -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:55 2025 by rpki-client