This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa File: a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa (raw, json) Hash identifier: N6sEV4Kvgpkfgsrsr+mu4G1uMma9XjJgWQ4dXIFhbzg= Subject key identifier: A8:F8:85:EA:DD:85:98:C7:E6:2F:A0:6A:8E:A1:4C:4C:77:66:EE:DA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7DA3D09E35C72837F3D098AC58E0F983651F8116 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa Signing time: Sat 29 Nov 2025 03:00:11 +0000 ROA not before: Sat 29 Nov 2025 03:00:11 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d074:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:a3:d0:9e:35:c7:28:37:f3:d0:98:ac:58:e0:f9:83:65:1f:81:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:11 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=c511a7be11fb603afcb11ab9ad8bde5c4f6b256ab6932c477639bb68596ee534, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b4:02:c3:45:c1:9b:82:d3:a8:a9:e4:ac:b9: 02:2a:b4:e6:f5:9c:59:6e:35:d4:b1:ed:ca:03:53: f4:e5:b6:64:08:f7:0a:46:ae:32:be:e4:a5:5d:ea: 4c:f1:d3:6c:5e:d7:a5:ed:96:4a:57:d4:95:f8:b1: c8:01:20:51:62:43:e4:bb:72:52:a6:45:5f:89:b1: d0:5a:1e:34:42:dd:f5:a1:f6:90:b5:e6:40:c2:b3: a4:9d:40:ba:db:5c:63:b4:10:99:cc:4f:45:51:18: 29:24:e9:22:98:7f:da:e5:fd:1d:e8:c6:1f:6e:12: 29:3c:f6:bd:3a:5a:7b:3d:b1:67:8c:25:ae:ed:d5: 92:45:da:cd:18:e3:12:67:39:18:89:9b:8b:01:8b: 22:b3:ba:33:d7:3e:eb:3b:f5:f7:06:f8:be:1e:2b: 08:6d:66:8e:67:71:80:1e:7d:44:8d:78:6e:87:79: 9a:85:09:6a:4a:7d:6d:3c:ce:ce:7a:f9:1a:cc:bc: 0a:f0:f6:72:5e:38:d0:2d:81:6b:16:21:49:4b:2e: f2:d8:2b:17:59:d5:f7:59:87:3c:ed:78:75:d9:f0: ca:96:7f:19:9a:0d:3f:40:12:8a:19:db:f9:1c:c8: 6a:68:d3:8f:fb:d5:33:13:38:33:78:ff:e7:17:c9: f8:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:F8:85:EA:DD:85:98:C7:E6:2F:A0:6A:8E:A1:4C:4C:77:66:EE:DA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d074:800::/40 Signature Algorithm: sha256WithRSAEncryption 25:e3:3c:13:6e:a6:c7:0a:95:d1:5c:bc:24:e8:c5:36:2a:ac: 3e:d6:fa:cd:ce:89:57:06:54:d2:c7:b4:3e:a5:e0:49:6c:4e: d6:fb:74:55:77:56:cc:5c:db:fa:c7:ab:c9:c6:8f:34:51:fb: ed:ac:6b:61:17:e7:ad:9c:dc:0f:69:99:46:32:bb:c1:2f:88: 2f:a5:91:7a:f0:0a:25:87:54:3b:2e:7b:cc:db:f4:2c:7e:e8: a1:1d:83:52:02:6c:1f:af:57:ed:23:87:9a:c3:2f:ce:98:c4: 2b:4b:0e:09:ed:c0:24:ab:5e:5a:df:fa:ac:39:b0:47:de:80: 2c:eb:ca:68:b3:c9:0a:e7:22:57:aa:a5:6a:4b:f0:7e:ef:c7: 51:93:6c:a2:fd:18:bb:e7:b8:9f:25:a9:d3:1c:1d:22:6c:58: ff:6a:0a:fc:2e:f3:42:f6:19:04:14:1e:ae:37:e5:5f:7d:a6: 77:bd:f6:a1:23:6c:c5:e7:af:a8:1e:34:e4:8e:98:85:89:6a: 3a:f9:94:a8:c6:64:d1:da:96:84:99:d5:98:6f:e6:e2:37:38: 96:2e:a4:71:b5:b1:8d:68:ba:c0:97:f3:e2:68:5d:2c:cd:93: b4:e3:1c:08:9f:f1:4d:94:10:0b:e9:de:a3:73:c1:38:dc:de: 8a:56:23:28 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfaPQnjXHKDfz0JisWOD5g2UfgRYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMTFaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGM1MTFhN2JlMTFmYjYwM2FmY2IxMWFiOWFkOGJkZTVjNGY2YjI1NmFiNjkz MmM0Nzc2MzliYjY4NTk2ZWU1MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMq0AsNFwZuC06ip5Ky5Aiq05vWcWW411LHtygNT9OW2ZAj3CkauMr7kpV3q TPHTbF7Xpe2WSlfUlfixyAEgUWJD5LtyUqZFX4mx0FoeNELd9aH2kLXmQMKzpJ1A uttcY7QQmcxPRVEYKSTpIph/2uX9HejGH24SKTz2vTpaez2xZ4wlru3VkkXazRjj Emc5GImbiwGLIrO6M9c+6zv19wb4vh4rCG1mjmdxgB59RI14bod5moUJakp9bTzO znr5Gsy8CvD2cl440C2BaxYhSUsu8tgrF1nV91mHPO14ddnwypZ/GZoNP0ASihnb +RzIamjTj/vVMxM4M3j/5xfJ+G8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSo+IXq 3YWYx+YvoGqOoUxMd2bu2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTQ5ZTIzZGUtNmZjOS00MTJiLTlkMjMtNGYwODMwZDlmYTdhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI MA0GCSqGSIb3DQEBCwUAA4IBAQAl4zwTbqbHCpXRXLwk6MU2Kqw+1vrNzolXBlTS x7Q+peBJbE7W+3RVd1bMXNv6x6vJxo80UfvtrGthF+etnNwPaZlGMrvBL4gvpZF6 8Aolh1Q7LnvM2/QsfuihHYNSAmwfr1ftI4eawy/OmMQrSw4J7cAkq15a3/qsObBH 3oAs68pos8kK5yJXqqVqS/B+78dRk2yi/Ri757ifJanTHB0ibFj/agr8LvNC9hkE FB6uN+VffaZ3vfahI2zF56+oHjTkjpiFiWo6+ZSoxmTR2paEmdWYb+biNziWLqRx tbGNaLrAl/PiaF0szZO04xwIn/FNlBAL6d6jc8E43N6KViMo -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:30 2025 by rpki-client