This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json) Hash identifier: SFPh+lrTsbRLpOSfPByS2Xzom/D46Q/nFNGul6iXtPc= Subject key identifier: 74:85:F7:D8:20:57:8B:7F:96:56:52:53:04:59:9B:2B:E8:A3:92:96 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5494C8E0CF71B92A6A88AB71035E82E8D448E4EF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa Signing time: Wed 10 Dec 2025 06:01:04 +0000 ROA not before: Wed 10 Dec 2025 06:01:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:94:c8:e0:cf:71:b9:2a:6a:88:ab:71:03:5e:82:e8:d4:48:e4:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=dc5657d6b97c54f4b77ea7f145af5fc42b33ebe807d9995b80f39da189fdc664, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:44:b3:af:b9:c1:3c:0f:46:6c:b4:68:8d:7d: 0b:b5:a0:6d:8f:54:71:43:6b:4b:f9:cf:9e:9b:34: bf:bd:97:eb:73:f5:b4:b0:6e:f7:5d:26:3b:8f:e3: cc:4c:13:27:f4:a1:a4:01:21:af:7e:15:0e:a5:25: 80:a9:25:1d:e3:ae:eb:6a:8b:6e:42:de:2c:51:bf: ce:f6:db:50:e5:b6:49:d2:29:14:8e:55:a1:6c:b2: 45:92:f6:d8:16:69:c6:39:51:41:03:58:d2:1c:81: 77:20:38:88:53:43:c8:a7:fa:4c:fc:5f:65:da:dc: 86:37:5b:9e:ec:0f:f7:67:c3:d1:d2:8f:48:3e:d1: 94:f8:26:e4:25:7b:7d:16:d5:fb:e9:0a:d4:06:cc: 2e:f3:79:5f:5e:9f:e8:a8:34:50:98:12:93:54:37: 8e:09:8f:4c:6b:1f:b1:e4:0b:4d:5b:61:5d:25:f4: 15:1f:b4:14:44:47:17:af:c7:62:70:37:93:ad:c0: 55:9f:a3:c4:e9:f3:d4:26:1f:01:41:33:01:be:fb: c9:9d:8c:f1:2d:3b:ff:28:2f:2e:cc:97:af:a5:bd: 24:d1:f1:8e:a7:26:00:5e:15:86:e9:2b:7f:4e:15: c5:af:4c:19:ea:a4:67:33:ec:4c:c2:b5:6a:21:ed: e8:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:85:F7:D8:20:57:8B:7F:96:56:52:53:04:59:9B:2B:E8:A3:92:96 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:8020::/48 Signature Algorithm: sha256WithRSAEncryption 67:ad:69:97:4a:35:e4:21:fe:4e:f1:4a:8e:70:6b:97:5d:80: e3:b1:22:66:15:91:56:e5:45:1a:79:c1:9d:1f:2a:e6:7c:9c: 5b:87:67:f9:e2:e6:93:93:7f:33:d1:46:48:9c:9c:33:d8:2f: 14:29:b4:8b:28:2e:e9:4c:24:71:41:ab:86:14:55:62:5a:c0: 61:c8:0b:40:85:d7:27:fb:86:62:1d:5c:26:53:0f:ae:85:c2: 32:42:29:3f:bb:b7:31:78:12:28:cf:3b:a8:00:19:bc:4d:be: 19:39:0a:52:f6:04:f3:78:91:07:64:23:1a:1c:41:57:de:e9: 91:12:40:ef:e1:28:48:d9:53:e6:d2:ab:7b:57:8e:02:b0:96: 8d:04:83:03:e2:61:65:9b:5c:e5:b7:06:45:d3:a7:ac:68:8b: 9d:95:aa:c7:13:fc:35:71:a8:b1:80:d7:2e:43:1e:fc:54:e1: 92:62:7f:38:5b:9a:b9:a2:f1:1b:2d:6e:fe:c0:ba:90:63:ab: d5:b6:68:66:95:2f:ba:2a:f3:2b:7a:f0:bd:e4:c9:bb:51:0f: fd:6f:a8:9b:a6:ed:82:0c:10:fd:35:93:85:ce:26:7c:e9:c1: 52:9a:74:47:8e:48:74:1a:91:ab:1e:85:36:38:40:30:1c:1e: 82:1b:56:0a -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUVJTI4M9xuSpqiKtxA16C6NRI5O8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGRjNTY1N2Q2Yjk3YzU0ZjRiNzdlYTdmMTQ1YWY1ZmM0MmIzM2ViZTgwN2Q5 OTk1YjgwZjM5ZGExODlmZGM2NjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJEs6+5wTwPRmy0aI19C7WgbY9UcUNrS/nPnps0v72X63P1tLBu910mO4/j zEwTJ/ShpAEhr34VDqUlgKklHeOu62qLbkLeLFG/zvbbUOW2SdIpFI5VoWyyRZL2 2BZpxjlRQQNY0hyBdyA4iFNDyKf6TPxfZdrchjdbnuwP92fD0dKPSD7RlPgm5CV7 fRbV++kK1AbMLvN5X16f6Kg0UJgSk1Q3jgmPTGsfseQLTVthXSX0FR+0FERHF6/H YnA3k63AVZ+jxOnz1CYfAUEzAb77yZ2M8S07/ygvLsyXr6W9JNHxjqcmAF4Vhukr f04Vxa9MGeqkZzPsTMK1aiHt6KcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0hffY IFeLf5ZWUlMEWZsr6KOSljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA IDANBgkqhkiG9w0BAQsFAAOCAQEAZ61pl0o15CH+TvFKjnBrl12A47EiZhWRVuVF GnnBnR8q5nycW4dn+eLmk5N/M9FGSJycM9gvFCm0iygu6UwkcUGrhhRVYlrAYcgL QIXXJ/uGYh1cJlMProXCMkIpP7u3MXgSKM87qAAZvE2+GTkKUvYE83iRB2QjGhxB V97pkRJA7+EoSNlT5tKre1eOArCWjQSDA+JhZZtc5bcGRdOnrGiLnZWqxxP8NXGo sYDXLkMe/FThkmJ/OFuauaLxGy1u/sC6kGOr1bZoZpUvuirzK3rwveTJu1EP/W+o m6btggwQ/TWThc4mfOnBUpp0R45IdBqRqx6FNjhAMBweghtWCg== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:23 2026 by rpki-client