This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa File: fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa (raw, json) Hash identifier: YUd62tM1VuNyhJpSqHEtG1vxzHgALrvaP6E2TKD2/C0= Subject key identifier: 08:F5:19:C3:A7:91:18:40:9D:80:61:70:86:76:1E:F2:8D:0E:31:36 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1EA1409696504421D844A0D1A846436CB865ABB4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa Signing time: Sat 15 Nov 2025 05:30:12 +0000 ROA not before: Sat 15 Nov 2025 05:30:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:a1:40:96:96:50:44:21:d8:44:a0:d1:a8:46:43:6c:b8:65:ab:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f34fec29a212f70ac682a233d0d68601cc46359e6495cf5091772a84167ee414, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4f:f1:b4:d6:2b:d9:6f:d5:16:2a:1c:0b:49: 56:7b:fc:80:20:55:ea:43:3c:d1:31:4c:89:3e:4c: e2:46:f9:93:7e:c5:d5:74:cc:68:f1:ee:cf:94:ce: db:e0:ff:22:b9:a2:3a:75:f6:9a:68:7e:16:dd:66: 33:81:ae:76:c4:05:3a:19:9c:5b:e5:d5:94:bd:16: d8:fa:70:1b:c4:1e:b9:6a:c3:fe:62:42:4a:e7:d5: a3:41:b9:f1:cc:0f:3c:9d:c4:02:86:ab:fa:35:6a: 54:24:58:70:f5:1a:30:fa:35:b3:d4:80:d8:e5:ad: 90:c1:0c:23:6e:45:42:11:a8:93:66:66:a4:fc:93: b4:19:c2:c4:fc:b5:5a:0c:9d:b1:08:64:1e:e8:4b: 6b:13:74:74:62:16:4c:e8:81:8a:ad:4f:59:62:b9: ad:5e:71:7d:0d:e2:dc:65:72:3f:bf:45:4a:cb:3e: 32:61:02:c3:27:0c:08:82:4e:bb:ef:b6:50:4e:31: d1:6d:90:0f:74:5f:50:38:b2:98:bb:b3:f8:3a:1c: a8:e2:11:7f:02:de:2c:e8:bd:d9:ce:ea:16:5c:3b: 37:af:5c:db:cf:ab:e9:cb:7b:bb:5e:9d:cc:ad:3d: c1:62:1b:60:3b:b7:35:65:04:29:86:f4:4e:56:27: 40:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:F5:19:C3:A7:91:18:40:9D:80:61:70:86:76:1E:F2:8D:0E:31:36 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:5000::/40 Signature Algorithm: sha256WithRSAEncryption 0c:ac:bd:fe:4c:da:1a:2b:f3:3d:bb:86:ee:0f:20:b2:97:6b: 29:6e:33:00:65:21:f2:d8:bc:68:d5:5e:62:58:4f:a7:96:76: 5f:53:96:38:7b:2c:03:fa:10:7e:7d:72:49:c8:f4:25:b4:1b: 66:88:e5:08:f3:92:53:ee:e6:0c:9a:ae:86:56:9f:2b:8e:33: 6c:a1:9c:2f:ff:34:cb:dc:43:08:fc:da:a6:72:c4:db:3c:b2: b0:5b:70:07:05:27:2e:bf:dd:0c:bc:e1:52:01:7d:ff:d7:f2: 38:08:10:99:bb:e6:25:7a:21:10:75:e5:f3:9b:d6:be:1e:c1: cd:07:9d:72:8e:5b:22:09:5d:91:63:32:3c:2e:c2:8e:c7:40: 0f:7d:26:ee:fc:7e:c4:97:94:43:1a:f0:91:a3:6a:36:e1:46: 16:e8:21:0a:1c:37:12:db:00:16:5e:12:23:86:d8:e6:50:98: 61:ec:ff:ce:a4:34:2f:2d:7c:68:2d:e9:68:23:b5:2a:2c:52: 14:e8:39:a7:d2:49:37:db:4e:03:2d:5e:43:a9:87:b2:a2:0a: 24:45:f1:b5:33:66:bf:3c:e8:69:be:41:5d:24:e3:07:c8:5e: cc:0b:46:cb:6f:35:2c:7a:c2:80:bc:9e:63:46:e5:3c:0c:1d: 89:db:6e:78 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHqFAlpZQRCHYRKDRqEZDbLhlq7QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGYzNGZlYzI5YTIxMmY3MGFjNjgyYTIzM2QwZDY4NjAxY2M0NjM1OWU2NDk1 Y2Y1MDkxNzcyYTg0MTY3ZWU0MTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpP8bTWK9lv1RYqHAtJVnv8gCBV6kM80TFMiT5M4kb5k37F1XTMaPHuz5TO 2+D/IrmiOnX2mmh+Ft1mM4GudsQFOhmcW+XVlL0W2PpwG8QeuWrD/mJCSufVo0G5 8cwPPJ3EAoar+jVqVCRYcPUaMPo1s9SA2OWtkMEMI25FQhGok2ZmpPyTtBnCxPy1 WgydsQhkHuhLaxN0dGIWTOiBiq1PWWK5rV5xfQ3i3GVyP79FSss+MmECwycMCIJO u++2UE4x0W2QD3RfUDiymLuz+DocqOIRfwLeLOi92c7qFlw7N69c28+r6ct7u16d zK09wWIbYDu3NWUEKYb0TlYnQN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQI9RnD p5EYQJ2AYXCGdh7yjQ4xNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmQzMjlhYjUtYWU1Yy00YjY4LWE0YzYtYjgyZjZlYTI5ZGQ2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q MA0GCSqGSIb3DQEBCwUAA4IBAQAMrL3+TNoaK/M9u4buDyCyl2spbjMAZSHy2Lxo 1V5iWE+nlnZfU5Y4eywD+hB+fXJJyPQltBtmiOUI85JT7uYMmq6GVp8rjjNsoZwv /zTL3EMI/NqmcsTbPLKwW3AHBScuv90MvOFSAX3/1/I4CBCZu+YleiEQdeXzm9a+ HsHNB51yjlsiCV2RYzI8LsKOx0APfSbu/H7El5RDGvCRo2o24UYW6CEKHDcS2wAW XhIjhtjmUJhh7P/OpDQvLXxoLeloI7UqLFIU6Dmn0kk3204DLV5DqYeyogokRfG1 M2a/POhpvkFdJOMHyF7MC0bLbzUsesKAvJ5jRuU8DB2J2254 -----END CERTIFICATE-----Generated at Sat Dec 6 17:36:06 2025 by rpki-client