This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa File: df59e31f-1e32-4e7a-a595-74adb3f93176.roa (raw, json) Hash identifier: 6xEGofTn/SUESeMT8SOhhrlOSCr8VpxL3qpd+YZecCY= Subject key identifier: 32:44:13:76:3D:BE:BC:9D:8B:FB:1D:0B:5A:41:2A:0E:38:2C:A5:4E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 714B65C1E04AC171BF9CDEE8DFA39D233F6DBBD8 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa Signing time: Sat 15 Nov 2025 06:00:53 +0000 ROA not before: Sat 15 Nov 2025 06:00:53 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:4b:65:c1:e0:4a:c1:71:bf:9c:de:e8:df:a3:9d:23:3f:6d:bb:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:53 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=c63f6f99ad98e2c4588f070e516dfb464caef6453cc626f08a16ec4f9acfc51d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:36:16:58:31:76:5a:8f:04:ad:b2:fa:1f:89: 57:a6:82:c7:65:bb:73:2f:04:a6:52:e1:a3:8b:9f: 53:2c:29:94:44:41:f1:a5:80:f9:ec:35:05:72:7f: 0f:68:10:0a:a1:7a:ad:89:d3:ab:16:16:a8:ca:d7: 5b:6e:3c:65:15:ea:2c:56:94:25:98:87:79:4c:1e: 58:15:3a:a1:c0:9c:51:0b:e8:5b:a9:d5:2d:b7:d6: af:0b:c6:ad:f6:62:7a:1f:ce:29:0d:64:82:08:c0: 39:08:d8:d0:47:78:dc:84:e5:93:ad:cc:19:50:dc: 44:bf:14:9d:e7:74:9a:01:f0:0f:e6:79:d4:b0:e6: e6:ce:d9:35:95:4e:5e:19:fb:e9:94:52:19:6d:b9: 80:ad:cf:fc:69:ad:8a:fc:68:a1:3a:f3:a4:c1:fc: e9:9d:b2:69:f1:88:26:f9:75:c4:c9:0e:8f:56:4f: c9:9b:3d:b3:54:4a:10:00:22:07:6e:d2:ee:22:6f: 17:73:42:82:e1:2d:d6:79:91:24:70:ba:16:7e:3e: d9:47:ac:ed:87:0c:ed:dc:de:89:47:28:47:c6:2a: 54:81:11:90:89:e4:a2:b1:75:2e:78:04:0e:17:48: ca:e0:2a:4b:c8:fc:45:9d:24:cb:36:b8:81:4f:b6: f2:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:44:13:76:3D:BE:BC:9D:8B:FB:1D:0B:5A:41:2A:0E:38:2C:A5:4E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df59e31f-1e32-4e7a-a595-74adb3f93176.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:e000::/40 Signature Algorithm: sha256WithRSAEncryption c6:c4:4b:a0:1d:21:8a:55:23:84:85:37:ee:88:fe:16:2f:05: c5:36:77:70:fc:60:4a:70:8f:2f:3a:b8:b9:bc:b5:de:c2:54: ba:ef:07:52:35:40:14:d2:5b:e3:43:ae:3f:97:fe:dd:e4:c7: 38:84:7b:bc:ce:b6:1f:1c:f6:9d:54:3d:79:f6:c4:3f:71:cd: 4f:b2:7d:a2:8a:5f:a0:83:06:1d:47:6c:58:17:d9:c8:e6:73: 3a:48:fa:b9:93:00:f2:1e:fa:d9:45:7a:5d:89:6f:21:95:a1: 94:ea:47:33:16:94:21:6c:d8:c3:35:8e:1e:eb:c9:a6:b9:8b: 05:ef:6b:04:bc:85:d2:15:45:da:2c:26:0c:cc:3b:fc:e0:51: 39:b5:ff:e6:29:22:2f:9e:ac:28:1e:1d:ba:89:7f:87:2f:cf: 55:96:f4:c8:36:e1:98:ad:af:b9:b6:39:06:2c:2b:12:74:65: ff:9a:25:3c:08:7c:6f:6e:af:73:63:81:7f:8a:9b:0d:69:bd: 00:c3:10:57:ef:6b:6f:1e:d2:73:15:e6:df:22:20:46:f8:0c: 09:ef:99:34:45:22:15:24:89:1a:17:0d:e0:30:4e:44:b2:5a: 2d:3f:12:df:78:4a:5f:2d:67:3d:10:3f:75:13:7c:95:43:30: 31:be:ce:16 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUcUtlweBKwXG/nN7o36OdIz9tu9gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwNTNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGM2M2Y2Zjk5YWQ5OGUyYzQ1ODhmMDcwZTUxNmRmYjQ2NGNhZWY2NDUzY2M2 MjZmMDhhMTZlYzRmOWFjZmM1MWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJM2FlgxdlqPBK2y+h+JV6aCx2W7cy8EplLho4ufUywplERB8aWA+ew1BXJ/ D2gQCqF6rYnTqxYWqMrXW248ZRXqLFaUJZiHeUweWBU6ocCcUQvoW6nVLbfWrwvG rfZieh/OKQ1kggjAOQjY0Ed43ITlk63MGVDcRL8Uned0mgHwD+Z51LDm5s7ZNZVO Xhn76ZRSGW25gK3P/GmtivxooTrzpMH86Z2yafGIJvl1xMkOj1ZPyZs9s1RKEAAi B27S7iJvF3NCguEt1nmRJHC6Fn4+2Ues7YcM7dzeiUcoR8YqVIERkInkorF1LngE DhdIyuAqS8j8RZ0kyza4gU+28lsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyRBN2 Pb68nYv7HQtaQSoOOCylTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZGY1OWUzMWYtMWUzMi00ZTdhLWE1OTUtNzRhZGIzZjkzMTc2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHg MA0GCSqGSIb3DQEBCwUAA4IBAQDGxEugHSGKVSOEhTfuiP4WLwXFNndw/GBKcI8v Ori5vLXewlS67wdSNUAU0lvjQ64/l/7d5Mc4hHu8zrYfHPadVD159sQ/cc1Psn2i il+ggwYdR2xYF9nI5nM6SPq5kwDyHvrZRXpdiW8hlaGU6kczFpQhbNjDNY4e68mm uYsF72sEvIXSFUXaLCYMzDv84FE5tf/mKSIvnqwoHh26iX+HL89VlvTINuGYra+5 tjkGLCsSdGX/miU8CHxvbq9zY4F/ipsNab0AwxBX72tvHtJzFebfIiBG+AwJ75k0 RSIVJIkaFw3gME5EslotPxLfeEpfLWc9ED91E3yVQzAxvs4W -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:00 2025 by rpki-client