This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa File: cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa (raw, json) Hash identifier: TaiwJmsGu6KXcFfniyEh5/e8hOkFb+nWGii9dffG9H4= Subject key identifier: 0A:BD:40:0F:0B:14:BC:81:B5:6A:53:BE:8D:95:21:58:96:71:1F:FF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4F4D0868C4D17D173F5858C0BC74A432578DE976 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa Signing time: Sat 06 Dec 2025 04:00:06 +0000 ROA not before: Sat 06 Dec 2025 04:00:06 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:5000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:4d:08:68:c4:d1:7d:17:3f:58:58:c0:bc:74:a4:32:57:8d:e9:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 04:00:06 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=a95e2a79e488931421f033a4a6241722c296360929ea90cfa642644f059fea8f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a9:c1:d9:b2:06:f0:66:63:2e:d7:00:c5:c4: 9f:67:ff:81:df:35:80:a0:1a:9e:ed:5f:63:9f:51: 36:7d:b5:be:a4:51:10:55:9f:97:60:f9:d1:c4:b7: 5e:f2:26:01:b4:db:89:0f:1d:19:ea:86:81:64:9c: 04:11:6b:ac:26:07:99:3c:24:ad:04:93:e8:19:38: 19:f2:06:f6:30:a6:a1:14:a2:54:fe:12:52:65:03: 57:74:9f:c9:31:f4:08:05:19:7d:ca:09:88:10:6c: c1:55:3f:e9:a2:ca:6d:43:43:45:3a:47:ab:64:ed: cd:e6:12:8b:dc:8e:d8:6c:cf:fa:49:51:08:45:f9: 47:1a:34:d6:47:db:70:df:2f:e1:f8:8f:a5:fd:9a: ad:53:bf:c6:71:a7:fd:d9:8c:c7:7f:cf:1c:16:33: d2:9f:43:33:e6:c5:5b:62:ab:2b:bf:3f:2c:3a:6e: 67:89:61:e8:36:1f:0b:cd:a1:54:67:0b:82:1e:ed: 57:85:71:b9:92:a4:91:43:cd:a7:4f:f0:82:88:20: 2c:a6:15:c6:3a:b3:b6:d6:cc:60:db:72:4c:f5:78: 0a:d6:5c:73:a8:ce:3b:e3:04:45:f0:fd:fd:26:93: 1e:a1:ec:ef:19:03:92:f5:52:13:73:85:33:cd:fd: bc:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:BD:40:0F:0B:14:BC:81:B5:6A:53:BE:8D:95:21:58:96:71:1F:FF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:5000::/48 Signature Algorithm: sha256WithRSAEncryption 8a:50:d7:4d:8a:20:8b:89:1d:c4:00:ac:60:fb:1c:c4:e8:d0: 81:81:d8:cd:61:53:99:f8:99:53:ab:a0:eb:cd:d2:96:fe:f8: bc:3b:37:41:96:f3:07:f2:9f:00:1c:4b:5a:9f:3a:1b:43:cd: 66:c1:9b:29:e1:c6:53:b4:4a:c7:41:4f:3d:26:41:b3:0a:8a: c0:3d:9d:d4:a8:f5:a9:84:0d:3f:b7:0c:e5:15:55:67:3c:a6: 0b:24:af:cb:8e:51:9c:18:4b:20:41:99:57:d3:5d:7c:94:a9: bb:5d:51:e4:bc:1c:f7:74:6e:59:34:83:84:2c:7d:ce:86:05: c6:0b:5c:f0:8f:3a:5f:f9:3e:8a:88:78:65:d2:46:5b:ce:3c: af:67:6b:5a:b2:06:ed:b7:99:da:09:48:d4:7b:46:97:b2:8b: d9:0b:73:5b:18:57:37:39:9e:0d:2b:23:f9:d4:c0:01:91:09: 09:22:d8:23:85:6e:fc:ca:6f:3f:44:b4:ea:7c:77:1f:bb:55: f4:ce:4a:c3:e0:02:9f:54:41:ba:8d:36:5e:28:61:9b:9f:aa: d0:58:7c:93:8f:0e:20:8f:57:a6:36:5d:2e:bc:45:52:49:4e: ad:04:85:e1:6f:0e:16:45:9e:d6:48:4d:0b:84:13:22:f1:3d: b3:55:2a:9d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUT00IaMTRfRc/WFjAvHSkMleN6XYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwNDAwMDZaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQGE5NWUyYTc5ZTQ4ODkzMTQyMWYwMzNhNGE2MjQxNzIyYzI5NjM2MDkyOWVh OTBjZmE2NDI2NDRmMDU5ZmVhOGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANOpwdmyBvBmYy7XAMXEn2f/gd81gKAanu1fY59RNn21vqRREFWfl2D50cS3 XvImAbTbiQ8dGeqGgWScBBFrrCYHmTwkrQST6Bk4GfIG9jCmoRSiVP4SUmUDV3Sf yTH0CAUZfcoJiBBswVU/6aLKbUNDRTpHq2TtzeYSi9yO2GzP+klRCEX5Rxo01kfb cN8v4fiPpf2arVO/xnGn/dmMx3/PHBYz0p9DM+bFW2KrK78/LDpuZ4lh6DYfC82h VGcLgh7tV4VxuZKkkUPNp0/wgoggLKYVxjqzttbMYNtyTPV4CtZcc6jOO+MERfD9 /SaTHqHs7xkDkvVSE3OFM839vAkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQKvUAP CxS8gbVqU76NlSFYlnEf/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2Y3OGI3MTQtY2U2Yy00YTlkLWE3MmUtZDMwYTM0NzBmMDAyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZQ ADANBgkqhkiG9w0BAQsFAAOCAQEAilDXTYogi4kdxACsYPscxOjQgYHYzWFTmfiZ U6ug683Slv74vDs3QZbzB/KfABxLWp86G0PNZsGbKeHGU7RKx0FPPSZBswqKwD2d 1Kj1qYQNP7cM5RVVZzymCySvy45RnBhLIEGZV9NdfJSpu11R5Lwc93RuWTSDhCx9 zoYFxgtc8I86X/k+ioh4ZdJGW848r2drWrIG7beZ2glI1HtGl7KL2QtzWxhXNzme DSsj+dTAAZEJCSLYI4Vu/MpvP0S06nx3H7tV9M5Kw+ACn1RBuo02Xihhm5+q0Fh8 k48OII9XpjZdLrxFUklOrQSF4W8OFkWe1khNC4QTIvE9s1UqnQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:03 2025 by rpki-client