This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa File: 3901d4e7-d120-481a-a199-4762783cff5b.roa (raw, json) Hash identifier: IHhNDgJET7qYJRi5eruppxaA8IX1gqy5XW7Vi4EgKME= Subject key identifier: A0:15:15:5B:57:6C:BB:9E:3C:A1:5B:26:ED:94:9B:E2:E3:99:39:6C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 10AE1B1334FE7EEE88F6B318BB5D1579A980F677 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa Signing time: Wed 10 Dec 2025 06:00:03 +0000 ROA not before: Wed 10 Dec 2025 06:00:03 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d059:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:ae:1b:13:34:fe:7e:ee:88:f6:b3:18:bb:5d:15:79:a9:80:f6:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:03 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=0d7b0fe2193449b9c652d20567116024b79a2f3737b7d2bf6146db242643fc96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e2:4a:64:27:55:c1:7d:37:27:a2:9a:50:3a: f3:bd:91:4c:85:64:9d:3d:04:b9:3b:20:00:db:8e: 66:e2:6f:c3:f5:5a:1d:3f:24:e1:aa:b2:19:30:87: 97:22:42:65:28:0d:00:46:d7:8d:56:d3:f5:39:10: 4a:1d:41:8f:c7:df:40:3f:a2:17:fa:c6:40:25:f1: 02:9c:10:2e:db:62:9c:d5:b0:92:36:d8:3a:62:79: ef:72:67:fa:8e:50:5a:55:e7:15:03:bc:46:5d:01: 2c:bc:c9:47:73:c2:76:a6:e7:3f:6d:85:cc:8d:9a: 51:6a:48:e2:f0:53:3e:86:b8:83:d0:31:6c:10:bd: 10:d9:b4:1e:90:08:9b:13:50:5b:42:65:24:66:e4: 0e:55:24:91:d7:9a:93:30:09:f8:a8:a8:67:1a:dd: 3e:f3:58:a5:19:ab:9f:60:7a:8c:18:34:55:99:c2: ee:5f:d9:ea:13:ce:a3:6c:a7:93:89:8f:18:e1:00: 8f:86:78:d6:5a:16:b5:15:dd:d6:17:a7:97:6c:80: ab:78:a9:a4:ef:53:de:88:ac:01:ff:93:b3:c9:3e: 24:4a:a0:e8:ef:42:8d:4a:f5:09:dd:0d:70:25:75: d6:cf:4b:0e:65:45:60:0c:02:7a:54:e5:36:8a:9e: 2a:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:15:15:5B:57:6C:BB:9E:3C:A1:5B:26:ED:94:9B:E2:E3:99:39:6C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3901d4e7-d120-481a-a199-4762783cff5b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:4000::/40 Signature Algorithm: sha256WithRSAEncryption c7:97:ac:c7:a3:9c:f0:0d:68:3f:90:50:05:78:56:1f:3a:96: e9:07:10:87:ef:15:56:2a:da:c4:86:2b:9b:f9:79:37:c0:8f: f8:92:b8:76:19:99:42:8d:85:4c:c2:8c:d9:c8:55:cc:c4:8d: a5:f8:c1:75:bd:42:04:0e:07:69:4a:7a:be:70:55:54:68:0c: 01:7c:c6:99:08:82:a0:fc:ef:0d:6c:6b:c6:4c:39:2c:80:04: 0a:7d:76:55:22:d4:d3:f6:7f:c0:86:55:c1:43:e9:0f:1a:b5: ca:bc:33:9a:d8:80:d9:ac:a8:99:fd:b2:2b:90:5f:87:df:11: e4:f2:f5:62:1c:e5:ec:09:68:6d:1f:80:e3:df:74:69:50:c6: cf:39:0b:b5:8e:f5:94:ea:7f:86:10:a1:73:42:d7:a1:c4:70: 94:f0:ff:d1:10:c6:03:0a:e4:79:39:1b:08:9b:e4:43:fb:e6: 72:ee:0f:d7:2e:67:8c:e5:0a:fc:88:c3:bd:f8:12:08:08:45: ac:dc:97:8a:3f:b4:3b:2a:cc:4f:48:55:72:b3:9d:62:f5:85: 24:f7:93:2b:1f:43:3f:63:72:2b:55:cf:0a:70:96:10:3f:ad: ba:83:ec:e9:f7:b1:97:5e:9c:fe:ba:a8:72:db:0b:72:22:28: e8:3d:1a:c8 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEK4bEzT+fu6I9rMYu10VeamA9ncwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwMDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDBkN2IwZmUyMTkzNDQ5YjljNjUyZDIwNTY3MTE2MDI0Yjc5YTJmMzczN2I3 ZDJiZjYxNDZkYjI0MjY0M2ZjOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfiSmQnVcF9NyeimlA6872RTIVknT0EuTsgANuOZuJvw/VaHT8k4aqyGTCH lyJCZSgNAEbXjVbT9TkQSh1Bj8ffQD+iF/rGQCXxApwQLttinNWwkjbYOmJ573Jn +o5QWlXnFQO8Rl0BLLzJR3PCdqbnP22FzI2aUWpI4vBTPoa4g9AxbBC9ENm0HpAI mxNQW0JlJGbkDlUkkdeakzAJ+KioZxrdPvNYpRmrn2B6jBg0VZnC7l/Z6hPOo2yn k4mPGOEAj4Z41loWtRXd1henl2yAq3ippO9T3oisAf+Ts8k+JEqg6O9CjUr1Cd0N cCV11s9LDmVFYAwCelTlNoqeKs8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgFRVb V2y7njyhWybtlJvi45k5bDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzkwMWQ0ZTctZDEyMC00ODFhLWExOTktNDc2Mjc4M2NmZjViLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA MA0GCSqGSIb3DQEBCwUAA4IBAQDHl6zHo5zwDWg/kFAFeFYfOpbpBxCH7xVWKtrE hiub+Xk3wI/4krh2GZlCjYVMwozZyFXMxI2l+MF1vUIEDgdpSnq+cFVUaAwBfMaZ CIKg/O8NbGvGTDksgAQKfXZVItTT9n/AhlXBQ+kPGrXKvDOa2IDZrKiZ/bIrkF+H 3xHk8vViHOXsCWhtH4Dj33RpUMbPOQu1jvWU6n+GEKFzQtehxHCU8P/REMYDCuR5 ORsIm+RD++Zy7g/XLmeM5Qr8iMO9+BIICEWs3JeKP7Q7KsxPSFVys51i9YUk95Mr H0M/Y3IrVc8KcJYQP626g+zp97GXXpz+uqhy2wtyIijoPRrI -----END CERTIFICATE-----Generated at Wed Jan 7 23:48:25 2026 by rpki-client