This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json) Hash identifier: jm4aJyMf7rypBWcbbUfF1l0k/fpCH9d04We8ZUPaU54= Subject key identifier: 11:46:4A:FF:F0:CA:00:F3:6E:1D:B4:E0:B8:B4:F2:84:04:B5:75:86 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 69E4ADF1157524FE45139506F63F3FCC6B118BB5 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa Signing time: Wed 10 Dec 2025 05:51:13 +0000 ROA not before: Wed 10 Dec 2025 05:51:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:e4:ad:f1:15:75:24:fe:45:13:95:06:f6:3f:3f:cc:6b:11:8b:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:51:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e86584b7f3319641879178b4361f9808ad4490aa454c03e6359b813c59c39559, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:1f:44:44:d4:a0:92:0b:81:ab:06:f3:95:5c: 21:fb:8f:c7:24:0d:2c:68:d6:97:07:ae:1c:52:cd: d9:9e:d0:f6:97:4b:3d:18:23:e6:ff:5a:65:14:14: 4f:27:db:eb:12:b4:5d:cc:c2:9a:39:f5:c0:39:6d: 85:d8:07:81:c1:e0:7a:3f:8d:22:d1:5f:6c:06:42: 30:cc:e8:8f:5a:9b:03:67:c9:26:f7:90:8f:b3:1a: d5:c0:c7:d1:10:3e:7d:04:ee:62:d3:4c:6f:97:54: 35:9d:7b:95:ca:ac:d6:35:3d:e8:3a:46:3f:bc:b9: 4e:b2:ca:52:84:52:79:31:e9:46:5b:c9:5b:cc:cf: f0:a0:bb:15:71:97:07:6e:88:66:ce:7a:5c:61:82: 2a:49:15:a8:0a:1e:be:d7:6a:49:9d:f9:b9:1a:c4: 7b:ad:19:83:a3:0d:37:c3:a7:bb:50:fe:35:84:12: 5f:4e:8a:5f:fa:58:89:ea:66:5b:ca:86:3d:62:d5: e5:20:0e:82:36:b2:03:77:48:b2:8d:80:be:e3:4c: 66:52:ee:cd:88:64:99:45:01:81:26:e6:b9:93:3c: fd:a0:bd:e6:8a:4b:40:77:a2:61:95:2e:34:64:01: 18:01:d7:6b:02:4e:d8:28:fe:45:93:b6:9d:ce:ce: 32:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:46:4A:FF:F0:CA:00:F3:6E:1D:B4:E0:B8:B4:F2:84:04:B5:75:86 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:a0c0::/48 Signature Algorithm: sha256WithRSAEncryption 4b:f6:bf:f8:72:1c:20:a5:81:2a:fe:f2:50:ef:7f:35:b7:ad: 1b:dd:6a:63:a9:f1:d9:b9:b7:a6:9a:e6:7c:9a:bc:50:9e:a9: 38:81:93:0e:a4:8a:7e:de:b3:0a:42:b7:7c:35:ac:df:71:89: 6a:9b:46:67:7b:d9:20:ef:c0:96:ff:d1:2e:a6:9a:a4:f8:88: 3c:14:1d:3a:0c:76:e5:b7:5f:68:b3:05:6a:2a:7e:45:8e:24: 2c:3c:dd:cc:fd:77:df:88:12:b5:c4:c9:55:eb:bb:f4:37:ba: 11:a4:78:19:75:92:61:b5:e2:60:8d:93:9b:1d:38:2a:a2:a6: 7b:4c:95:b1:c4:ab:76:f3:c4:9f:5b:b0:58:7e:c5:ff:56:78: eb:58:00:a9:ba:33:44:9a:03:0e:bc:7b:dd:41:ff:31:0f:41: 4f:cd:bf:fd:ef:8d:58:17:3e:61:65:07:02:45:9c:4b:f9:f4: 5a:80:f5:a9:aa:79:fc:b0:1e:6a:e6:d3:0e:ae:2b:66:12:22: a2:22:2d:e3:49:08:1c:bb:5f:86:0b:2e:cf:fa:fb:f7:52:82: 53:93:c2:2d:e1:b1:95:bc:05:bc:31:f5:78:9e:87:51:44:94: f3:12:50:07:33:46:b2:cd:0b:42:a8:36:67:e4:e3:1a:11:5a: a4:16:6a:b1 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUaeSt8RV1JP5FE5UG9j8/zGsRi7UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUxMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU4NjU4NGI3ZjMzMTk2NDE4NzkxNzhiNDM2MWY5ODA4YWQ0NDkwYWE0NTRj MDNlNjM1OWI4MTNjNTljMzk1NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKAfRETUoJILgasG85VcIfuPxyQNLGjWlweuHFLN2Z7Q9pdLPRgj5v9aZRQU Tyfb6xK0XczCmjn1wDlthdgHgcHgej+NItFfbAZCMMzoj1qbA2fJJveQj7Ma1cDH 0RA+fQTuYtNMb5dUNZ17lcqs1jU96DpGP7y5TrLKUoRSeTHpRlvJW8zP8KC7FXGX B26IZs56XGGCKkkVqAoevtdqSZ35uRrEe60Zg6MNN8Onu1D+NYQSX06KX/pYiepm W8qGPWLV5SAOgjayA3dIso2AvuNMZlLuzYhkmUUBgSbmuZM8/aC95opLQHeiYZUu NGQBGAHXawJO2Cj+RZO2nc7OMl0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQRRkr/ 8MoA824dtOC4tPKEBLV1hjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg wDANBgkqhkiG9w0BAQsFAAOCAQEAS/a/+HIcIKWBKv7yUO9/NbetG91qY6nx2bm3 pprmfJq8UJ6pOIGTDqSKft6zCkK3fDWs33GJaptGZ3vZIO/Alv/RLqaapPiIPBQd Ogx25bdfaLMFaip+RY4kLDzdzP1334gStcTJVeu79De6EaR4GXWSYbXiYI2Tmx04 KqKme0yVscSrdvPEn1uwWH7F/1Z461gAqbozRJoDDrx73UH/MQ9BT82//e+NWBc+ YWUHAkWcS/n0WoD1qap5/LAeaubTDq4rZhIioiIt40kIHLtfhgsuz/r791KCU5PC LeGxlbwFvDH1eJ6HUUSU8xJQBzNGss0LQqg2Z+TjGhFapBZqsQ== -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:41 2025 by rpki-client