This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa File: fc40321f-72c2-43a4-8c42-0e935f8f1943.roa (raw, json) Hash identifier: uZNkcnKgFPUk/GW0xircqWPYznqMvWIXpvultbzVdoA= Subject key identifier: 85:9A:1B:E7:C8:EA:60:F3:13:A8:27:F1:0E:06:20:3F:E7:63:16:2C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 56D168EFFF1254E3690855BF106E7C229DD28D2A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa Signing time: Sat 15 Nov 2025 06:00:35 +0000 ROA not before: Sat 15 Nov 2025 06:00:35 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:d1:68:ef:ff:12:54:e3:69:08:55:bf:10:6e:7c:22:9d:d2:8d:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:35 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=04e5cbdb4adde4d981f8c2895be231be26dd4861dbdda216081f064f0eadcfab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:fb:f5:a7:b0:90:d3:bc:5d:65:94:44:07:60: 92:e0:9b:3b:0d:32:44:54:ae:0c:6f:3a:c8:80:e9: 81:6d:02:22:40:bd:62:be:74:6a:41:4d:a4:59:c8: ed:ee:cc:13:76:17:52:94:3a:7f:ab:02:f5:3e:e3: 5a:9c:d1:0a:3a:13:87:66:3a:58:c1:bb:f5:fb:f2: db:50:c1:6b:b9:b7:81:d1:22:d1:02:7f:df:06:c4: f1:ad:4c:06:9a:06:ba:f0:c2:15:40:3f:63:e5:11: 1c:ec:3d:2d:43:4f:74:5e:ca:46:0b:d8:23:57:19: 56:04:af:af:42:e4:13:5d:29:67:d1:4e:9d:43:c7: a0:b7:df:5a:32:81:71:30:c3:a7:94:77:12:79:14: 22:74:a1:ed:93:a4:92:a4:96:36:e2:9c:e8:f0:34: 7a:8c:32:28:5b:d0:36:45:6c:ac:80:9d:a9:48:c9: c7:8e:88:33:23:00:42:de:58:19:f4:90:50:32:44: 92:13:de:65:a0:7d:fa:b8:22:01:8c:95:97:fc:b0: e2:29:53:96:ee:a1:6e:38:5c:85:06:c5:28:5f:57: 49:7b:3e:98:b3:40:b5:ad:22:23:b3:38:fa:9a:25: c6:0f:da:c3:5d:3b:43:f2:08:04:1f:3a:cd:4f:f8: 14:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:9A:1B:E7:C8:EA:60:F3:13:A8:27:F1:0E:06:20:3F:E7:63:16:2C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc40321f-72c2-43a4-8c42-0e935f8f1943.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 5c:1a:23:36:5b:cb:e2:3d:ce:5b:89:7c:0d:ad:c0:8a:7c:df: a6:13:63:fc:4a:65:b8:09:05:7c:03:3b:00:8e:8a:f3:74:28: c0:01:a3:c0:eb:a4:8e:72:3c:a2:55:56:93:36:ca:1c:85:48: 93:bb:b3:2a:8e:3a:06:b8:ee:88:ad:c5:57:c6:3b:b9:4f:eb: 39:26:3f:47:e8:9a:a8:c4:e9:70:ba:a5:72:36:4f:b8:72:fb: bf:77:9f:28:72:19:b7:8c:6b:42:b8:af:83:e2:2c:23:db:97: 40:36:a5:1d:db:55:4a:db:77:8d:25:06:d0:4c:1d:b8:1b:2c: d2:80:1f:fd:8f:41:e5:82:9b:e3:d3:4f:6c:da:07:e4:95:bf: 49:41:df:76:89:90:05:c0:3e:65:4b:1c:9c:a4:b3:68:3e:79: 73:89:d5:7d:66:ca:fc:8c:2b:b7:b8:db:8b:21:7e:8a:74:4f: 71:2d:34:e6:89:27:58:d6:93:b7:71:e7:fd:c6:7b:15:bf:46: eb:5b:1e:96:6f:26:f1:39:4d:df:ca:89:2f:c9:09:2d:c8:8c: 16:62:ed:b3:fd:8d:11:2b:a7:6d:9d:f9:05:9b:df:17:b1:5d: 8f:89:3e:2a:b3:df:76:ba:49:27:30:1d:49:a6:dd:5d:1c:26: ac:70:d3:b8 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUVtFo7/8SVONpCFW/EG58Ip3SjSowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA0ZTVjYmRiNGFkZGU0ZDk4MWY4YzI4OTViZTIzMWJlMjZkZDQ4NjFkYmRk YTIxNjA4MWYwNjRmMGVhZGNmYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPb79aewkNO8XWWURAdgkuCbOw0yRFSuDG86yIDpgW0CIkC9Yr50akFNpFnI 7e7ME3YXUpQ6f6sC9T7jWpzRCjoTh2Y6WMG79fvy21DBa7m3gdEi0QJ/3wbE8a1M BpoGuvDCFUA/Y+URHOw9LUNPdF7KRgvYI1cZVgSvr0LkE10pZ9FOnUPHoLffWjKB cTDDp5R3EnkUInSh7ZOkkqSWNuKc6PA0eowyKFvQNkVsrICdqUjJx46IMyMAQt5Y GfSQUDJEkhPeZaB9+rgiAYyVl/yw4ilTlu6hbjhchQbFKF9XSXs+mLNAta0iI7M4 +polxg/aw107Q/IIBB86zU/4FC8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSFmhvn yOpg8xOoJ/EOBiA/52MWLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmM0MDMyMWYtNzJjMi00M2E0LThjNDItMGU5MzVmOGYxOTQzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg wDANBgkqhkiG9w0BAQsFAAOCAQEAXBojNlvL4j3OW4l8Da3AinzfphNj/EpluAkF fAM7AI6K83QowAGjwOukjnI8olVWkzbKHIVIk7uzKo46BrjuiK3FV8Y7uU/rOSY/ R+iaqMTpcLqlcjZPuHL7v3efKHIZt4xrQrivg+IsI9uXQDalHdtVStt3jSUG0Ewd uBss0oAf/Y9B5YKb49NPbNoH5JW/SUHfdomQBcA+ZUscnKSzaD55c4nVfWbK/Iwr t7jbiyF+inRPcS005oknWNaTt3Hn/cZ7Fb9G61selm8m8TlN38qJL8kJLciMFmLt s/2NESunbZ35BZvfF7Fdj4k+KrPfdrpJJzAdSabdXRwmrHDTuA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:11 2025 by rpki-client