This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa File: c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa (raw, json) Hash identifier: zhvweC2l8KFqRtlCNhWu6xFz5Nip4v/YPyGZ7DV5lnM= Subject key identifier: 4D:91:09:EE:84:95:E5:2E:F9:53:32:11:EA:21:7B:4B:C6:96:B6:E3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 45FE4A85B2630603B1D6E89CC695C66A418AB906 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa Signing time: Sat 15 Nov 2025 06:00:35 +0000 ROA not before: Sat 15 Nov 2025 06:00:35 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:fe:4a:85:b2:63:06:03:b1:d6:e8:9c:c6:95:c6:6a:41:8a:b9:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:35 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9d9bb0f52809a8116d1b0eeee5f3dbe58343a72f6ba35fb2a9f8296bdf8f0430, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d4:e7:f7:09:65:ec:4a:06:e3:72:7d:df:86: 59:3d:79:a7:21:6f:a7:96:a8:0e:d2:50:fe:71:b6: 5d:2f:dd:4e:46:17:41:29:c1:87:58:29:83:f8:bb: f7:a3:bf:42:07:8b:6a:8d:42:7c:24:34:80:4b:97: 21:b9:26:07:9f:6e:7c:b5:f7:18:fb:65:2d:dd:10: 10:4f:85:d5:b7:f3:e2:2b:08:d9:dd:09:46:27:64: 4a:76:21:ba:19:d4:ab:b9:c2:3b:35:2a:17:38:a9: b0:1d:9f:85:62:e1:38:5b:25:a5:55:9c:83:4b:ac: 6a:84:95:a1:61:63:5e:68:92:d1:56:46:82:22:da: 99:ab:e2:2a:b3:3a:99:56:fe:f2:71:69:6c:cb:4f: 08:38:06:3c:e9:ff:d7:45:67:72:7f:de:22:8b:10: aa:57:bd:e9:89:84:e5:aa:ee:54:d1:23:27:0f:64: 05:7c:b2:31:5a:70:d5:bd:b6:4e:77:4e:5b:6e:cf: d8:5e:57:07:46:d0:9d:42:18:c1:9d:88:1e:36:33: 22:23:a3:5e:3e:23:80:3a:7f:d7:c3:9c:62:aa:37: 62:df:98:36:80:b3:b5:d5:00:71:e2:ea:34:29:e1: d2:2d:d7:07:7c:90:71:13:25:b4:c6:a1:93:09:dd: e1:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:91:09:EE:84:95:E5:2E:F9:53:32:11:EA:21:7B:4B:C6:96:B6:E3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:c000::/40 Signature Algorithm: sha256WithRSAEncryption b1:6a:5a:16:4d:b1:1d:ff:41:60:e0:e2:18:cd:2b:e5:10:a9: 10:b4:d3:e5:b4:5b:35:21:c5:6b:94:f8:80:63:95:fd:70:33: 39:20:4a:c1:59:93:e9:0c:29:59:7d:0e:28:14:ec:16:b0:1a: b3:aa:88:55:0b:c8:bc:b8:17:41:b0:5c:85:23:88:54:18:a6: c4:5c:1a:16:47:cf:85:98:76:94:86:d9:6f:7b:4f:6b:ac:8c: e0:f7:1a:e5:95:56:f6:15:25:21:65:c6:cc:19:f1:be:90:2c: 9a:2e:95:51:93:68:0e:c9:eb:60:c1:e2:5a:43:10:0c:20:54: 35:f9:52:34:3d:2b:21:ec:88:d8:fe:1d:f5:62:ce:91:70:c3: 9c:70:fc:70:b3:99:6d:e1:26:1c:59:2b:30:5b:d0:20:8a:eb: 41:5a:53:a3:82:cf:bf:e2:f4:2e:4d:39:09:4c:dd:fe:9f:5b: 38:52:fe:bb:97:49:96:d3:8e:ce:fd:e1:c1:07:63:e9:14:0e: 7a:e3:83:c3:ad:21:40:ee:46:d4:e6:a3:e2:c6:c3:74:4c:24: 41:fe:dd:76:e0:e0:42:2a:41:45:fa:33:26:5e:ad:ff:57:69: 5b:52:0c:0d:6e:07:08:23:02:a6:fb:a0:ad:be:11:41:9a:01: 99:81:6f:85 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURf5KhbJjBgOx1uicxpXGakGKuQYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDlkOWJiMGY1MjgwOWE4MTE2ZDFiMGVlZWU1ZjNkYmU1ODM0M2E3MmY2YmEz NWZiMmE5ZjgyOTZiZGY4ZjA0MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANTU5/cJZexKBuNyfd+GWT15pyFvp5aoDtJQ/nG2XS/dTkYXQSnBh1gpg/i7 96O/QgeLao1CfCQ0gEuXIbkmB59ufLX3GPtlLd0QEE+F1bfz4isI2d0JRidkSnYh uhnUq7nCOzUqFzipsB2fhWLhOFslpVWcg0usaoSVoWFjXmiS0VZGgiLamaviKrM6 mVb+8nFpbMtPCDgGPOn/10Vncn/eIosQqle96YmE5aruVNEjJw9kBXyyMVpw1b22 TndOW27P2F5XB0bQnUIYwZ2IHjYzIiOjXj4jgDp/18OcYqo3Yt+YNoCztdUAceLq NCnh0i3XB3yQcRMltMahkwnd4dUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNkQnu hJXlLvlTMhHqIXtLxpa24zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YzkyNTY1MzYtMGU5YS00MTc1LThhYzctYTBmYjk5MWViZmY5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA MA0GCSqGSIb3DQEBCwUAA4IBAQCxaloWTbEd/0Fg4OIYzSvlEKkQtNPltFs1IcVr lPiAY5X9cDM5IErBWZPpDClZfQ4oFOwWsBqzqohVC8i8uBdBsFyFI4hUGKbEXBoW R8+FmHaUhtlve09rrIzg9xrllVb2FSUhZcbMGfG+kCyaLpVRk2gOyetgweJaQxAM IFQ1+VI0PSsh7IjY/h31Ys6RcMOccPxws5lt4SYcWSswW9AgiutBWlOjgs+/4vQu TTkJTN3+n1s4Uv67l0mW047O/eHBB2PpFA5644PDrSFA7kbU5qPixsN0TCRB/t12 4OBCKkFF+jMmXq3/V2lbUgwNbgcIIwKm+6CtvhFBmgGZgW+F -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:58 2025 by rpki-client