This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa File: cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa (raw, json) Hash identifier: FzFsVP0zhrITQM1dxBQUNMk1543/GqZzM3MKMEJ5wug= Subject key identifier: AF:03:B3:2E:3A:AC:D6:00:FF:AF:D2:C6:13:A0:7C:42:A6:1E:46:73 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 30142CA519F4FF8FF2D177040CCACED9B1FBA99F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa Signing time: Sat 06 Dec 2025 04:00:07 +0000 ROA not before: Sat 06 Dec 2025 04:00:07 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:14:2c:a5:19:f4:ff:8f:f2:d1:77:04:0c:ca:ce:d9:b1:fb:a9:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 04:00:07 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=52483509ce87e486c7fe0fc92249069f45ea7e45771eddd67a212fa4258efaee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:42:8b:29:bc:7a:d0:03:dc:40:21:49:b3:9a: ed:a5:56:12:4b:6a:3f:23:6e:a4:a4:30:ab:94:d1: bb:c7:69:23:9e:1e:9a:cb:c8:d0:63:fe:99:92:f6: 28:6c:ae:4c:a6:c6:96:a3:f8:01:33:c2:50:67:57: 60:dc:d7:72:db:e7:0b:9d:e8:7f:e5:1e:60:46:31: 76:dd:1b:be:2f:c4:be:03:ac:ce:fa:6f:d9:25:b9: 1c:76:b4:c8:42:7b:e2:e3:11:a8:7f:61:48:71:c8: 21:fb:70:3d:ce:a7:f6:0e:30:fb:75:e8:cf:fc:8c: 5d:32:92:2c:cd:7f:66:b1:87:dd:2b:d3:35:f2:58: c1:05:64:86:c7:69:39:8a:09:a5:3b:25:fc:74:f7: 0f:c6:40:9a:20:09:ac:7c:b1:5b:95:dd:24:19:38: e9:2d:e3:4b:3d:6b:2d:96:76:85:cc:f3:af:8c:02: d5:79:26:2a:12:16:a7:eb:ec:51:6b:2f:17:c8:ed: 53:36:9f:c6:68:2d:82:52:d0:42:0c:d8:8e:83:97: e7:05:eb:cb:c2:3b:00:41:7a:f9:d0:4b:48:aa:ad: aa:df:32:84:fb:8e:9d:70:8c:90:a0:46:e3:72:b9: 82:ad:dd:4f:f3:d4:d4:d3:b5:dc:7b:25:6e:b9:59: a8:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:03:B3:2E:3A:AC:D6:00:FF:AF:D2:C6:13:A0:7C:42:A6:1E:46:73 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb75e53e-4e44-41b7-95dd-e3d54ff36386.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:f000::/40 Signature Algorithm: sha256WithRSAEncryption 60:90:11:6c:ae:d5:95:30:d4:b1:e3:a8:3e:04:7c:3b:23:f2: d2:23:1c:6c:a8:b8:2a:db:a7:59:df:1c:32:08:87:7e:3b:2e: df:db:c4:90:1b:83:d1:28:fc:83:e9:e6:30:51:b7:b9:6c:b6: 45:5c:a3:32:7c:12:13:61:40:26:64:ab:ed:69:3a:ec:e9:89: 33:34:3b:66:a4:7d:d8:34:e3:85:bb:b7:8f:b2:26:8b:00:f1: c0:a5:58:a0:82:c6:5a:6b:9e:fb:1a:a0:e0:e1:e4:98:5c:74: c3:28:7d:b9:e1:7b:28:74:e7:29:ec:bf:52:19:57:84:82:5a: bf:f1:cc:2e:b0:ac:6b:31:34:46:27:38:37:f8:e8:65:ea:e3: 3b:0d:f9:76:84:6d:10:58:67:42:82:b6:65:da:34:ab:15:97: c8:4d:78:ed:80:b9:42:b7:f7:37:6b:f5:7a:9f:5c:63:46:97: fa:64:d0:5d:ef:9a:de:f7:83:4e:c2:16:f3:5c:5c:fa:d8:2b: d8:51:14:14:aa:e3:7b:11:b9:23:4c:d2:bc:9c:ee:88:e2:82: 75:16:a6:c8:f0:97:bc:b2:89:39:4f:a5:9c:8a:b9:3c:fa:71: 1a:06:91:10:a1:ee:ba:94:8b:33:a6:a6:89:a4:3a:01:28:bb: fb:f6:39:d8 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMBQspRn0/4/y0XcEDMrO2bH7qZ8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwNDAwMDdaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQDUyNDgzNTA5Y2U4N2U0ODZjN2ZlMGZjOTIyNDkwNjlmNDVlYTdlNDU3NzFl ZGRkNjdhMjEyZmE0MjU4ZWZhZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFCiym8etAD3EAhSbOa7aVWEktqPyNupKQwq5TRu8dpI54emsvI0GP+mZL2 KGyuTKbGlqP4ATPCUGdXYNzXctvnC53of+UeYEYxdt0bvi/EvgOszvpv2SW5HHa0 yEJ74uMRqH9hSHHIIftwPc6n9g4w+3Xoz/yMXTKSLM1/ZrGH3SvTNfJYwQVkhsdp OYoJpTsl/HT3D8ZAmiAJrHyxW5XdJBk46S3jSz1rLZZ2hczzr4wC1XkmKhIWp+vs UWsvF8jtUzafxmgtglLQQgzYjoOX5wXry8I7AEF6+dBLSKqtqt8yhPuOnXCMkKBG 43K5gq3dT/PU1NO13HslbrlZqCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvA7Mu OqzWAP+v0sYToHxCph5GczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2I3NWU1M2UtNGU0NC00MWI3LTk1ZGQtZTNkNTRmZjM2Mzg2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADw MA0GCSqGSIb3DQEBCwUAA4IBAQBgkBFsrtWVMNSx46g+BHw7I/LSIxxsqLgq26dZ 3xwyCId+Oy7f28SQG4PRKPyD6eYwUbe5bLZFXKMyfBITYUAmZKvtaTrs6YkzNDtm pH3YNOOFu7ePsiaLAPHApViggsZaa577GqDg4eSYXHTDKH254XsodOcp7L9SGVeE glq/8cwusKxrMTRGJzg3+Ohl6uM7Dfl2hG0QWGdCgrZl2jSrFZfITXjtgLlCt/c3 a/V6n1xjRpf6ZNBd75re94NOwhbzXFz62CvYURQUquN7EbkjTNK8nO6I4oJ1FqbI 8Je8sok5T6Wcirk8+nEaBpEQoe66lIszpqaJpDoBKLv79jnY -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:54 2025 by rpki-client