This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json) Hash identifier: 3w7zNjB6QhhXbTIBh6DVSl/x6wDJCXd/mhMwb10F5AM= Subject key identifier: 78:84:D9:E6:4D:72:93:C3:56:5C:36:A8:3A:A8:04:F4:C5:6D:A6:50 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 626B86135481C6FC453C9CA5A10274CFF8895A38 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa Signing time: Wed 10 Dec 2025 06:20:58 +0000 ROA not before: Wed 10 Dec 2025 06:20:58 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d03a:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:6b:86:13:54:81:c6:fc:45:3c:9c:a5:a1:02:74:cf:f8:89:5a:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:58 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b6f3cf02e1e6343f97b3b6067a3ce218f23e275aba756dade946480d4ace658c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:ff:9f:aa:a8:95:55:a9:08:0d:b8:fe:99:c1: 76:f1:06:61:69:e0:3c:82:5a:b5:08:92:71:26:ac: 4e:91:b7:37:b6:fc:88:47:55:4f:26:96:ea:f2:fc: c2:af:e3:41:4f:39:4f:a4:87:f8:f8:64:f8:21:56: ae:ef:4c:04:dd:4a:94:c4:5b:83:47:00:cb:83:00: a0:c0:1f:04:4f:88:53:b4:39:49:18:a6:91:a3:92: 49:d0:91:57:9e:85:1c:d5:7e:c3:58:f1:13:8c:25: 6c:5c:68:72:e0:70:a0:3a:8d:bd:5b:fe:05:8a:6c: f7:0f:b8:a4:da:a0:fe:1f:50:ca:c1:ae:6b:c5:af: 5c:e2:c9:0d:26:2f:1b:28:3a:5c:f8:c5:45:a2:ad: b7:b2:8e:6a:81:4b:9a:68:b3:5c:55:ca:a8:00:0b: ea:21:d7:47:2f:c6:e7:4e:77:5c:36:ba:dd:3c:2e: 79:33:97:76:44:84:57:a2:6c:ab:68:24:a6:43:0d: 07:a9:f3:2c:5c:68:bf:6d:f5:3c:db:20:ba:80:a2: f8:68:eb:22:84:f3:d2:b2:64:2a:63:91:15:8f:1e: 2e:de:d5:15:83:86:dc:a1:36:6e:1f:b1:34:43:da: 72:e7:fe:10:d2:39:3d:c3:88:36:43:78:12:5f:3d: f8:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:84:D9:E6:4D:72:93:C3:56:5C:36:A8:3A:A8:04:F4:C5:6D:A6:50 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d03a:5000::/40 Signature Algorithm: sha256WithRSAEncryption 00:61:b9:f9:09:df:05:8f:a8:09:35:8e:07:5b:df:f4:ff:4b: c5:07:2b:12:cb:b7:4d:0c:0a:bd:9a:37:a3:7c:39:44:bc:9c: c3:01:8c:d6:bb:eb:84:12:a3:c1:b8:4d:2c:65:a8:89:f2:5a: 38:8c:9f:3a:51:a2:e6:33:e3:da:fd:39:90:4b:92:31:6c:2f: 4c:b6:34:48:64:2f:23:20:e4:fa:f2:13:d1:b9:cd:cd:d4:b6: 16:1a:f2:92:13:06:b8:ab:b7:4a:c7:be:3c:a5:27:93:2e:88: f2:be:3c:9b:7d:b5:da:5b:94:45:b3:28:fd:04:ec:18:f3:43: f7:4b:91:35:7d:fd:aa:99:49:eb:8c:61:9b:8f:4f:15:47:42: a9:16:50:ac:1e:b3:b3:53:e7:18:69:ad:4b:72:37:14:6d:62: f6:9e:08:bc:23:54:1b:e2:72:28:2f:1a:14:98:4f:c1:3a:9d: a6:56:b5:99:9f:74:da:b2:f4:35:ba:74:a4:31:88:18:d1:a1: 1d:35:ea:6a:bc:90:aa:8a:3f:67:0b:ec:66:db:d2:c4:2d:1c: 93:f6:16:5a:b9:0a:c0:c4:ed:f9:4e:0c:92:ff:e1:27:4b:4c: 45:76:6d:00:b7:cb:4d:2c:58:6d:b4:2d:13:b1:05:ff:75:d4: 0a:79:a2:dc -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYmuGE1SBxvxFPJyloQJ0z/iJWjgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNThaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGI2ZjNjZjAyZTFlNjM0M2Y5N2IzYjYwNjdhM2NlMjE4ZjIzZTI3NWFiYTc1 NmRhZGU5NDY0ODBkNGFjZTY1OGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPf/n6qolVWpCA24/pnBdvEGYWngPIJatQiScSasTpG3N7b8iEdVTyaW6vL8 wq/jQU85T6SH+Phk+CFWru9MBN1KlMRbg0cAy4MAoMAfBE+IU7Q5SRimkaOSSdCR V56FHNV+w1jxE4wlbFxocuBwoDqNvVv+BYps9w+4pNqg/h9QysGua8WvXOLJDSYv Gyg6XPjFRaKtt7KOaoFLmmizXFXKqAAL6iHXRy/G5053XDa63TwueTOXdkSEV6Js q2gkpkMNB6nzLFxov231PNsguoCi+GjrIoTz0rJkKmORFY8eLt7VFYOG3KE2bh+x NEPacuf+ENI5PcOINkN4El89+NkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR4hNnm TXKTw1ZcNqg6qAT0xW2mUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ MA0GCSqGSIb3DQEBCwUAA4IBAQAAYbn5Cd8Fj6gJNY4HW9/0/0vFBysSy7dNDAq9 mjejfDlEvJzDAYzWu+uEEqPBuE0sZaiJ8lo4jJ86UaLmM+Pa/TmQS5IxbC9MtjRI ZC8jIOT68hPRuc3N1LYWGvKSEwa4q7dKx748pSeTLojyvjybfbXaW5RFsyj9BOwY 80P3S5E1ff2qmUnrjGGbj08VR0KpFlCsHrOzU+cYaa1LcjcUbWL2ngi8I1Qb4nIo LxoUmE/BOp2mVrWZn3TasvQ1unSkMYgY0aEdNepqvJCqij9nC+xm29LELRyT9hZa uQrAxO35TgyS/+EnS0xFdm0At8tNLFhttC0TsQX/ddQKeaLc -----END CERTIFICATE-----Generated at Tue Dec 16 00:29:37 2025 by rpki-client