This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa File: a8cd111d-bddb-47e0-af43-fc5a8d930376.roa (raw, json) Hash identifier: PKNH6ITLCJaYfTvoVoLbT+8u2w3qsvaLKvx00yZPBis= Subject key identifier: 04:1B:71:A2:31:8F:85:E3:39:A6:4D:34:10:F3:9A:E8:79:F6:2E:B2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2BDFC021CF1168090086B5EAD7A54E8FB6E81B4D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa Signing time: Wed 10 Dec 2025 06:01:07 +0000 ROA not before: Wed 10 Dec 2025 06:01:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:df:c0:21:cf:11:68:09:00:86:b5:ea:d7:a5:4e:8f:b6:e8:1b:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=44b19214ae2afecb852a97e65979cc30d51516cdac27e495bdbabae251b2d5fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:ab:cd:e2:59:f1:9e:b5:b7:67:72:63:ff:46: 3d:cb:f6:eb:6d:35:df:d9:78:65:31:43:d1:86:57: 9c:4b:97:89:00:16:80:37:56:c9:34:f3:af:7f:0b: 80:41:5a:bb:d4:a0:49:b2:26:b3:cc:56:97:d4:8b: 5d:fc:03:26:08:ef:83:6b:86:d9:8d:3b:5d:ae:3a: 1b:ba:ee:8d:e2:88:f0:5d:2a:e4:10:cf:8e:33:39: 85:41:bb:bc:18:10:a5:71:33:87:57:9e:1b:05:ae: dc:d6:86:d6:a3:37:1d:e3:d3:8c:f1:3b:32:eb:81: 33:c5:66:2d:30:21:9b:b4:99:42:c7:da:a1:64:22: 37:aa:13:a5:d8:47:21:5b:b6:01:1e:51:c3:9b:a4: 7c:d4:33:c0:5a:8a:af:77:39:58:0b:12:61:a7:2f: 31:5d:a1:1b:ab:d3:15:b1:da:b6:21:7d:a3:0b:57: 42:11:f4:23:1e:b3:f6:ce:23:d7:b2:5c:ac:c3:48: c0:fd:ea:9e:98:29:1a:d7:24:f0:0a:5f:1d:7a:25: 8c:17:84:aa:5a:ce:87:21:50:31:7a:62:af:1a:23: fc:40:25:03:54:03:2d:52:f0:dd:28:18:25:f6:4a: 3f:bf:f3:d9:9e:52:aa:08:6c:ad:13:70:93:70:e0: 61:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:1B:71:A2:31:8F:85:E3:39:A6:4D:34:10:F3:9A:E8:79:F6:2E:B2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:1000::/40 Signature Algorithm: sha256WithRSAEncryption 5c:43:67:31:38:55:3f:25:64:6f:46:a6:18:c3:ca:9e:f6:2f: ae:97:67:41:8b:38:e4:34:0c:65:5b:48:db:3a:53:37:5e:88: 3e:f0:ef:d6:df:5d:4b:68:6b:59:95:78:5b:08:d9:e3:08:59: c6:e5:4e:9b:c3:8d:ce:b3:74:92:24:89:d6:a3:1f:2e:72:c6: c4:51:26:2a:bb:1c:70:1a:41:00:6b:36:ca:84:f7:47:9f:ba: 58:e4:d1:10:fb:c3:84:00:01:1d:38:2f:52:53:59:25:51:86: 7f:5f:e4:a7:1f:24:78:ca:58:8d:a1:04:29:a9:a3:bc:22:21: 3c:c4:43:61:ff:10:6b:bf:7c:e9:7b:bb:51:ae:95:b0:21:2b: 73:4d:81:53:ee:83:51:95:7e:df:7b:b9:5b:65:7a:c8:e1:d5: 58:0c:22:7a:49:c1:1a:68:11:05:87:36:cb:57:46:e1:5e:d0: 03:98:56:ed:bf:a0:00:db:44:d3:0d:97:60:88:fd:b8:9e:6c: f9:66:2f:b8:85:37:73:79:e5:c3:bc:f8:f0:d2:98:89:2d:fd: 07:0a:94:08:dd:54:db:2d:0d:e3:24:9d:c2:a6:1d:1b:0b:ae: 38:3e:fd:7a:71:6f:20:bf:08:63:02:f8:ee:89:77:18:61:74: 1e:b1:89:03 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUK9/AIc8RaAkAhrXq16VOj7boG00wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ0YjE5MjE0YWUyYWZlY2I4NTJhOTdlNjU5NzljYzMwZDUxNTE2Y2RhYzI3 ZTQ5NWJkYmFiYWUyNTFiMmQ1ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJCrzeJZ8Z61t2dyY/9GPcv2620139l4ZTFD0YZXnEuXiQAWgDdWyTTzr38L gEFau9SgSbIms8xWl9SLXfwDJgjvg2uG2Y07Xa46G7rujeKI8F0q5BDPjjM5hUG7 vBgQpXEzh1eeGwWu3NaG1qM3HePTjPE7MuuBM8VmLTAhm7SZQsfaoWQiN6oTpdhH IVu2AR5Rw5ukfNQzwFqKr3c5WAsSYacvMV2hG6vTFbHatiF9owtXQhH0Ix6z9s4j 17JcrMNIwP3qnpgpGtck8ApfHXoljBeEqlrOhyFQMXpirxoj/EAlA1QDLVLw3SgY JfZKP7/z2Z5SqghsrRNwk3DgYScCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEG3Gi MY+F4zmmTTQQ85roefYusjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YThjZDExMWQtYmRkYi00N2UwLWFmNDMtZmM1YThkOTMwMzc2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEQ MA0GCSqGSIb3DQEBCwUAA4IBAQBcQ2cxOFU/JWRvRqYYw8qe9i+ul2dBizjkNAxl W0jbOlM3Xog+8O/W311LaGtZlXhbCNnjCFnG5U6bw43Os3SSJInWox8ucsbEUSYq uxxwGkEAazbKhPdHn7pY5NEQ+8OEAAEdOC9SU1klUYZ/X+SnHyR4yliNoQQpqaO8 IiE8xENh/xBrv3zpe7tRrpWwIStzTYFT7oNRlX7fe7lbZXrI4dVYDCJ6ScEaaBEF hzbLV0bhXtADmFbtv6AA20TTDZdgiP24nmz5Zi+4hTdzeeXDvPjw0piJLf0HCpQI 3VTbLQ3jJJ3Cph0bC644Pv16cW8gvwhjAvjuiXcYYXQesYkD -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:28 2025 by rpki-client