This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json) Hash identifier: Cbe4baRqb7j5JRikAMF2wVcS6yrVJqZax08MpsNK9ts= Subject key identifier: 0E:48:F5:73:4C:D0:42:79:2B:AB:8B:FE:68:C5:32:B3:92:17:DD:6D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2A6DAF65320D10AE259D4599F7FEE4D15D37D513 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa Signing time: Wed 10 Dec 2025 05:31:01 +0000 ROA not before: Wed 10 Dec 2025 05:31:01 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d019::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:6d:af:65:32:0d:10:ae:25:9d:45:99:f7:fe:e4:d1:5d:37:d5:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:01 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2529610589b0ed726aa6c3a6dd6368ee12bc4dfa5369783b0f20ea2976fe04ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:ab:29:d0:56:9b:82:58:f2:c1:0e:3a:37:a5: 0b:f5:2e:a0:c1:53:e2:62:23:ef:f2:41:d4:7d:2b: 6d:be:2f:69:c5:67:27:06:cd:c3:a4:45:ab:57:6b: 04:56:44:82:8e:a1:37:22:1a:56:14:e3:6b:70:99: 9d:d9:78:7a:ac:f3:88:c6:c4:5e:6e:c9:0f:2e:e4: b7:f4:81:f6:e7:fd:4f:3e:96:ae:c8:18:43:3d:23: 6d:6a:37:ad:37:06:9d:6d:24:e8:71:2d:75:6d:a9: 46:36:f8:b8:0f:2e:df:a4:31:91:bd:79:9e:d6:13: 10:eb:a3:00:a1:fa:ab:cc:8c:e0:2c:b9:aa:e6:0a: 48:58:34:de:d4:cd:05:e7:0b:89:f9:ae:ac:42:73: e3:dd:9a:dc:4e:81:d5:37:63:a2:50:93:db:cc:25: 34:da:94:3d:df:17:c7:10:7d:cd:b0:50:a3:65:ce: 06:6e:8d:ad:62:86:ee:1e:13:98:18:fb:a5:57:30: a2:c1:b0:8c:cb:4b:45:04:1e:57:38:99:ab:a7:ba: dc:2f:a3:5e:51:50:e7:99:0d:48:23:3f:b2:be:3c: 6f:9b:ad:76:51:c5:6e:01:bc:b7:e4:00:25:55:10: 24:8e:1d:52:ca:26:76:22:21:f1:18:cb:47:7e:1f: a1:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:48:F5:73:4C:D0:42:79:2B:AB:8B:FE:68:C5:32:B3:92:17:DD:6D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d019::/36 Signature Algorithm: sha256WithRSAEncryption 00:85:44:9c:58:dd:9d:04:d8:50:40:69:a6:69:d3:b8:be:a7: 54:87:4b:36:34:de:f3:49:f5:55:13:28:73:86:cb:4a:60:dc: b2:ed:cb:2a:d4:c6:5e:ba:e9:48:eb:80:b9:23:19:3e:d2:2d: c0:86:63:28:11:eb:2d:91:8e:0e:64:80:65:4f:13:49:b0:69: 2d:1c:67:39:c7:67:08:c0:fd:72:c5:ef:de:c1:65:c0:0c:d5: 36:da:94:a4:78:c7:75:69:29:32:49:a6:7a:e9:0d:b3:9d:85: a3:62:8b:85:f3:19:70:6d:76:c0:5d:96:27:51:ae:76:55:37: b8:6b:11:fc:2b:97:66:2a:46:bb:3e:2f:c8:e4:c0:26:77:dc: b2:14:9a:24:ee:35:69:07:4a:0e:7a:e7:8c:41:ca:33:cd:01: d0:70:a3:1d:b4:ff:a0:7e:bb:29:15:60:43:78:b7:d2:fb:21: a6:1a:11:bd:96:e5:a8:e8:85:d8:8b:6c:98:d9:f8:78:a2:7e: 3e:60:d4:68:7a:1f:e2:5f:a5:f5:38:eb:58:33:f4:74:b1:2b: c5:91:4c:c1:a7:e3:0c:57:10:ad:c1:fe:2a:71:54:b5:d1:5f: b8:47:24:a0:f0:04:0f:6f:87:ae:f2:f7:4a:23:2d:43:e5:bd: 65:c3:a5:3e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKm2vZTINEK4lnUWZ9/7k0V031RMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI1Mjk2MTA1ODliMGVkNzI2YWE2YzNhNmRkNjM2OGVlMTJiYzRkZmE1MzY5 NzgzYjBmMjBlYTI5NzZmZTA0ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOmrKdBWm4JY8sEOOjelC/UuoMFT4mIj7/JB1H0rbb4vacVnJwbNw6RFq1dr BFZEgo6hNyIaVhTja3CZndl4eqzziMbEXm7JDy7kt/SB9uf9Tz6WrsgYQz0jbWo3 rTcGnW0k6HEtdW2pRjb4uA8u36Qxkb15ntYTEOujAKH6q8yM4Cy5quYKSFg03tTN BecLifmurEJz492a3E6B1TdjolCT28wlNNqUPd8XxxB9zbBQo2XOBm6NrWKG7h4T mBj7pVcwosGwjMtLRQQeVziZq6e63C+jXlFQ55kNSCM/sr48b5utdlHFbgG8t+QA JVUQJI4dUsomdiIh8RjLR34foeUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOSPVz TNBCeSuri/5oxTKzkhfdbTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA MA0GCSqGSIb3DQEBCwUAA4IBAQAAhUScWN2dBNhQQGmmadO4vqdUh0s2NN7zSfVV EyhzhstKYNyy7csq1MZeuulI64C5Ixk+0i3AhmMoEestkY4OZIBlTxNJsGktHGc5 x2cIwP1yxe/ewWXADNU22pSkeMd1aSkySaZ66Q2znYWjYouF8xlwbXbAXZYnUa52 VTe4axH8K5dmKka7Pi/I5MAmd9yyFJok7jVpB0oOeueMQcozzQHQcKMdtP+gfrsp FWBDeLfS+yGmGhG9luWo6IXYi2yY2fh4on4+YNRoeh/iX6X1OOtYM/R0sSvFkUzB p+MMVxCtwf4qcVS10V+4RySg8AQPb4eu8vdKIy1D5b1lw6U+ -----END CERTIFICATE-----Generated at Mon Dec 15 17:04:50 2025 by rpki-client