This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json) Hash identifier: /JqXTj3P0tFdKr/+hoPlaeeDgNAFpoemBNO+rNWjE/I= Subject key identifier: 09:09:AD:78:5C:5A:7D:70:F0:C1:E1:3D:FB:29:45:64:11:1C:65:07 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 245839AC8FA7624B5E3CD47788829B771DA37C88 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa Signing time: Sat 15 Nov 2025 05:30:14 +0000 ROA not before: Sat 15 Nov 2025 05:30:14 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07a:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:58:39:ac:8f:a7:62:4b:5e:3c:d4:77:88:82:9b:77:1d:a3:7c:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:14 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=546ee013c9385ef2284cf1547d86c7db6d4784deb96cbf1a0a91c0c0f9c652b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:5d:1d:73:74:3f:1f:1a:5a:36:51:49:2f:44: ad:54:e7:c2:2c:a0:e8:2f:81:2d:49:26:b4:bc:46: 37:4c:93:62:02:2d:ab:5f:c7:a1:d0:73:b4:a4:71: 85:dc:6b:25:90:f8:fe:90:f1:fe:de:93:65:2d:b1: 71:20:5e:c6:cd:8e:3a:64:d2:47:2b:68:ca:b3:33: 13:35:b8:61:8d:3a:5f:3d:dd:bd:9b:e2:14:0e:cd: c9:df:79:1f:a0:b1:8f:50:b3:fb:67:6f:c3:75:bc: d1:f0:e5:64:46:13:b0:2c:42:01:fd:f6:fe:c4:b3: 36:2e:a8:31:39:08:50:92:08:f7:16:4d:5d:47:69: 06:e0:97:a6:13:cb:72:99:17:5f:05:2d:85:b5:91: 84:26:c1:0c:ed:79:43:76:c9:72:73:27:aa:37:ed: db:c9:7a:9c:97:dd:f2:c1:6e:fb:dc:c3:cb:42:25: e5:62:09:e6:5a:ce:26:c6:1d:5e:a5:f2:30:b6:d2: 62:fa:d0:c2:1d:ab:84:ba:8b:bf:08:59:a8:a6:69: d1:88:37:41:8e:70:d8:fb:6f:62:82:ad:68:61:36: ab:53:99:6c:a5:39:2c:6e:17:31:80:dc:52:b1:28: 3f:35:88:fc:36:b0:ca:7d:d9:bd:4b:c7:ec:c6:35: 39:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:09:AD:78:5C:5A:7D:70:F0:C1:E1:3D:FB:29:45:64:11:1C:65:07 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07a:8000::/40 Signature Algorithm: sha256WithRSAEncryption bd:52:0b:0e:7c:61:82:4b:21:77:7a:f0:98:a0:c0:5b:3e:26: 20:3a:07:f1:92:64:99:82:f8:11:b4:8a:00:38:e7:ba:91:e5: 3d:05:6e:62:ec:2b:66:ac:9e:44:b7:70:6d:20:45:a6:2a:1f: 9a:ff:55:d8:c8:8e:73:c9:3c:3b:b9:f4:2a:b1:d4:08:46:c7: 68:1e:2c:27:ea:a5:dc:47:96:ca:8f:fe:3f:54:2c:15:c7:79: df:4a:7c:94:f5:a6:6d:54:17:03:e6:4a:9e:5e:6d:43:a6:8c: 5d:83:af:75:37:31:fb:46:76:c0:86:e5:9f:32:51:cd:ce:da: 16:bd:7d:a2:78:bf:0a:dc:42:83:69:3c:16:ff:0b:2e:c1:e4: 1c:65:46:c4:5e:0b:61:d0:d0:65:e2:78:24:58:7d:91:10:d7: c0:f6:a3:29:ab:2f:02:c4:71:15:cc:0a:2d:8c:7e:7f:a9:a3: 13:1b:39:97:98:5e:c4:8a:42:cf:81:53:43:b2:4f:21:80:62: a9:a5:cc:2d:ca:2e:75:49:00:11:74:81:d2:be:72:a6:a7:a9: a1:3e:d3:96:b1:0e:ee:6b:8d:e9:89:a8:aa:9c:aa:32:d3:90: 45:e7:23:07:ad:7a:de:44:82:24:52:3d:da:46:1a:69:2e:cb: 2a:77:67:61 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUJFg5rI+nYktePNR3iIKbdx2jfIgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwMTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDU0NmVlMDEzYzkzODVlZjIyODRjZjE1NDdkODZjN2RiNmQ0Nzg0ZGViOTZj YmYxYTBhOTFjMGMwZjljNjUyYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANpdHXN0Px8aWjZRSS9ErVTnwiyg6C+BLUkmtLxGN0yTYgItq1/HodBztKRx hdxrJZD4/pDx/t6TZS2xcSBexs2OOmTSRytoyrMzEzW4YY06Xz3dvZviFA7Nyd95 H6Cxj1Cz+2dvw3W80fDlZEYTsCxCAf32/sSzNi6oMTkIUJII9xZNXUdpBuCXphPL cpkXXwUthbWRhCbBDO15Q3bJcnMnqjft28l6nJfd8sFu+9zDy0Il5WIJ5lrOJsYd XqXyMLbSYvrQwh2rhLqLvwhZqKZp0Yg3QY5w2PtvYoKtaGE2q1OZbKU5LG4XMYDc UrEoPzWI/Dawyn3ZvUvH7MY1Ob8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJCa14 XFp9cPDB4T37KUVkERxlBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA MA0GCSqGSIb3DQEBCwUAA4IBAQC9UgsOfGGCSyF3evCYoMBbPiYgOgfxkmSZgvgR tIoAOOe6keU9BW5i7CtmrJ5Et3BtIEWmKh+a/1XYyI5zyTw7ufQqsdQIRsdoHiwn 6qXcR5bKj/4/VCwVx3nfSnyU9aZtVBcD5kqeXm1Dpoxdg691NzH7RnbAhuWfMlHN ztoWvX2ieL8K3EKDaTwW/wsuweQcZUbEXgth0NBl4ngkWH2RENfA9qMpqy8CxHEV zAotjH5/qaMTGzmXmF7EikLPgVNDsk8hgGKppcwtyi51SQARdIHSvnKmp6mhPtOW sQ7ua43piaiqnKoy05BF5yMHrXreRIIkUj3aRhppLssqd2dh -----END CERTIFICATE-----Generated at Sat Dec 6 12:46:48 2025 by rpki-client