This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa File: c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa (raw, json) Hash identifier: a42s4lyOmex/JkHjFDPD/AcFDoZLdAaHf8JQ8UykvsU= Subject key identifier: 57:CF:26:4A:FA:51:05:CA:CE:52:20:EC:A1:EB:21:3D:70:8B:62:C0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 61D02D6AA2CAC4EDD87146A018E1CFD5189897EA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa Signing time: Sat 15 Nov 2025 05:50:11 +0000 ROA not before: Sat 15 Nov 2025 05:50:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:40e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:d0:2d:6a:a2:ca:c4:ed:d8:71:46:a0:18:e1:cf:d5:18:98:97:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f233e53df81a89ce2c461f98ecd8fe92bf6327dd4212f379e2e9c682f24901be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:90:fb:cf:c9:2a:c4:10:a1:fa:0e:75:a8:b1: c4:01:f8:36:d0:dc:7c:cd:db:96:81:b6:f8:dd:e2: de:dd:78:2e:64:bf:ad:9d:00:0a:8e:d4:6b:7f:53: 01:e0:f9:6a:bd:27:37:9e:56:c0:20:66:a9:39:ba: fa:85:e5:08:ce:b3:88:7e:70:56:a6:16:49:e6:48: b9:57:bb:1d:1d:65:2b:56:8f:92:95:e7:c3:10:35: 35:8a:75:0d:68:64:18:3f:25:9a:d7:46:fd:a3:80: e1:7d:47:2e:f1:98:97:47:19:39:22:75:58:05:13: 2f:c2:93:8d:c7:e6:9e:dc:d5:09:4f:1c:12:2d:88: 55:2d:26:c2:31:09:dc:98:b1:35:cd:78:4b:46:18: 91:75:20:1a:6c:ae:96:f5:c7:f1:62:fd:2e:01:e6: d5:00:3f:54:2a:82:e7:ae:cc:b9:f1:d6:46:aa:f4: 57:b0:76:a9:be:f1:13:4b:d0:32:0e:c9:9c:85:b3: ce:2c:7c:b6:55:1f:9b:b4:d5:fa:c8:b4:8b:fc:d7: c9:dc:b6:07:77:73:23:3e:55:53:70:47:35:d9:46: 3a:4e:b4:23:45:d1:b9:2c:e1:2d:49:43:61:b7:db: 84:0e:19:0c:23:35:3a:b8:43:e0:b6:71:db:66:b7: 85:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:CF:26:4A:FA:51:05:CA:CE:52:20:EC:A1:EB:21:3D:70:8B:62:C0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4acf4ba-05c5-4e0a-9dfd-70cf32218bb4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:40e0::/48 Signature Algorithm: sha256WithRSAEncryption 4c:8a:0c:f9:49:13:42:04:7c:43:4e:6e:18:bc:3d:4b:4a:d7: ac:37:f0:fb:ba:7e:80:67:12:57:89:42:08:0a:5b:c8:95:38: 2b:2e:23:ab:4c:83:43:e3:f4:cc:72:27:84:8d:13:92:6e:91: bf:25:9c:98:17:cd:f6:b4:05:5b:0b:92:ea:34:c0:db:c7:82: c6:77:90:16:43:30:21:53:e8:03:ee:e1:7e:4b:7e:bb:da:5b: 4a:12:ca:12:b1:6c:e9:ed:a4:0c:11:d9:6a:ec:33:5c:91:62: 30:c5:bb:d9:c3:65:4d:b6:8b:f8:7b:3a:ff:89:59:99:f4:9c: d3:50:b8:d9:63:89:b8:7f:a2:00:96:44:bf:f6:72:88:0c:1b: 2b:25:17:f1:da:ca:e5:93:21:36:c7:6c:85:9e:3f:82:57:d1: 6c:f4:4e:16:41:ce:2b:92:70:8a:ef:6b:a2:64:ea:59:19:c1: 90:b9:15:2d:78:ea:b5:66:cd:2d:b7:5d:b3:f2:77:3e:f0:dd: b5:ca:7b:7d:11:cb:28:1c:be:30:38:23:8c:b9:5f:89:2a:53: 26:56:81:2b:05:7b:da:cb:6f:10:5c:0c:5b:4e:2d:8b:2d:00: 39:bb:d3:cc:9f:33:91:96:fa:d5:d0:1d:21:95:8f:91:4a:81: 6e:b1:39:2f -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUYdAtaqLKxO3YcUagGOHP1RiYl+owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGYyMzNlNTNkZjgxYTg5Y2UyYzQ2MWY5OGVjZDhmZTkyYmY2MzI3ZGQ0MjEy ZjM3OWUyZTljNjgyZjI0OTAxYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANiQ+8/JKsQQofoOdaixxAH4NtDcfM3bloG2+N3i3t14LmS/rZ0ACo7Ua39T AeD5ar0nN55WwCBmqTm6+oXlCM6ziH5wVqYWSeZIuVe7HR1lK1aPkpXnwxA1NYp1 DWhkGD8lmtdG/aOA4X1HLvGYl0cZOSJ1WAUTL8KTjcfmntzVCU8cEi2IVS0mwjEJ 3JixNc14S0YYkXUgGmyulvXH8WL9LgHm1QA/VCqC567MufHWRqr0V7B2qb7xE0vQ Mg7JnIWzzix8tlUfm7TV+si0i/zXydy2B3dzIz5VU3BHNdlGOk60I0XRuSzhLUlD YbfbhA4ZDCM1OrhD4LZx22a3hTcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXzyZK +lEFys5SIOyh6yE9cItiwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzRhY2Y0YmEtMDVjNS00ZTBhLTlkZmQtNzBjZjMyMjE4YmI0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA 4DANBgkqhkiG9w0BAQsFAAOCAQEATIoM+UkTQgR8Q05uGLw9S0rXrDfw+7p+gGcS V4lCCApbyJU4Ky4jq0yDQ+P0zHInhI0Tkm6RvyWcmBfN9rQFWwuS6jTA28eCxneQ FkMwIVPoA+7hfkt+u9pbShLKErFs6e2kDBHZauwzXJFiMMW72cNlTbaL+Hs6/4lZ mfSc01C42WOJuH+iAJZEv/ZyiAwbKyUX8drK5ZMhNsdshZ4/glfRbPROFkHOK5Jw iu9romTqWRnBkLkVLXjqtWbNLbdds/J3PvDdtcp7fRHLKBy+MDgjjLlfiSpTJlaB KwV72stvEFwMW04tiy0AObvTzJ8zkZb61dAdIZWPkUqBbrE5Lw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:52 2025 by rpki-client