This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa File: 4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa (raw, json) Hash identifier: dX9a/sGA+799PCWwVM84AaDNrHCscRFa8rDhljIvNzo= Subject key identifier: 9E:D8:B0:09:61:3F:4F:95:6E:B4:42:6F:29:D4:63:87:AA:8F:86:7F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5AE224412F33A949E853505D6093BCA3E28C6DD3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa Signing time: Wed 10 Dec 2025 05:31:21 +0000 ROA not before: Wed 10 Dec 2025 05:31:21 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07e:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:e2:24:41:2f:33:a9:49:e8:53:50:5d:60:93:bc:a3:e2:8c:6d:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:21 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b0034ee6886ae978f69c4c7e1ebc31de6830d1672a090d82fd653db9222f5d1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:fd:c8:d8:0a:ac:00:c5:ad:b1:45:7a:2c:8c: 2f:f3:a4:ff:65:8e:6b:c1:5f:b8:43:5d:73:61:aa: 27:86:a4:de:e2:dc:eb:ff:33:2a:82:10:a6:1b:cd: c4:9b:1b:c6:88:eb:cb:2f:41:79:28:1a:cf:97:db: df:0d:1f:12:ac:98:a9:cb:e8:bc:0f:14:06:95:97: de:a5:92:43:cf:cf:fe:15:40:02:a5:e2:ba:d4:46: f4:91:6e:bd:27:7b:c0:75:19:bd:18:55:91:75:f4: 50:f2:3c:b0:58:e9:3b:14:98:0a:31:19:83:7d:57: bc:14:5f:59:40:44:ef:3d:56:d2:61:c6:d0:df:21: 74:65:ed:b0:74:51:19:4e:f9:3d:e8:55:4a:f8:bb: 90:5e:e2:85:a0:4d:e6:a2:07:04:81:81:72:7d:8b: fc:5b:e9:76:f9:a5:02:5e:47:a7:a7:81:52:90:14: 41:a2:7c:f5:73:fa:27:7a:3e:96:ee:27:d5:a0:ee: f0:96:88:2d:3e:00:42:15:b8:7a:da:78:62:d9:2f: 12:57:8b:5a:05:f6:08:37:6c:d8:4a:d6:66:88:c1: a1:21:8a:b2:95:91:2e:66:de:ce:56:28:ba:6f:9e: 3c:cd:93:d6:57:69:d5:d9:30:03:f6:b0:81:96:e7: 20:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:D8:B0:09:61:3F:4F:95:6E:B4:42:6F:29:D4:63:87:AA:8F:86:7F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07e:8000::/40 Signature Algorithm: sha256WithRSAEncryption 48:c9:01:a0:df:1a:d8:47:04:7c:23:94:4c:27:fc:e7:3e:08: 3e:f4:86:bd:bd:db:6a:fc:41:e0:07:f4:bf:b0:69:3a:e0:94: c5:a9:57:d8:16:7d:3a:e6:b9:6a:a7:f9:5d:8b:4f:2e:0f:42: b9:33:1e:c2:6d:fe:a3:e1:fa:70:f7:1b:28:e8:f7:2e:46:1f: e7:91:4f:1c:b3:29:fc:3a:3b:89:17:e7:7d:06:e4:89:e9:cc: 2d:05:3c:0d:87:f7:42:8c:c1:d5:0e:07:b0:2a:f4:a3:59:b8: cf:e6:c5:3f:60:4e:9d:49:17:93:4a:cc:94:15:57:b6:fc:df: 46:f5:27:33:56:a4:65:4a:0a:8d:44:26:9f:47:50:1b:c2:12: dc:9a:32:f6:f4:d3:47:1c:c8:b1:ec:e5:ef:45:08:75:e6:4d: f8:dd:4e:96:6f:39:11:2c:d7:fc:45:05:41:05:31:2d:4c:4e: 8b:c5:75:90:25:f0:7e:53:48:90:d4:cc:81:eb:2a:b0:ed:a5: ee:79:78:5c:c3:be:b5:19:b6:d1:39:2b:11:1e:b4:c9:2f:97: 9e:ef:ac:17:cb:70:ba:50:51:12:b5:41:7d:4f:f0:54:4d:81: 26:75:fa:99:f8:dd:2b:bc:dc:2b:d5:74:6d:73:38:7f:b8:09: 14:39:6f:3d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWuIkQS8zqUnoU1BdYJO8o+KMbdMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMjFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGIwMDM0ZWU2ODg2YWU5NzhmNjljNGM3ZTFlYmMzMWRlNjgzMGQxNjcyYTA5 MGQ4MmZkNjUzZGI5MjIyZjVkMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO39yNgKrADFrbFFeiyML/Ok/2WOa8FfuENdc2GqJ4ak3uLc6/8zKoIQphvN xJsbxojryy9BeSgaz5fb3w0fEqyYqcvovA8UBpWX3qWSQ8/P/hVAAqXiutRG9JFu vSd7wHUZvRhVkXX0UPI8sFjpOxSYCjEZg31XvBRfWUBE7z1W0mHG0N8hdGXtsHRR GU75PehVSvi7kF7ihaBN5qIHBIGBcn2L/FvpdvmlAl5Hp6eBUpAUQaJ89XP6J3o+ lu4n1aDu8JaILT4AQhW4etp4YtkvEleLWgX2CDds2ErWZojBoSGKspWRLmbezlYo um+ePM2T1ldp1dkwA/awgZbnIL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe2LAJ YT9PlW60Qm8p1GOHqo+GfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGMyY2Y3YjYtM2ZiYi00ZDc0LTg4NmQtMjFjNThiMzQ3ZjU4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6A MA0GCSqGSIb3DQEBCwUAA4IBAQBIyQGg3xrYRwR8I5RMJ/znPgg+9Ia9vdtq/EHg B/S/sGk64JTFqVfYFn065rlqp/ldi08uD0K5Mx7Cbf6j4fpw9xso6PcuRh/nkU8c syn8OjuJF+d9BuSJ6cwtBTwNh/dCjMHVDgewKvSjWbjP5sU/YE6dSReTSsyUFVe2 /N9G9SczVqRlSgqNRCafR1AbwhLcmjL29NNHHMix7OXvRQh15k343U6WbzkRLNf8 RQVBBTEtTE6LxXWQJfB+U0iQ1MyB6yqw7aXueXhcw761GbbROSsRHrTJL5ee76wX y3C6UFEStUF9T/BUTYEmdfqZ+N0rvNwr1XRtczh/uAkUOW89 -----END CERTIFICATE-----Generated at Sun Dec 14 01:50:37 2025 by rpki-client