This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa File: c6b4bacc-5824-4f9c-a10d-49f145db8549.roa (raw, json) Hash identifier: DR6wDvgFS9Q+Hnae0luYY/R9wY1nSWkyO3bC14hX72c= Subject key identifier: 20:54:2E:8A:B1:99:A0:9F:96:A1:C5:E8:E1:E9:66:85:36:6E:0E:23 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 21772EF9418F6AB58A50DD69965D47BDAAC70BEA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa Signing time: Tue 18 Nov 2025 00:40:03 +0000 ROA not before: Tue 18 Nov 2025 00:40:03 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d02f::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:77:2e:f9:41:8f:6a:b5:8a:50:dd:69:96:5d:47:bd:aa:c7:0b:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:40:03 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=4966f737904843ab4bc963006409a88a0af2c94566800f94a8e8069d0a46dbc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:1c:60:e0:3d:a5:3d:7b:53:72:2e:6c:ef:02: f6:44:e3:6d:2a:83:04:48:a0:f6:87:52:00:77:6b: 85:25:5f:e6:ba:7d:d4:c4:e8:d7:4c:e7:0c:97:4d: 9c:c7:f9:11:7e:77:c8:2c:bf:2a:d1:c9:c9:31:8a: 55:be:9e:51:4b:77:d7:cf:f5:e1:94:0c:46:81:46: 35:74:71:42:01:f3:a8:5a:a1:36:33:ec:5c:3c:64: 9a:34:32:72:b3:da:62:01:d0:96:82:78:c8:2f:5d: dc:73:45:7a:28:54:65:ec:f0:3c:f1:1d:4b:b7:fa: 19:a5:34:a6:43:c5:47:ba:da:14:c3:80:0b:1d:c7: 63:be:a4:91:aa:03:bf:21:7f:a6:e5:3e:a6:53:3c: 01:bd:48:06:cc:d3:ee:bd:96:a0:54:bc:83:3a:87: c7:fe:42:85:c1:33:d0:06:ae:a7:dc:cd:6e:08:78: 31:de:30:05:1f:36:c4:68:c8:cc:d1:1c:e7:ec:4c: d5:f2:bd:3b:28:ba:8f:bb:98:ec:1d:b7:f7:5e:7f: a5:66:f1:be:99:e2:8e:19:75:b8:27:6d:77:2c:30: 2e:e0:f6:72:77:c5:38:4f:8c:36:c3:aa:3b:e5:92: 27:95:ff:7d:49:09:6f:04:40:57:82:24:79:ce:f3: d1:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:54:2E:8A:B1:99:A0:9F:96:A1:C5:E8:E1:E9:66:85:36:6E:0E:23 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c6b4bacc-5824-4f9c-a10d-49f145db8549.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d02f::/36 Signature Algorithm: sha256WithRSAEncryption 49:16:c5:8e:90:aa:fc:db:65:bb:e0:4e:00:92:54:2c:1d:98: 6c:1d:7f:36:81:87:65:a8:fa:bd:e4:30:fd:9f:c6:3a:2f:2b: ad:0a:f9:5a:33:76:23:11:c1:4a:68:8f:e9:2b:3b:c8:3a:c7: 71:5f:03:f6:97:ed:76:1a:a9:ad:27:48:53:b8:54:e5:92:7b: 5c:0d:95:16:f2:37:09:99:d7:66:10:74:32:89:1e:0c:94:76: fa:e9:d4:64:93:45:36:6d:2e:89:2f:f7:83:e1:e6:f5:22:28: 32:ac:c0:70:d2:eb:f5:12:4f:61:a9:f2:42:f2:f3:be:f4:41: 45:90:8e:53:23:f6:0d:93:55:93:cf:62:73:02:13:65:98:72: 54:23:be:b2:09:55:89:61:00:ea:03:59:53:09:83:00:ee:bb: 18:7d:44:60:c5:e0:a1:4e:2a:fe:3e:b5:c3:67:80:26:1b:86: 32:02:63:8d:0b:ac:9e:89:30:e3:9c:32:28:ed:9a:fa:70:fc: 75:8c:eb:aa:75:29:3c:61:89:66:69:6c:5c:ad:7d:67:b5:b3: db:22:04:90:ae:e9:96:f8:31:37:a7:24:f8:b2:ef:2d:33:76: 97:7e:de:bf:ee:00:4f:1d:28:76:ca:cd:2b:eb:96:00:f9:e7: 14:11:7f:7d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIXcu+UGParWKUN1pll1HvarHC+owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDQwMDNaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDQ5NjZmNzM3OTA0ODQzYWI0YmM5NjMwMDY0MDlhODhhMGFmMmM5NDU2Njgw MGY5NGE4ZTgwNjlkMGE0NmRiYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKscYOA9pT17U3IubO8C9kTjbSqDBEig9odSAHdrhSVf5rp91MTo10znDJdN nMf5EX53yCy/KtHJyTGKVb6eUUt318/14ZQMRoFGNXRxQgHzqFqhNjPsXDxkmjQy crPaYgHQloJ4yC9d3HNFeihUZezwPPEdS7f6GaU0pkPFR7raFMOACx3HY76kkaoD vyF/puU+plM8Ab1IBszT7r2WoFS8gzqHx/5ChcEz0Aaup9zNbgh4Md4wBR82xGjI zNEc5+xM1fK9Oyi6j7uY7B23915/pWbxvpnijhl1uCdtdywwLuD2cnfFOE+MNsOq O+WSJ5X/fUkJbwRAV4Ikec7z0d0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgVC6K sZmgn5ahxejh6WaFNm4OIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzZiNGJhY2MtNTgyNC00ZjljLWExMGQtNDlmMTQ1ZGI4NTQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C8A MA0GCSqGSIb3DQEBCwUAA4IBAQBJFsWOkKr822W74E4AklQsHZhsHX82gYdlqPq9 5DD9n8Y6LyutCvlaM3YjEcFKaI/pKzvIOsdxXwP2l+12GqmtJ0hTuFTlkntcDZUW 8jcJmddmEHQyiR4MlHb66dRkk0U2bS6JL/eD4eb1IigyrMBw0uv1Ek9hqfJC8vO+ 9EFFkI5TI/YNk1WTz2JzAhNlmHJUI76yCVWJYQDqA1lTCYMA7rsYfURgxeChTir+ PrXDZ4AmG4YyAmONC6yeiTDjnDIo7Zr6cPx1jOuqdSk8YYlmaWxcrX1ntbPbIgSQ rumW+DE3pyT4su8tM3aXft6/7gBPHSh2ys0r65YA+ecUEX99 -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:15 2025 by rpki-client