This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa File: 2d9f3120-fab9-43aa-973f-4142925b1416.roa (raw, json) Hash identifier: GFiuzuHFPym6E5RtyNV+jYCFBPRldiplTHrbevJB1v4= Subject key identifier: 8E:D9:53:A3:74:7D:A7:70:98:D8:69:84:D0:EB:5A:22:A8:2E:B9:1E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4F8BDDD32BDB69D7E4D12F3FF877102F19D711DE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa Signing time: Wed 10 Dec 2025 06:30:11 +0000 ROA not before: Wed 10 Dec 2025 06:30:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:8b:dd:d3:2b:db:69:d7:e4:d1:2f:3f:f8:77:10:2f:19:d7:11:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=70bb022f72d7b19b039b98c761696044de3512dbfdfb520116a93d97723c4c2f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:7c:d9:00:9a:de:4d:5b:05:80:99:ba:3a:ab: 5d:82:20:c7:3e:b4:25:8b:6f:67:26:c5:2a:3d:c1: 3a:10:02:e1:17:1d:ad:d0:20:54:ce:ad:d6:30:0b: 99:67:73:ba:19:88:04:2d:68:b2:67:4e:4d:67:d0: 49:a8:8e:73:b2:7d:31:9d:01:29:34:cc:64:31:0b: 60:29:23:7e:f6:38:2b:cd:41:97:a0:26:8e:db:7c: bc:e9:80:96:5b:c3:19:4c:9e:70:6e:c5:f4:37:a4: 6d:8e:b9:d5:7a:df:da:bd:b4:14:55:39:67:bf:b2: af:f0:79:88:8a:ab:49:30:c7:2b:54:f6:62:34:c4: 9b:05:91:6d:72:0a:c9:09:7e:78:dd:b9:35:27:02: 5c:b8:9f:30:4e:f3:ec:63:26:62:fa:fe:f1:9b:62: 2c:a5:46:fe:73:33:36:61:63:8d:e7:1e:a7:01:1e: b1:24:91:3d:c2:ff:62:b7:2c:22:d3:ae:a9:25:76: c4:11:fa:0d:b0:bb:3e:c0:53:60:b6:63:b3:58:8e: cc:50:6b:34:eb:d4:b8:ec:35:5a:cd:91:78:ca:8a: b7:a6:07:e4:94:eb:88:da:c8:d5:b3:22:bc:2a:0b: 31:43:e1:ad:67:8b:18:99:1d:72:cc:12:ae:46:8b: 9e:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:D9:53:A3:74:7D:A7:70:98:D8:69:84:D0:EB:5A:22:A8:2E:B9:1E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:10c0::/48 Signature Algorithm: sha256WithRSAEncryption 01:53:34:d2:b9:27:2c:48:06:ac:ba:37:79:e4:75:3c:31:64: f7:c8:c8:87:25:db:ff:41:5a:e8:7b:2f:40:4f:b4:ec:9d:2e: 5d:71:54:9e:a4:aa:13:c0:80:6b:21:f1:c6:5d:56:13:27:31: cf:0d:52:05:3b:1f:9c:72:fd:cc:af:81:7c:18:18:68:57:5a: e0:cd:fc:b4:d2:d2:b8:97:bd:9a:a8:5f:c7:da:33:51:95:0b: 89:5f:77:8e:e6:a1:bb:e6:9b:01:d1:1c:9e:5e:e9:5a:57:a5: 3b:9b:5a:0c:00:1a:2d:f2:88:c4:46:e7:04:3b:9a:a5:bf:d4: 8b:5f:e5:44:a6:b0:8b:bc:18:15:36:45:af:27:8f:93:4a:09: a1:28:15:ba:ba:d8:49:ae:c4:4e:be:64:16:2c:1c:23:aa:62: 53:03:0d:2a:cc:52:94:ab:0c:3e:f6:22:3c:00:35:32:f0:20: 44:9a:b6:b2:26:80:3d:41:31:8b:02:e3:75:72:90:95:a1:fa: ca:45:90:ea:c3:79:3e:1d:4e:da:11:29:14:72:9b:8a:0b:f1: 61:5b:21:e6:5c:05:be:84:33:76:58:8b:37:d8:38:d9:0c:ed: 5e:ff:87:3d:2a:7a:12:50:89:08:ac:94:4e:a5:a7:e5:03:f4: af:d8:9d:e0 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUT4vd0yvbadfk0S8/+HcQLxnXEd4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDcwYmIwMjJmNzJkN2IxOWIwMzliOThjNzYxNjk2MDQ0ZGUzNTEyZGJmZGZi NTIwMTE2YTkzZDk3NzIzYzRjMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANl82QCa3k1bBYCZujqrXYIgxz60JYtvZybFKj3BOhAC4RcdrdAgVM6t1jAL mWdzuhmIBC1osmdOTWfQSaiOc7J9MZ0BKTTMZDELYCkjfvY4K81Bl6Amjtt8vOmA llvDGUyecG7F9DekbY651Xrf2r20FFU5Z7+yr/B5iIqrSTDHK1T2YjTEmwWRbXIK yQl+eN25NScCXLifME7z7GMmYvr+8ZtiLKVG/nMzNmFjjecepwEesSSRPcL/Yrcs ItOuqSV2xBH6DbC7PsBTYLZjs1iOzFBrNOvUuOw1Ws2ReMqKt6YH5JTriNrI1bMi vCoLMUPhrWeLGJkdcswSrkaLnuUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSO2VOj dH2ncJjYaYTQ61oiqC65HjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmQ5ZjMxMjAtZmFiOS00M2FhLTk3M2YtNDE0MjkyNWIxNDE2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ wDANBgkqhkiG9w0BAQsFAAOCAQEAAVM00rknLEgGrLo3eeR1PDFk98jIhyXb/0Fa 6HsvQE+07J0uXXFUnqSqE8CAayHxxl1WEycxzw1SBTsfnHL9zK+BfBgYaFda4M38 tNLSuJe9mqhfx9ozUZULiV93juahu+abAdEcnl7pWlelO5taDAAaLfKIxEbnBDua pb/Ui1/lRKawi7wYFTZFryePk0oJoSgVurrYSa7ETr5kFiwcI6piUwMNKsxSlKsM PvYiPAA1MvAgRJq2siaAPUExiwLjdXKQlaH6ykWQ6sN5Ph1O2hEpFHKbigvxYVsh 5lwFvoQzdliLN9g42QztXv+HPSp6ElCJCKyUTqWn5QP0r9id4A== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:31 2026 by rpki-client