This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json) Hash identifier: ndOtQtW/qUiQSwhzoycgJi+AmTYqrKIv1WES9ivvhWw= Subject key identifier: 35:D2:24:AD:E8:3F:94:D1:BE:7F:A0:6F:96:83:62:41:69:51:58:D6 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 07DA08433639E2C2A6F5FB03099779F2C5B7B8AC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa Signing time: Sat 15 Nov 2025 05:50:37 +0000 ROA not before: Sat 15 Nov 2025 05:50:37 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:da:08:43:36:39:e2:c2:a6:f5:fb:03:09:97:79:f2:c5:b7:b8:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:37 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=3f79f7a8c7d1ec43152756795f550f5d0bf1c99466bff396a45af3a07c99b61e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:00:7d:0b:df:79:9f:24:6c:be:3e:1b:12:da: d1:4a:f2:41:4b:b6:11:67:3a:fb:3a:50:b0:56:f5: bb:0c:5a:a8:a5:b1:34:0d:54:57:bc:ff:ce:aa:a7: 2c:30:84:4a:51:c8:23:12:a4:0a:ad:8e:f7:e9:84: a0:36:a5:fd:74:0a:0a:fc:21:9a:f4:73:5c:48:1c: bf:c9:03:79:33:94:39:7c:d5:1a:96:87:8e:1f:f8: 4c:f4:4f:ac:5a:5e:95:2d:57:10:b9:5f:06:87:6d: 20:e4:1b:33:1d:f3:94:0b:b8:0d:2a:13:3e:9d:86: b3:c1:06:f7:d5:d5:ab:54:4d:cc:ff:10:20:73:63: a0:d8:47:e9:f5:72:e5:03:9b:01:fa:e3:ad:bc:f7: 4f:a5:2d:d4:af:15:04:56:bd:8c:c8:92:19:9a:98: 4a:67:2e:b6:de:f8:26:54:39:04:cf:79:2d:54:11: 1f:5b:84:da:7e:10:ed:be:36:59:b8:90:9b:6c:f5: 71:32:57:fd:5a:21:65:e7:d2:a1:bb:11:9d:5e:58: 73:02:1f:46:5a:d7:d8:be:fb:de:32:09:47:cb:a0: c5:f9:8d:be:10:36:46:38:da:18:59:24:a2:99:42: 4d:fe:bf:89:4a:26:fe:19:48:ea:b2:b3:07:d1:98: 0a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:D2:24:AD:E8:3F:94:D1:BE:7F:A0:6F:96:83:62:41:69:51:58:D6 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:1000::/40 Signature Algorithm: sha256WithRSAEncryption c9:2f:b4:6b:45:7a:31:75:b1:e6:73:c6:8d:f3:26:a4:10:94: bb:c3:41:23:a4:ea:69:50:39:46:48:08:9d:01:7a:dc:2b:9e: 39:79:3c:0b:3b:d5:51:ad:8c:5c:84:bf:aa:d6:33:d6:0b:83: e6:5c:2e:f6:3a:ce:b0:91:8b:20:cb:7f:38:03:ff:57:82:d7: 86:36:e4:82:1a:7a:fc:bd:8a:0c:63:38:93:f9:0d:14:38:08: ae:7f:ad:63:28:ff:b4:c7:8b:2c:26:23:e5:9c:a7:ac:a0:ed: 9a:6b:05:14:bd:7b:ff:c8:54:20:e8:55:4e:0f:c0:1a:cc:ca: ab:d3:88:37:ec:9e:f2:ca:f1:6a:ce:b6:24:b2:61:05:ea:16: 67:91:d9:65:71:b1:43:e5:a0:d1:e1:4c:9e:f0:85:76:f8:58: 9a:af:d3:70:d0:d8:9a:bc:7b:b0:fd:a3:d7:10:92:c6:5f:76: 16:36:62:d7:7c:2c:3d:1c:fe:11:a5:21:4e:25:a7:82:10:5c: bd:4f:a3:5c:c7:bd:9f:f0:97:e3:5d:d7:7d:6c:9d:ff:02:fb: ce:57:df:fb:e7:63:14:30:f9:ea:17:04:da:df:db:8f:b0:7e: 01:21:ff:f6:e4:bf:eb:62:e5:18:0f:68:1a:48:92:c9:58:fd: 52:14:42:63 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUB9oIQzY54sKm9fsDCZd58sW3uKwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDNmNzlmN2E4YzdkMWVjNDMxNTI3NTY3OTVmNTUwZjVkMGJmMWM5OTQ2NmJm ZjM5NmE0NWFmM2EwN2M5OWI2MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQAfQvfeZ8kbL4+GxLa0UryQUu2EWc6+zpQsFb1uwxaqKWxNA1UV7z/zqqn LDCESlHIIxKkCq2O9+mEoDal/XQKCvwhmvRzXEgcv8kDeTOUOXzVGpaHjh/4TPRP rFpelS1XELlfBodtIOQbMx3zlAu4DSoTPp2Gs8EG99XVq1RNzP8QIHNjoNhH6fVy 5QObAfrjrbz3T6Ut1K8VBFa9jMiSGZqYSmcutt74JlQ5BM95LVQRH1uE2n4Q7b42 WbiQm2z1cTJX/VohZefSobsRnV5YcwIfRlrX2L773jIJR8ugxfmNvhA2RjjaGFkk oplCTf6/iUom/hlI6rKzB9GYCjsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ10iSt 6D+U0b5/oG+Wg2JBaVFY1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q MA0GCSqGSIb3DQEBCwUAA4IBAQDJL7RrRXoxdbHmc8aN8yakEJS7w0EjpOppUDlG SAidAXrcK545eTwLO9VRrYxchL+q1jPWC4PmXC72Os6wkYsgy384A/9XgteGNuSC Gnr8vYoMYziT+Q0UOAiuf61jKP+0x4ssJiPlnKesoO2aawUUvXv/yFQg6FVOD8Aa zMqr04g37J7yyvFqzrYksmEF6hZnkdllcbFD5aDR4Uye8IV2+Fiar9Nw0NiavHuw /aPXEJLGX3YWNmLXfCw9HP4RpSFOJaeCEFy9T6Ncx72f8JfjXdd9bJ3/AvvOV9/7 52MUMPnqFwTa39uPsH4BIf/25L/rYuUYD2gaSJLJWP1SFEJj -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:25 2025 by rpki-client