This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa File: ad017d4e-10ed-4706-a728-1b3d3feae80f.roa (raw, json) Hash identifier: qg5x3u0VOpREze2twruRLJ4mbEn7MQL+VsqHKMn/o5A= Subject key identifier: CF:E2:2C:89:B8:E7:BA:C4:B9:D5:35:30:5C:CC:6F:82:4D:01:6F:84 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 095FCFFEBEF7A571B0AA5DAB8039D904B80C7AF6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa Signing time: Sat 15 Nov 2025 05:31:13 +0000 ROA not before: Sat 15 Nov 2025 05:31:13 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:5f:cf:fe:be:f7:a5:71:b0:aa:5d:ab:80:39:d9:04:b8:0c:7a:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:31:13 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=58bc7c99ca56906d6d082a6ba6d62bfe3f215fbc5e94e47023e9e7ee5f1f28e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:3d:1c:79:db:e8:38:ae:4c:3e:5e:12:1a:95: 7b:13:bc:d1:70:98:15:84:ae:80:e6:e2:e2:3b:c0: b4:77:f3:6a:80:92:29:ba:79:b2:92:8d:f1:88:c1: 00:6b:bb:de:97:79:46:f2:4d:ae:22:85:01:dd:4b: a7:82:7b:1c:a6:2e:cd:38:fa:29:b9:2f:28:ed:af: 9c:75:4c:74:23:1f:23:91:c4:13:b3:a0:d4:ec:aa: e8:e5:bf:91:32:a7:b3:d9:7b:d3:63:4d:84:e3:06: f6:4a:ca:b4:8b:be:3d:b5:2e:3f:e4:49:9d:b0:c7: be:70:1f:60:45:bb:ba:b6:e5:23:de:e7:e7:7a:1a: 58:53:ee:23:aa:66:8c:51:f7:88:87:20:cf:3f:a5: ac:ef:5f:03:ee:8a:61:fa:b0:99:2f:47:6d:23:ea: e4:48:1b:2d:63:f8:0e:c0:24:60:cc:fd:95:1b:b5: ea:f0:6e:c8:0a:d9:b7:81:2f:e9:ce:ca:7c:f2:fb: b5:42:ae:fa:26:87:2b:43:c0:58:84:5f:0f:9d:d4: b9:80:ac:48:b2:c3:97:58:37:00:ab:a9:e6:12:d6: f9:81:8b:3d:ad:77:74:05:73:72:14:f1:4a:70:19: bc:65:b2:73:a7:57:ae:29:89:e1:3c:2e:c8:52:81: 88:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:E2:2C:89:B8:E7:BA:C4:B9:D5:35:30:5C:CC:6F:82:4D:01:6F:84 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:4000::/40 Signature Algorithm: sha256WithRSAEncryption 43:6b:91:69:ba:4f:dc:98:2f:ce:9e:35:e5:97:ac:ff:b2:b2: 76:8d:a1:89:3e:ae:ec:e7:45:92:63:e9:a1:96:8f:12:aa:05: ad:2b:35:aa:cf:97:c3:29:ee:cc:97:ca:4e:8d:4c:9f:db:f9: 53:41:0f:49:66:dd:57:62:9f:63:04:8f:61:c9:6b:b6:01:56: 1c:38:c8:2a:5b:0d:91:9e:6e:48:de:6c:f2:39:9c:9b:d1:2c: 3b:07:b9:de:e6:a4:db:38:d6:eb:5f:b1:fd:fe:a2:4c:e6:2d: 59:73:d6:a7:c5:ef:78:85:04:6f:74:5e:e7:60:59:e5:50:46: b1:a3:d5:8d:d2:2b:ce:42:24:f3:92:74:4a:49:ab:9b:e4:3a: 62:b1:e9:e1:31:da:53:a2:f7:93:c7:13:1e:50:45:71:62:02: 49:f8:9d:89:c6:34:01:34:93:36:6a:80:11:36:ad:7a:04:b7: 3c:ea:98:f4:97:e9:bc:26:06:7e:3d:b6:e4:9e:60:35:89:66: 44:54:34:8b:5b:92:9c:4c:11:11:f3:12:2e:cb:23:0b:1c:0a: 2f:06:a6:dd:7d:7f:e4:79:98:02:3e:72:05:5b:bb:81:98:cf: 44:ad:a9:3d:a5:88:ee:15:ee:46:77:f2:e2:ad:fa:b4:f6:58: 29:18:d6:46 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUCV/P/r73pXGwql2rgDnZBLgMevYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMxMTNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDU4YmM3Yzk5Y2E1NjkwNmQ2ZDA4MmE2YmE2ZDYyYmZlM2YyMTVmYmM1ZTk0 ZTQ3MDIzZTllN2VlNWYxZjI4ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK89HHnb6DiuTD5eEhqVexO80XCYFYSugObi4jvAtHfzaoCSKbp5spKN8YjB AGu73pd5RvJNriKFAd1Lp4J7HKYuzTj6KbkvKO2vnHVMdCMfI5HEE7Og1Oyq6OW/ kTKns9l702NNhOMG9krKtIu+PbUuP+RJnbDHvnAfYEW7urblI97n53oaWFPuI6pm jFH3iIcgzz+lrO9fA+6KYfqwmS9HbSPq5EgbLWP4DsAkYMz9lRu16vBuyArZt4Ev 6c7KfPL7tUKu+iaHK0PAWIRfD53UuYCsSLLDl1g3AKup5hLW+YGLPa13dAVzchTx SnAZvGWyc6dXrimJ4TwuyFKBiIMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTP4iyJ uOe6xLnVNTBczG+CTQFvhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YWQwMTdkNGUtMTBlZC00NzA2LWE3MjgtMWIzZDNmZWFlODBmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A MA0GCSqGSIb3DQEBCwUAA4IBAQBDa5Fpuk/cmC/OnjXll6z/srJ2jaGJPq7s50WS Y+mhlo8SqgWtKzWqz5fDKe7Ml8pOjUyf2/lTQQ9JZt1XYp9jBI9hyWu2AVYcOMgq Ww2Rnm5I3mzyOZyb0Sw7B7ne5qTbONbrX7H9/qJM5i1Zc9anxe94hQRvdF7nYFnl UEaxo9WN0ivOQiTzknRKSaub5DpisenhMdpToveTxxMeUEVxYgJJ+J2JxjQBNJM2 aoARNq16BLc86pj0l+m8JgZ+PbbknmA1iWZEVDSLW5KcTBER8xIuyyMLHAovBqbd fX/keZgCPnIFW7uBmM9Erak9pYjuFe5Gd/Lirfq09lgpGNZG -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:46 2025 by rpki-client