This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa File: 9963ca7c-f411-4aae-ac61-2c650f8269e0.roa (raw, json) Hash identifier: QKGxMBRKKaxC55qsCjYqoc2w/7aaMPjGBYqgJN087IM= Subject key identifier: 1E:3B:FE:91:C6:D0:81:EE:8F:F3:E9:7C:ED:92:B4:43:46:2A:1A:20 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0DDC1D98B0C21A5F9A0CC48F66EEC79290FC1362 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa Signing time: Sat 15 Nov 2025 05:30:58 +0000 ROA not before: Sat 15 Nov 2025 05:30:58 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d011:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:dc:1d:98:b0:c2:1a:5f:9a:0c:c4:8f:66:ee:c7:92:90:fc:13:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:58 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=0c3b131a2f6b6793b754d2b5a547d999a7a57d9abea556cf90ef39100c644609, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:1f:62:a9:5d:4b:bb:5d:73:a2:f9:cb:9a:61: 0e:58:df:e3:d6:0a:83:05:1c:67:d6:8f:7a:59:7f: d4:43:ba:b1:14:93:b8:27:13:ee:e3:fc:ad:c3:7f: a1:a8:b8:6c:9e:55:ba:67:15:d8:8d:49:63:72:0e: 63:e6:5c:1d:6d:62:99:df:dd:03:8e:1e:d7:78:f2: 23:8a:30:c9:f7:40:ec:3d:c1:e2:1d:7c:62:94:d9: e1:4a:5b:b3:b1:82:a4:6a:8f:93:00:62:92:5b:28: 15:52:2c:ff:2f:a4:91:db:80:51:ac:75:ad:0b:42: d3:bf:01:07:64:ef:b6:42:16:f5:dd:94:81:47:fc: 30:88:30:45:07:82:d7:b7:43:e3:ef:f7:28:36:f7: 37:0a:88:3c:4c:a7:fa:25:6e:a0:68:43:0d:5c:d0: 8f:d6:8a:48:27:1c:da:db:60:f5:fd:96:6b:d7:4f: e8:fc:14:1b:9c:4f:26:ea:91:05:5c:2e:77:a3:21: 3e:e3:5b:57:04:80:54:93:33:59:87:1a:3b:80:4e: 58:16:e4:d4:c2:1e:7c:1b:c1:a2:f8:f1:f5:6f:ca: 13:fa:f9:ed:e9:a3:e0:24:8b:bc:22:bd:7a:a7:6b: fa:81:04:0d:9a:38:02:55:37:d8:fc:d5:88:92:b8: 0a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:3B:FE:91:C6:D0:81:EE:8F:F3:E9:7C:ED:92:B4:43:46:2A:1A:20 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d011:400::/38 Signature Algorithm: sha256WithRSAEncryption b6:c5:fb:cb:99:77:57:47:ba:31:1e:01:59:e2:4e:20:79:9a: ea:e9:0c:b6:ac:d0:8f:4a:83:3c:48:9c:47:ed:43:9e:c9:32: 03:ea:6f:17:5f:15:16:e0:77:0f:4e:52:03:b4:32:52:5a:a2: 38:c7:38:a2:f2:56:ef:e4:12:98:dd:42:d9:0f:ed:b3:ef:92: b9:c2:e8:04:37:d8:de:d1:4e:6b:52:37:17:5d:4e:ac:b5:4f: 56:fc:0c:5a:4f:11:8c:4b:ed:22:da:30:f6:7d:35:88:ce:32: 92:e7:ce:99:dc:c9:da:22:de:5e:7c:0e:cc:96:da:bb:61:49: 49:52:48:2f:0d:b2:92:bb:8a:94:0a:70:55:92:04:c6:94:76: 44:46:21:89:29:a9:14:9e:5f:af:da:3b:97:ec:d9:3f:d7:8d: 49:c0:b0:47:cc:94:e5:f7:de:53:69:4b:bb:54:2b:61:dc:c1: d1:bb:fd:e2:5b:d0:38:74:de:c8:95:23:fa:20:a2:ae:1a:bc: c1:70:14:fb:ca:90:6b:39:5a:61:cf:1f:48:dc:9c:06:f5:4e: db:c8:37:1d:53:ca:a7:d8:27:ea:41:7e:f8:42:db:c4:49:65: b0:87:49:d2:6a:4d:1a:e5:2d:52:79:c5:6d:21:6a:1e:20:7d: 23:da:f4:9b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUDdwdmLDCGl+aDMSPZu7HkpD8E2IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwNThaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDBjM2IxMzFhMmY2YjY3OTNiNzU0ZDJiNWE1NDdkOTk5YTdhNTdkOWFiZWE1 NTZjZjkwZWYzOTEwMGM2NDQ2MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPUfYqldS7tdc6L5y5phDljf49YKgwUcZ9aPell/1EO6sRSTuCcT7uP8rcN/ oai4bJ5VumcV2I1JY3IOY+ZcHW1imd/dA44e13jyI4owyfdA7D3B4h18YpTZ4Upb s7GCpGqPkwBiklsoFVIs/y+kkduAUax1rQtC078BB2TvtkIW9d2UgUf8MIgwRQeC 17dD4+/3KDb3NwqIPEyn+iVuoGhDDVzQj9aKSCcc2ttg9f2Wa9dP6PwUG5xPJuqR BVwud6MhPuNbVwSAVJMzWYcaO4BOWBbk1MIefBvBovjx9W/KE/r57emj4CSLvCK9 eqdr+oEEDZo4AlU32PzViJK4Cj8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQeO/6R xtCB7o/z6XztkrRDRioaIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTk2M2NhN2MtZjQxMS00YWFlLWFjNjEtMmM2NTBmODI2OWUwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEE MA0GCSqGSIb3DQEBCwUAA4IBAQC2xfvLmXdXR7oxHgFZ4k4geZrq6Qy2rNCPSoM8 SJxH7UOeyTID6m8XXxUW4HcPTlIDtDJSWqI4xzii8lbv5BKY3ULZD+2z75K5wugE N9je0U5rUjcXXU6stU9W/AxaTxGMS+0i2jD2fTWIzjKS586Z3MnaIt5efA7Mltq7 YUlJUkgvDbKSu4qUCnBVkgTGlHZERiGJKakUnl+v2juX7Nk/141JwLBHzJTl995T aUu7VCth3MHRu/3iW9A4dN7IlSP6IKKuGrzBcBT7ypBrOVphzx9I3JwG9U7byDcd U8qn2CfqQX74QtvESWWwh0nSak0a5S1SecVtIWoeIH0j2vSb -----END CERTIFICATE-----Generated at Sat Dec 6 18:34:31 2025 by rpki-client