This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json) Hash identifier: 8eFh/gsS5bqZR2PtmM6ze9+Q9Zk7/+ycdjGOmijRfwU= Subject key identifier: 08:79:0A:32:F7:E2:CE:B2:11:EF:6D:45:66:60:F4:E9:D2:92:43:B3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 19852A1151E53054812B70904E886B0ADBA4C62B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa Signing time: Sat 15 Nov 2025 06:00:14 +0000 ROA not before: Sat 15 Nov 2025 06:00:14 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:85:2a:11:51:e5:30:54:81:2b:70:90:4e:88:6b:0a:db:a4:c6:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:14 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=c4f72ef650d449abb25c846b5be46bd8a92a71c40ed972c6c0f96a3a007258ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d0:d3:9b:09:aa:75:c0:af:a6:63:92:88:1c: a1:a0:71:c7:a8:2e:bf:1e:30:c0:9e:40:e9:69:82: 03:4b:24:7b:c0:8e:e8:83:39:62:23:b4:d9:c4:62: 1f:11:45:d7:f3:2c:ac:96:e9:7f:1b:20:19:27:71: a1:a9:be:a0:98:30:af:44:e7:1a:ab:e3:3d:bd:27: e1:c9:ac:91:4f:dc:a2:cb:83:ad:3c:1f:82:d4:d0: b4:f9:23:54:30:a1:53:6b:71:d7:63:3f:67:8b:e3: ac:3d:9b:e5:b9:ac:14:3f:de:4c:2f:a3:19:bf:93: 49:3f:b2:83:3f:66:d8:97:57:44:a2:40:ed:31:cb: 51:c1:54:b2:ec:82:5a:16:bc:56:8c:77:71:38:30: 7a:e5:94:6a:93:15:c6:85:59:da:3a:77:bc:13:8f: a3:b2:b5:b1:ce:44:7e:d4:25:ab:38:73:d9:af:c5: f2:39:af:1d:6b:26:8f:00:47:7a:1c:72:83:d9:5c: 01:37:27:0a:a3:f9:36:ed:e9:d6:77:b6:07:c7:8a: 70:6a:14:c9:46:50:41:29:54:41:69:f9:80:a9:50: 93:83:1f:a2:e4:7e:2d:e0:7c:f6:fb:51:17:1b:90: bc:69:ff:fc:c4:77:ff:b0:13:19:c2:90:b5:2a:0a: 10:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:79:0A:32:F7:E2:CE:B2:11:EF:6D:45:66:60:F4:E9:D2:92:43:B3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:80c0::/48 Signature Algorithm: sha256WithRSAEncryption a2:48:f8:88:57:a4:db:b5:78:d6:38:22:ee:71:85:30:54:99: 4e:b6:eb:a0:e8:5d:8f:98:3b:0d:ca:9a:8c:83:81:9f:be:f0: d6:0f:91:d7:e0:6f:38:e1:4e:49:18:84:cb:5e:1b:a7:04:4e: 18:37:61:f3:12:f8:33:10:1a:df:22:02:84:df:bc:61:c7:2c: ab:c5:a3:a6:a3:3e:a3:1f:9e:62:bc:79:5b:34:7f:a8:f6:cb: e9:61:0b:57:02:81:b4:a4:0c:ee:53:fb:d3:43:c8:4d:ea:c9: f9:b1:7f:80:2a:55:8f:b9:1f:1c:c4:0e:b5:54:d5:6a:df:c6: 2a:2d:e1:e9:94:4d:db:28:02:53:47:b6:9b:fc:fd:b3:5e:1c: dc:14:da:dd:eb:d1:2e:f0:34:d9:3e:91:b2:ae:e3:64:93:78: 63:83:02:1f:f6:44:7f:78:3e:36:aa:e9:5a:25:f7:18:9e:82: cd:3c:4d:43:6e:67:9d:4d:27:40:ce:89:26:06:a9:18:64:86: a2:51:21:d3:ad:d2:e6:21:80:8c:d8:ff:a3:5e:57:57:40:29: 38:e2:f1:ee:11:4c:62:4b:87:0a:81:8a:02:48:5a:d4:1e:c1: 2e:bd:99:85:b8:05:2d:ed:47:1d:30:9c:80:9b:46:2f:c8:9a: 6e:41:25:be -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUGYUqEVHlMFSBK3CQTohrCtukxiswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGM0ZjcyZWY2NTBkNDQ5YWJiMjVjODQ2YjViZTQ2YmQ4YTkyYTcxYzQwZWQ5 NzJjNmMwZjk2YTNhMDA3MjU4ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/Q05sJqnXAr6ZjkogcoaBxx6guvx4wwJ5A6WmCA0ske8CO6IM5YiO02cRi HxFF1/MsrJbpfxsgGSdxoam+oJgwr0TnGqvjPb0n4cmskU/cosuDrTwfgtTQtPkj VDChU2tx12M/Z4vjrD2b5bmsFD/eTC+jGb+TST+ygz9m2JdXRKJA7THLUcFUsuyC Wha8Vox3cTgweuWUapMVxoVZ2jp3vBOPo7K1sc5EftQlqzhz2a/F8jmvHWsmjwBH ehxyg9lcATcnCqP5Nu3p1ne2B8eKcGoUyUZQQSlUQWn5gKlQk4MfouR+LeB89vtR FxuQvGn//MR3/7ATGcKQtSoKEF8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQIeQoy 9+LOshHvbUVmYPTp0pJDszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA wDANBgkqhkiG9w0BAQsFAAOCAQEAokj4iFek27V41jgi7nGFMFSZTrbroOhdj5g7 DcqajIOBn77w1g+R1+BvOOFOSRiEy14bpwROGDdh8xL4MxAa3yIChN+8Yccsq8Wj pqM+ox+eYrx5WzR/qPbL6WELVwKBtKQM7lP700PITerJ+bF/gCpVj7kfHMQOtVTV at/GKi3h6ZRN2ygCU0e2m/z9s14c3BTa3evRLvA02T6Rsq7jZJN4Y4MCH/ZEf3g+ NqrpWiX3GJ6CzTxNQ25nnU0nQM6JJgapGGSGolEh063S5iGAjNj/o15XV0ApOOLx 7hFMYkuHCoGKAkha1B7BLr2ZhbgFLe1HHTCcgJtGL8iabkElvg== -----END CERTIFICATE-----Generated at Sat Dec 6 19:20:16 2025 by rpki-client