This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa File: 9d030354-5f4d-47d4-9f96-310c9a509d02.roa (raw, json) Hash identifier: 9ghDdLRmoPrBi2ClIs9QqleiZIw4Z9FKRLnGrgH8l3Q= Subject key identifier: A7:D1:7A:CD:0F:8D:63:7E:24:C5:74:B9:E7:8C:87:16:CF:34:3E:6F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5EAE8956B5E130D1CD811FBDDCF95B864A3C01B0 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa Signing time: Thu 13 Nov 2025 02:00:07 +0000 ROA not before: Thu 13 Nov 2025 02:00:07 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:ae:89:56:b5:e1:30:d1:cd:81:1f:bd:dc:f9:5b:86:4a:3c:01:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 13 02:00:07 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=4abc9a06f548231184a7fc7fbfedfa28ba9262f2d71ac268df0a043ac40f66a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:4f:44:9b:f0:77:19:2a:8e:4b:99:65:3f:c9: 25:50:81:2b:4e:6e:61:87:5f:84:e0:59:0d:63:7c: 55:59:86:c7:f9:74:99:65:4a:c1:e7:f9:ea:aa:a4: ea:36:e2:11:07:00:58:ae:8a:46:63:12:ac:be:03: 75:07:2c:14:ec:f9:35:9a:c7:27:72:e6:90:d1:d6: 2d:7f:24:69:41:5a:ce:6a:c8:4a:02:a7:aa:b9:9f: 1b:5d:21:39:9f:70:c9:94:75:13:43:aa:f5:57:2d: 56:9b:68:f0:f4:1e:8b:a7:e9:de:33:fb:df:d6:68: 24:91:87:01:1a:69:33:73:5c:48:46:7f:fc:ab:77: e8:6a:b1:d8:8f:d9:69:3e:79:d7:3d:22:3a:51:c5: 1b:f3:3b:2d:d1:23:45:fd:53:5b:1f:17:11:a9:a9: f6:b1:b9:b0:78:18:9c:30:7c:7d:ab:65:cf:77:1c: 5d:6a:65:81:b8:c4:df:cf:19:97:20:e4:83:6e:24: 09:10:6c:f3:54:6f:21:db:a2:0b:ac:60:e9:3d:aa: 09:1a:cf:28:0a:35:7c:de:97:2d:4f:08:02:64:29: 2a:27:a0:bd:e9:59:1b:d3:a6:91:6a:f9:11:01:19: 6a:7d:66:0f:1c:0c:c6:0c:a9:93:e8:81:d5:92:3f: 68:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:D1:7A:CD:0F:8D:63:7E:24:C5:74:B9:E7:8C:87:16:CF:34:3E:6F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:800::/40 Signature Algorithm: sha256WithRSAEncryption 33:e0:d8:a9:fd:8d:0f:33:cf:8d:49:da:30:62:f8:cb:f8:66: 03:0a:b3:f7:49:78:2c:34:a8:d2:7e:2d:9d:da:7f:e8:7e:ce: d5:2a:af:ca:d1:5d:91:66:bd:d6:74:09:84:44:0f:ce:81:aa: 8e:85:2c:41:e7:20:cb:59:45:a3:3b:c6:1a:fe:e9:11:2e:21: c8:08:5b:bf:db:3e:ac:af:73:a6:cb:13:5d:06:36:0d:aa:b1: 2b:41:a8:cb:df:d7:5c:70:c2:b6:74:71:6a:70:46:0d:9b:e4: d2:5c:24:bb:27:aa:75:7f:ff:ad:0e:86:12:1e:50:79:1d:f7: 14:3a:98:a4:5a:fd:bb:5d:ba:bb:10:ae:d0:ba:84:f5:bd:f4: b5:be:ae:b6:c2:b9:ba:e2:75:5c:c2:6d:be:54:1c:14:de:f0: bd:7c:8b:4b:0a:20:01:69:1d:e7:9f:f6:23:ef:1e:3e:d3:11: e2:5f:fb:6d:f0:81:45:c1:20:a0:18:51:ec:fa:41:0b:15:48: 82:2d:aa:14:1f:02:ab:85:4c:f6:a8:4d:2b:16:01:38:06:be: 01:78:ea:30:e2:b0:9a:cd:39:6b:1b:f4:35:08:be:c7:00:46: 31:47:fd:dd:cd:14:7b:70:7b:dc:1f:28:3e:eb:94:8c:5e:54: fa:c2:6e:f3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXq6JVrXhMNHNgR+93Plbhko8AbAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTMwMjAwMDdaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV BAUTQDRhYmM5YTA2ZjU0ODIzMTE4NGE3ZmM3ZmJmZWRmYTI4YmE5MjYyZjJkNzFh YzI2OGRmMGEwNDNhYzQwZjY2YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMtPRJvwdxkqjkuZZT/JJVCBK05uYYdfhOBZDWN8VVmGx/l0mWVKwef56qqk 6jbiEQcAWK6KRmMSrL4DdQcsFOz5NZrHJ3LmkNHWLX8kaUFazmrISgKnqrmfG10h OZ9wyZR1E0Oq9VctVpto8PQei6fp3jP739ZoJJGHARppM3NcSEZ//Kt36Gqx2I/Z aT551z0iOlHFG/M7LdEjRf1TWx8XEamp9rG5sHgYnDB8fatlz3ccXWplgbjE388Z lyDkg24kCRBs81RvIduiC6xg6T2qCRrPKAo1fN6XLU8IAmQpKiegvelZG9OmkWr5 EQEZan1mDxwMxgypk+iB1ZI/aEUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSn0XrN D41jfiTFdLnnjIcWzzQ+bzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWQwMzAzNTQtNWY0ZC00N2Q0LTlmOTYtMzEwYzlhNTA5ZDAyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAI MA0GCSqGSIb3DQEBCwUAA4IBAQAz4Nip/Y0PM8+NSdowYvjL+GYDCrP3SXgsNKjS fi2d2n/ofs7VKq/K0V2RZr3WdAmERA/OgaqOhSxB5yDLWUWjO8Ya/ukRLiHICFu/ 2z6sr3OmyxNdBjYNqrErQajL39dccMK2dHFqcEYNm+TSXCS7J6p1f/+tDoYSHlB5 HfcUOpikWv27Xbq7EK7QuoT1vfS1vq62wrm64nVcwm2+VBwU3vC9fItLCiABaR3n n/Yj7x4+0xHiX/tt8IFFwSCgGFHs+kELFUiCLaoUHwKrhUz2qE0rFgE4Br4BeOow 4rCazTlrG/Q1CL7HAEYxR/3dzRR7cHvcHyg+65SMXlT6wm7z -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:42 2025 by rpki-client