This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa File: 3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa (raw, json) Hash identifier: z6TmfkgmXhRltMI94K+Dr3wP/vqGxR6Kca4NIaqf3l4= Subject key identifier: DF:19:63:2D:37:0D:F6:02:4B:A8:98:F9:63:78:A1:CD:86:87:40:37 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2ADA0D7D14C78201A69C94B2F8C77B982F8129FF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa Signing time: Wed 10 Dec 2025 06:00:08 +0000 ROA not before: Wed 10 Dec 2025 06:00:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d03a:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:da:0d:7d:14:c7:82:01:a6:9c:94:b2:f8:c7:7b:98:2f:81:29:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ed867287e1eabaa6acb57bc1cb40f548e34a80f3ef50049cfbee8d04c5483bcf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1a:c1:3b:d3:97:02:57:bf:8f:b8:96:9f:d6: 51:68:33:a3:26:81:63:16:11:67:75:57:7b:d4:3d: a6:6d:6d:03:53:b0:db:8c:43:06:4c:d9:cb:00:59: 53:a3:fe:87:69:13:57:cb:b1:06:a7:de:a4:fc:e5: 6a:23:27:2e:46:d9:4a:fc:f6:a0:e6:7b:f7:fc:1b: 80:ee:2f:83:d3:5c:58:cd:8d:33:54:59:97:b5:ad: 9d:9f:d2:0e:b9:22:68:50:ff:10:f8:27:90:ac:06: 80:08:e3:08:c9:4f:c7:69:aa:b6:00:9a:e9:c3:76: 47:9f:aa:03:3d:26:33:88:0f:d0:40:0d:42:e0:c8: 8a:ed:90:22:c4:da:37:f0:3a:9a:da:03:bc:da:ae: d3:0b:12:85:af:14:64:78:6d:2f:83:60:d0:02:20: 1b:38:c3:58:79:13:fe:9e:ac:c5:d8:fc:8a:22:2e: 63:3f:67:f3:fc:db:e4:25:db:c9:3e:96:d7:b1:a2: 91:bb:01:de:1a:09:e8:74:36:e0:27:28:ce:ed:f1: a2:64:ab:44:22:ac:b3:7a:3a:15:2d:4b:64:f0:fc: 5f:4f:27:10:f2:ea:b0:c9:dc:f0:22:45:e6:e0:fc: 20:85:af:fe:09:50:35:ca:aa:de:88:a1:2e:50:28: 8a:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:19:63:2D:37:0D:F6:02:4B:A8:98:F9:63:78:A1:CD:86:87:40:37 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d03a:a000::/40 Signature Algorithm: sha256WithRSAEncryption 26:2c:09:5c:f0:7a:e3:a0:f2:dc:ef:59:d4:35:c5:11:f8:e9: 13:28:36:03:d6:22:4e:27:c1:87:f9:fd:0b:c0:fb:6e:a0:00: 34:dc:37:e0:96:1f:cc:3b:4d:c1:84:e2:4d:17:fa:0a:cb:6b: ef:da:63:06:cb:d4:a7:c2:f1:4c:6b:1a:a6:f2:d1:6e:f1:be: 07:34:b5:87:18:f2:cb:8c:c7:62:c6:ba:bf:87:a4:2b:f1:e0: 7c:03:33:f2:f2:a4:10:d7:cf:22:db:1b:e2:1a:f4:ef:1c:38: c7:25:bd:19:ba:0e:d6:37:59:95:a5:53:d3:de:b3:d0:13:77: 14:54:9e:97:93:aa:97:78:0b:47:92:21:ee:8c:23:6d:65:a6: 3f:36:b2:9f:59:15:dd:6b:6f:b7:d9:fc:c1:8e:ef:c3:62:6d: 46:8d:3d:52:0a:e5:65:22:8e:fd:16:a8:e6:8b:b8:b7:c5:d4: 0f:60:c2:c0:f0:1f:44:ba:41:1d:a4:33:d3:26:9c:74:e6:3f: f2:86:ee:9a:4f:b1:45:34:46:b0:08:00:16:9b:0c:df:9f:56: 11:37:9b:81:14:78:6d:41:30:0c:ff:d2:0b:c6:68:c8:03:98: 0e:e3:0c:6e:d2:99:e5:0e:e7:4c:9f:c8:b0:b6:62:66:12:3f: b7:1e:7c:6a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKtoNfRTHggGmnJSy+Md7mC+BKf8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVkODY3Mjg3ZTFlYWJhYTZhY2I1N2JjMWNiNDBmNTQ4ZTM0YTgwZjNlZjUw MDQ5Y2ZiZWU4ZDA0YzU0ODNiY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMIawTvTlwJXv4+4lp/WUWgzoyaBYxYRZ3VXe9Q9pm1tA1Ow24xDBkzZywBZ U6P+h2kTV8uxBqfepPzlaiMnLkbZSvz2oOZ79/wbgO4vg9NcWM2NM1RZl7WtnZ/S DrkiaFD/EPgnkKwGgAjjCMlPx2mqtgCa6cN2R5+qAz0mM4gP0EANQuDIiu2QIsTa N/A6mtoDvNqu0wsSha8UZHhtL4Ng0AIgGzjDWHkT/p6sxdj8iiIuYz9n8/zb5CXb yT6W17GikbsB3hoJ6HQ24Ccozu3xomSrRCKss3o6FS1LZPD8X08nEPLqsMnc8CJF 5uD8IIWv/glQNcqq3oihLlAois8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfGWMt Nw32AkuomPljeKHNhodANzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2E2MjcxYzgtNmYwMi00NWYxLTk3ZDYtY2UyN2I0NjNkM2I1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqg MA0GCSqGSIb3DQEBCwUAA4IBAQAmLAlc8HrjoPLc71nUNcUR+OkTKDYD1iJOJ8GH +f0LwPtuoAA03Dfglh/MO03BhOJNF/oKy2vv2mMGy9SnwvFMaxqm8tFu8b4HNLWH GPLLjMdixrq/h6Qr8eB8AzPy8qQQ188i2xviGvTvHDjHJb0Zug7WN1mVpVPT3rPQ E3cUVJ6Xk6qXeAtHkiHujCNtZaY/NrKfWRXda2+32fzBju/DYm1GjT1SCuVlIo79 Fqjmi7i3xdQPYMLA8B9EukEdpDPTJpx05j/yhu6aT7FFNEawCAAWmwzfn1YRN5uB FHhtQTAM/9ILxmjIA5gO4wxu0pnlDudMn8iwtmJmEj+3Hnxq -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:34 2026 by rpki-client