This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa File: 0b28278f-4fad-45f4-a194-c2e785f1c443.roa (raw, json) Hash identifier: bzvf5r2b1ndJqx3NWKd7OyIrysEoFd+fM8DNzUCEQYk= Subject key identifier: 79:80:1E:51:10:51:BD:65:2E:14:95:F1:8D:AC:7A:34:3E:CD:CA:DA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 29485448AC5FF9AA7FFF54651346D9A8CA254F38 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa Signing time: Wed 10 Dec 2025 05:10:09 +0000 ROA not before: Wed 10 Dec 2025 05:10:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d019:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:48:54:48:ac:5f:f9:aa:7f:ff:54:65:13:46:d9:a8:ca:25:4f:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:10:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=acb57df9151cd5a6856f972acca52f930bc5e8be603747537216a812b3209575, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:99:77:cc:aa:be:21:2d:07:83:fb:f2:93:de: bb:54:bc:24:c6:26:20:8e:7b:72:fe:d0:89:51:82: 51:07:08:3a:c9:a0:94:46:7d:a0:6e:aa:8d:5d:18: e2:d0:87:02:fa:e6:4d:0c:67:33:ca:55:3f:ee:ed: 95:3f:d6:00:b4:96:35:f4:97:c7:a8:17:a5:a5:ff: 7d:87:20:6b:2b:57:17:5e:0f:c9:d3:d9:42:97:dd: 90:31:66:12:7a:62:2d:11:34:3a:7f:e5:e8:a1:5e: 07:82:fd:aa:74:af:89:0e:66:ea:29:62:37:eb:0a: 74:ed:45:8d:b6:50:86:98:32:88:5b:88:14:76:ef: fa:1f:93:12:ea:6e:d5:69:fd:36:00:fe:66:7d:1d: 7f:00:a0:15:b5:8d:5b:a8:13:db:41:e8:31:9b:76: b4:c9:b9:7d:bb:a9:d5:85:89:25:f2:b2:05:97:db: ff:db:dd:97:d5:9c:65:49:e2:cb:41:42:98:a0:43: 30:a2:2d:c2:08:48:59:72:9a:e5:02:0d:35:37:0f: 87:ee:ec:b6:f0:6b:9b:ec:b0:cf:63:cc:10:83:83: f0:f2:cc:3d:a9:c9:d4:87:50:cb:24:f2:87:ad:07: e3:02:c8:3d:b9:cb:a7:9a:eb:8e:6c:7a:e8:a3:3e: 60:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:80:1E:51:10:51:BD:65:2E:14:95:F1:8D:AC:7A:34:3E:CD:CA:DA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d019:800::/38 Signature Algorithm: sha256WithRSAEncryption a7:1f:f1:b7:30:b0:cd:bf:52:85:2f:e1:41:ad:e8:16:e2:a3: 46:06:6b:89:2e:cc:49:4f:36:df:7e:bf:b1:68:7c:ec:5f:b6: a8:17:8a:e3:72:dd:3e:50:b1:fc:1c:3e:03:f4:57:1a:c6:e2: 66:ce:df:85:0b:9b:c5:6e:b3:84:5c:dc:c0:b3:60:56:e5:2d: f5:d5:a3:7f:65:39:63:0e:62:92:e6:24:d3:65:50:92:2e:30: c6:f7:7a:f7:1d:c3:f6:a2:83:a9:53:d1:ea:86:0e:c5:20:43: bf:a8:6a:e1:81:f4:8a:2b:90:f0:36:9f:ac:f4:a2:09:b3:09: e3:67:53:7a:84:9a:20:a2:0f:9c:33:99:7c:4a:64:b7:1a:8a: ca:3d:86:8b:5d:61:6d:34:f8:39:a0:a6:01:8c:a0:ef:9b:7d: c9:b2:22:0d:52:e9:8f:74:f0:e4:60:6d:4e:12:5f:36:4a:18: a2:27:7d:0b:ce:0a:5f:90:af:b0:2d:93:ed:1e:0f:4f:39:4b: 23:35:f5:cd:c2:7d:67:a8:a3:30:ff:71:42:57:31:18:01:0b: 8d:80:a4:78:e9:b7:21:1a:fa:0a:ce:c2:f8:aa:7d:ad:1d:39: 66:05:e0:6d:db:31:d5:79:ea:90:de:70:29:f2:4d:25:00:18: 54:67:6f:3a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKUhUSKxf+ap//1RlE0bZqMolTzgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTEwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGFjYjU3ZGY5MTUxY2Q1YTY4NTZmOTcyYWNjYTUyZjkzMGJjNWU4YmU2MDM3 NDc1MzcyMTZhODEyYjMyMDk1NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI2Zd8yqviEtB4P78pPeu1S8JMYmII57cv7QiVGCUQcIOsmglEZ9oG6qjV0Y 4tCHAvrmTQxnM8pVP+7tlT/WALSWNfSXx6gXpaX/fYcgaytXF14PydPZQpfdkDFm EnpiLRE0On/l6KFeB4L9qnSviQ5m6iliN+sKdO1FjbZQhpgyiFuIFHbv+h+TEupu 1Wn9NgD+Zn0dfwCgFbWNW6gT20HoMZt2tMm5fbup1YWJJfKyBZfb/9vdl9WcZUni y0FCmKBDMKItwghIWXKa5QINNTcPh+7stvBrm+ywz2PMEIOD8PLMPanJ1IdQyyTy h60H4wLIPbnLp5rrjmx66KM+YBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5gB5R EFG9ZS4UlfGNrHo0Ps3K2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGIyODI3OGYtNGZhZC00NWY0LWExOTQtYzJlNzg1ZjFjNDQzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkI MA0GCSqGSIb3DQEBCwUAA4IBAQCnH/G3MLDNv1KFL+FBregW4qNGBmuJLsxJTzbf fr+xaHzsX7aoF4rjct0+ULH8HD4D9FcaxuJmzt+FC5vFbrOEXNzAs2BW5S311aN/ ZTljDmKS5iTTZVCSLjDG93r3HcP2ooOpU9Hqhg7FIEO/qGrhgfSKK5DwNp+s9KIJ swnjZ1N6hJogog+cM5l8SmS3GorKPYaLXWFtNPg5oKYBjKDvm33JsiINUumPdPDk YG1OEl82ShiiJ30LzgpfkK+wLZPtHg9POUsjNfXNwn1nqKMw/3FCVzEYAQuNgKR4 6bchGvoKzsL4qn2tHTlmBeBt2zHVeeqQ3nAp8k0lABhUZ286 -----END CERTIFICATE-----Generated at Sun Dec 14 01:34:24 2025 by rpki-client