This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa File: ad017d4e-10ed-4706-a728-1b3d3feae80f.roa (raw, json) Hash identifier: wSDq2tiLbmiz+0biybRAO0QbOXvsxDj2gZi1CEkFZ/M= Subject key identifier: 06:C6:77:C4:87:70:EF:B8:E3:45:F1:A2:5F:58:46:65:ED:6B:DB:50 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6A5828B375D5D2AD1A207216B269DD6CA7EF05DB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa Signing time: Wed 10 Dec 2025 05:31:24 +0000 ROA not before: Wed 10 Dec 2025 05:31:24 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:58:28:b3:75:d5:d2:ad:1a:20:72:16:b2:69:dd:6c:a7:ef:05:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:24 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4f4425dab4db717158e7368de95ff642163fc656d72fd5c0b1f55ec2678641a6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:db:a7:94:32:57:ef:d5:3a:e1:de:4a:61:f2: 4d:8d:76:ca:1a:70:52:dd:c1:87:47:e1:c0:dd:9a: eb:39:64:3a:56:95:8e:d7:93:8b:1a:59:29:68:17: 27:4b:8f:19:5b:31:64:15:9d:ca:60:bd:26:d7:f4: ff:3a:b8:38:fa:ff:a3:11:11:ae:c1:a4:ce:61:48: 2f:f7:3f:ad:a9:fb:a8:cc:ff:9d:88:63:96:8f:5b: 0f:36:3a:d3:d4:10:2f:03:18:92:9f:41:fe:e8:06: f5:85:f8:3e:ab:aa:f4:e2:a0:20:f6:4e:83:ae:a1: 89:63:ad:73:25:8f:e3:7e:7d:ec:38:5b:f0:39:6b: 84:ef:7a:3d:e9:f0:d2:05:3a:0f:63:24:d2:2b:8f: 99:02:ae:96:63:fc:07:36:8d:ca:e2:b2:b5:9c:4f: dd:08:59:09:53:d2:47:c4:1b:ba:04:73:31:6d:d7: 39:f7:5a:57:bc:30:48:45:31:06:40:b1:bb:cd:d7: 4e:4c:a0:0e:7e:5d:57:68:f4:6f:92:6b:3a:40:28: 60:0f:11:38:78:66:83:ec:41:aa:81:51:06:38:37: 78:d4:0c:5e:28:a0:67:20:6e:90:97:27:84:ab:55: ec:2d:19:bc:6b:b3:99:5b:88:3a:75:a9:a6:69:92: 02:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:C6:77:C4:87:70:EF:B8:E3:45:F1:A2:5F:58:46:65:ED:6B:DB:50 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:4000::/40 Signature Algorithm: sha256WithRSAEncryption 4a:80:f8:49:43:23:f8:82:53:0e:8e:3d:ba:28:00:d5:b4:7d: 82:8f:d1:fe:9e:27:94:f1:99:ee:b8:54:49:41:e3:1b:1d:2d: 17:2e:53:44:b9:74:af:01:e7:68:bb:58:1a:9a:e8:b1:be:8b: b0:98:ce:f5:69:c4:9b:15:c5:ae:45:65:a8:4c:08:86:74:1b: 73:a8:f6:41:57:d6:af:27:a4:6c:a8:6a:b4:e8:62:e3:21:e2: 94:26:87:7d:8f:a2:7a:a4:98:93:5b:25:8f:5a:7a:6c:11:2d: 8c:88:82:d8:46:93:d2:05:e7:b6:df:7f:b1:b6:45:ed:e2:ee: 3b:8a:ac:0d:67:b3:5b:5e:f9:49:ba:d1:5b:4f:65:09:e5:09: 66:41:66:90:8b:ed:d1:bd:a6:6e:bb:97:58:89:13:04:da:72: 11:97:d4:7d:f9:c7:90:70:10:b4:cc:12:98:22:ae:d3:cc:63: a0:81:76:09:63:8e:50:44:80:a7:93:d0:6a:89:81:a8:17:c1: 85:c1:48:f4:85:42:cd:bb:6a:37:f9:8e:ba:1a:f0:64:2d:71: c9:6d:a7:50:30:a9:57:0e:61:5f:6a:58:b7:b6:db:97:fd:cf: 21:b3:f9:6c:a7:07:9c:4c:ba:5e:81:94:c9:fb:8c:f1:95:52: 9c:9e:9e:fe -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUalgos3XV0q0aIHIWsmndbKfvBdswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMjRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDRmNDQyNWRhYjRkYjcxNzE1OGU3MzY4ZGU5NWZmNjQyMTYzZmM2NTZkNzJm ZDVjMGIxZjU1ZWMyNjc4NjQxYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJPbp5QyV+/VOuHeSmHyTY12yhpwUt3Bh0fhwN2a6zlkOlaVjteTixpZKWgX J0uPGVsxZBWdymC9Jtf0/zq4OPr/oxERrsGkzmFIL/c/ran7qMz/nYhjlo9bDzY6 09QQLwMYkp9B/ugG9YX4Pquq9OKgIPZOg66hiWOtcyWP43597Dhb8DlrhO96Penw 0gU6D2Mk0iuPmQKulmP8BzaNyuKytZxP3QhZCVPSR8QbugRzMW3XOfdaV7wwSEUx BkCxu83XTkygDn5dV2j0b5JrOkAoYA8ROHhmg+xBqoFRBjg3eNQMXiigZyBukJcn hKtV7C0ZvGuzmVuIOnWppmmSAo8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGxnfE h3DvuONF8aJfWEZl7WvbUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWQwMTdkNGUtMTBlZC00NzA2LWE3MjgtMWIzZDNmZWFlODBmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A MA0GCSqGSIb3DQEBCwUAA4IBAQBKgPhJQyP4glMOjj26KADVtH2Cj9H+nieU8Znu uFRJQeMbHS0XLlNEuXSvAedou1gamuixvouwmM71acSbFcWuRWWoTAiGdBtzqPZB V9avJ6RsqGq06GLjIeKUJod9j6J6pJiTWyWPWnpsES2MiILYRpPSBee233+xtkXt 4u47iqwNZ7NbXvlJutFbT2UJ5QlmQWaQi+3RvaZuu5dYiRME2nIRl9R9+ceQcBC0 zBKYIq7TzGOggXYJY45QRICnk9BqiYGoF8GFwUj0hULNu2o3+Y66GvBkLXHJbadQ MKlXDmFfali3ttuX/c8hs/lspwecTLpegZTJ+4zxlVKcnp7+ -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:37 2025 by rpki-client