This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json) Hash identifier: g05vv9upTcLS4T58GjLGBoIapkr+FcGl5AGRFjwRV9s= Subject key identifier: 47:A4:CF:46:A1:49:F8:BA:30:AA:58:98:B8:00:17:67:A1:F0:04:2E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3254CEDE0E41708749296D1C2A075C7D0CB4DDFC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa Signing time: Wed 10 Dec 2025 05:40:47 +0000 ROA not before: Wed 10 Dec 2025 05:40:47 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:54:ce:de:0e:41:70:87:49:29:6d:1c:2a:07:5c:7d:0c:b4:dd:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:47 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a90d59930c2b64ae08de5126b40d6561c423c3bfc8ca79b666841410af71847c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e9:5d:bb:ac:ff:b4:fa:89:24:ba:60:44:ea: 5f:7c:81:04:a8:d5:18:bf:ea:79:e6:3b:38:c7:fd: cb:8b:de:2c:cf:59:a4:10:11:76:56:c9:cc:f0:29: 77:7d:95:f3:09:c9:d7:1e:a4:c6:5d:a6:72:f2:59: 5c:a4:59:52:34:5e:00:cd:a1:7a:83:71:25:4a:be: 37:e9:a5:a0:3a:01:b7:63:b4:df:64:28:a5:c9:7f: e6:d0:ca:05:f1:92:40:b7:b9:15:39:6c:4d:8b:96: 34:3e:90:56:2b:6a:d8:9c:39:50:e9:0d:4e:62:3d: ab:f3:88:fa:0c:47:77:22:c5:28:0d:e0:c1:90:d3: c2:17:ee:34:7e:62:36:54:32:31:3e:29:87:4b:1a: 2c:ec:7c:b3:4e:88:fa:03:99:85:c4:c4:4c:92:69: fa:d3:5b:0a:21:c4:98:e4:1e:fe:ab:f2:80:74:37: d4:0e:bc:9d:9e:0b:e6:73:c4:9c:5a:05:c7:b2:0f: 1b:e1:da:0e:85:34:ff:cd:a5:a6:5d:9c:c0:21:1e: 5c:e2:e7:3f:18:af:7a:56:ae:ff:17:86:3e:ae:bf: 8f:57:2b:58:ad:7a:60:97:ac:b8:08:a0:b0:3f:e0: 8b:61:0a:4e:4a:52:a3:2a:62:de:3b:6a:27:d3:1f: 38:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:A4:CF:46:A1:49:F8:BA:30:AA:58:98:B8:00:17:67:A1:F0:04:2E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:a000::/40 Signature Algorithm: sha256WithRSAEncryption 43:43:35:de:8f:82:98:9e:cc:7d:e0:ac:e4:7d:84:48:77:1a: ca:32:a9:d0:d6:2f:72:73:1d:4a:88:c2:fa:d4:74:4b:f5:33: dd:8e:ed:44:39:05:d0:3c:5b:4c:b5:44:3c:20:96:b5:63:73: e6:6a:b1:8f:d0:56:ba:58:fd:ff:9e:66:ea:4b:d6:d4:09:dc: 67:53:e5:fa:b3:c7:fb:05:ed:e6:d7:d3:2f:85:70:58:c6:a3: db:2b:be:50:29:86:1c:08:36:37:93:39:39:ab:44:88:fd:92: bf:51:f4:51:35:c2:9e:27:1d:37:21:8e:ac:1e:2a:57:e4:65: 12:19:65:3e:54:12:5b:85:6d:69:4b:be:e9:6c:5c:56:27:64: 0f:57:49:b4:e9:65:2c:51:d2:de:f8:b2:86:db:74:7c:f0:32: f5:49:dc:fd:d7:9f:c6:b9:1e:75:0b:a2:cf:44:a7:74:84:b7: 9c:11:13:80:19:0c:ef:4b:fa:b3:9d:de:06:ba:a8:9b:88:f6: 4f:76:64:7a:af:86:76:77:1f:a0:81:5e:ad:71:dd:a1:5d:49: 06:cb:88:2c:c3:e5:fe:29:2e:9e:92:ee:80:2a:60:6c:50:cf: 9a:ea:bb:f3:c0:65:0a:90:2c:d1:94:9e:04:49:76:72:d9:cc: d1:b2:01:24 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMlTO3g5BcIdJKW0cKgdcfQy03fwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGE5MGQ1OTkzMGMyYjY0YWUwOGRlNTEyNmI0MGQ2NTYxYzQyM2MzYmZjOGNh NzliNjY2ODQxNDEwYWY3MTg0N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7pXbus/7T6iSS6YETqX3yBBKjVGL/qeeY7OMf9y4veLM9ZpBARdlbJzPAp d32V8wnJ1x6kxl2mcvJZXKRZUjReAM2heoNxJUq+N+mloDoBt2O032Qopcl/5tDK BfGSQLe5FTlsTYuWND6QVitq2Jw5UOkNTmI9q/OI+gxHdyLFKA3gwZDTwhfuNH5i NlQyMT4ph0saLOx8s06I+gOZhcTETJJp+tNbCiHEmOQe/qvygHQ31A68nZ4L5nPE nFoFx7IPG+HaDoU0/82lpl2cwCEeXOLnPxivelau/xeGPq6/j1crWK16YJesuAig sD/gi2EKTkpSoypi3jtqJ9MfOAMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHpM9G oUn4ujCqWJi4ABdnofAELjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg MA0GCSqGSIb3DQEBCwUAA4IBAQBDQzXej4KYnsx94KzkfYRIdxrKMqnQ1i9ycx1K iML61HRL9TPdju1EOQXQPFtMtUQ8IJa1Y3PmarGP0Fa6WP3/nmbqS9bUCdxnU+X6 s8f7Be3m19MvhXBYxqPbK75QKYYcCDY3kzk5q0SI/ZK/UfRRNcKeJx03IY6sHipX 5GUSGWU+VBJbhW1pS77pbFxWJ2QPV0m06WUsUdLe+LKG23R88DL1Sdz915/GuR51 C6LPRKd0hLecEROAGQzvS/qznd4GuqibiPZPdmR6r4Z2dx+ggV6tcd2hXUkGy4gs w+X+KS6eku6AKmBsUM+a6rvzwGUKkCzRlJ4ESXZy2czRsgEk -----END CERTIFICATE-----Generated at Mon Dec 15 17:04:22 2025 by rpki-client