This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json) Hash identifier: OglEcPhsltRgzbVIsQW1YM9rkLXHh9GdmTyg+UvpsK4= Subject key identifier: 4A:49:57:48:A5:EC:BC:00:AF:E2:1C:9E:67:CB:F4:B1:BD:92:CD:20 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0A4B423A08175314B0004EBB824B885B03A0CF67 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa Signing time: Sat 15 Nov 2025 05:40:11 +0000 ROA not before: Sat 15 Nov 2025 05:40:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:4b:42:3a:08:17:53:14:b0:00:4e:bb:82:4b:88:5b:03:a0:cf:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=dabe6d842cb2e2f749acf08a85f3ebfb57804f9fb89d3428e59dfb3a05d61f91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:8b:4d:94:af:a1:b8:5a:17:a2:03:74:94:2c: af:31:40:f9:cc:49:35:00:a0:8a:f8:df:ef:0a:85: 63:e2:5e:47:09:a8:ab:60:8a:c0:f9:4e:24:c8:8b: 39:65:d0:3c:45:f6:19:5c:0c:e8:32:58:e0:dd:4f: ef:27:8a:ed:4a:f9:44:d8:9d:3e:76:2b:48:83:b7: 3e:bb:2e:1e:b3:36:ad:fd:f9:b6:15:88:1e:8e:10: 3b:6b:e0:3e:10:5c:d4:22:26:7d:28:c4:8e:50:b3: 46:ec:f6:09:c8:af:2a:02:2c:56:fe:7f:26:94:35: da:bd:8d:b8:a5:81:33:41:e5:8a:c9:c4:34:2a:27: 49:e0:1d:57:fc:54:8a:bd:17:cc:71:ab:b7:d6:11: d8:e2:87:3a:dc:39:33:e1:24:2f:5e:2b:90:b5:3f: de:50:85:cc:44:6c:06:fb:4e:0f:e3:64:1d:22:44: 25:63:e0:a8:e4:ea:7c:a4:6c:d4:db:a9:5d:99:ab: 52:7f:6d:7b:97:25:77:f9:2f:77:1a:13:a9:9b:b5: ef:a3:56:a9:12:0f:34:10:4f:6b:35:59:14:c3:f4: 4c:16:d3:8a:ab:e0:58:7f:b5:6c:88:d4:25:f8:ab: 7f:e0:52:cc:2a:6a:a4:07:de:a8:d7:f2:c1:7f:ac: ea:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:49:57:48:A5:EC:BC:00:AF:E2:1C:9E:67:CB:F4:B1:BD:92:CD:20 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:a000::/40 Signature Algorithm: sha256WithRSAEncryption 3d:33:88:f1:bb:0d:71:46:e0:a9:eb:a1:99:11:29:09:42:fe: cb:4f:cc:cb:f0:18:dc:47:d4:ad:af:f3:21:22:c0:50:76:57: c1:bf:43:f8:9c:4e:d3:1b:c9:ca:c8:d2:93:67:d5:ae:78:bb: 64:88:e3:af:2c:77:7f:da:20:99:ec:96:a8:54:54:11:db:f7: 1c:68:27:6e:d0:b1:07:7d:ab:71:11:4f:28:95:9b:16:d8:1b: fb:e4:9d:77:b4:9e:64:f5:fb:b6:f7:8a:8c:e6:65:12:75:f9: fa:ff:26:5a:9c:2c:fb:64:9c:dd:32:4c:51:40:b1:cf:6f:a5: c9:e7:8a:c5:52:6b:de:25:5f:14:e2:51:8a:a4:1b:d5:d5:ed: 7b:d2:fb:da:03:40:e3:47:ed:45:8f:bb:53:35:74:7e:98:36: 14:e2:2d:1b:65:bf:b7:a1:5b:d9:d7:c0:83:b3:2a:53:c4:1d: 4b:d9:cf:1d:24:0b:38:e7:3d:30:db:39:59:66:64:65:f1:6c: e4:ff:03:d3:a9:38:8a:e5:b8:fd:2c:d9:f4:0b:32:ed:66:2d: 72:30:2d:d1:54:8b:d2:e4:30:14:29:06:12:b5:24:d0:14:53: 28:46:82:18:4d:71:92:b5:5b:10:ce:c4:c9:64:3a:64:88:5a: 52:f0:e5:0a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUCktCOggXUxSwAE67gkuIWwOgz2cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGRhYmU2ZDg0MmNiMmUyZjc0OWFjZjA4YTg1ZjNlYmZiNTc4MDRmOWZiODlk MzQyOGU1OWRmYjNhMDVkNjFmOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJOLTZSvobhaF6IDdJQsrzFA+cxJNQCgivjf7wqFY+JeRwmoq2CKwPlOJMiL OWXQPEX2GVwM6DJY4N1P7yeK7Ur5RNidPnYrSIO3PrsuHrM2rf35thWIHo4QO2vg PhBc1CImfSjEjlCzRuz2CcivKgIsVv5/JpQ12r2NuKWBM0HlisnENConSeAdV/xU ir0XzHGrt9YR2OKHOtw5M+EkL14rkLU/3lCFzERsBvtOD+NkHSJEJWPgqOTqfKRs 1NupXZmrUn9te5cld/kvdxoTqZu176NWqRIPNBBPazVZFMP0TBbTiqvgWH+1bIjU Jfirf+BSzCpqpAfeqNfywX+s6okCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKSVdI pey8AK/iHJ5ny/SxvZLNIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg MA0GCSqGSIb3DQEBCwUAA4IBAQA9M4jxuw1xRuCp66GZESkJQv7LT8zL8BjcR9St r/MhIsBQdlfBv0P4nE7TG8nKyNKTZ9WueLtkiOOvLHd/2iCZ7JaoVFQR2/ccaCdu 0LEHfatxEU8olZsW2Bv75J13tJ5k9fu294qM5mUSdfn6/yZanCz7ZJzdMkxRQLHP b6XJ54rFUmveJV8U4lGKpBvV1e170vvaA0DjR+1Fj7tTNXR+mDYU4i0bZb+3oVvZ 18CDsypTxB1L2c8dJAs45z0w2zlZZmRl8Wzk/wPTqTiK5bj9LNn0CzLtZi1yMC3R VIvS5DAUKQYStSTQFFMoRoIYTXGStVsQzsTJZDpkiFpS8OUK -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:04 2025 by rpki-client