This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json) Hash identifier: yvhdflrRbO1g4vCVH+GJH82EHlHhXXXBJi6dN2kXscY= Subject key identifier: B4:19:32:F8:FC:6C:C3:7B:61:4B:03:1E:30:6D:09:C6:C5:D6:BE:BF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 76E621C277CD500CF7A0590485B27F1926D83318 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa Signing time: Wed 10 Dec 2025 05:30:56 +0000 ROA not before: Wed 10 Dec 2025 05:30:56 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:e6:21:c2:77:cd:50:0c:f7:a0:59:04:85:b2:7f:19:26:d8:33:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:56 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=8b218e4681fb40ff417984da102e4e2fb52caa211ac5d89deb28aea651fdbd0b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0c:3a:36:c2:8c:73:0a:ca:74:2a:2e:8c:50: df:c2:c7:88:ac:cc:10:21:6e:08:fa:ab:66:ca:b7: b1:ee:c6:05:0e:3e:9c:26:62:99:52:a7:86:12:a3: e4:92:6d:79:ae:0f:e6:f4:98:1f:1a:b6:e9:5c:cd: c9:3c:22:6f:05:f0:6f:a9:bf:ce:e9:5b:a5:29:8b: d0:a2:67:11:e4:5e:1b:19:ea:81:6f:51:01:de:6c: 14:27:f4:6a:7d:29:ce:c5:00:e9:b3:32:77:82:e5: 31:e0:4c:2b:47:52:20:a7:8c:96:d2:8f:73:ad:d6: 05:41:b9:bd:d3:21:ae:2d:02:cb:20:a1:ec:27:87: ca:e0:07:3d:b8:c0:37:a3:34:bf:58:3b:74:42:a8: c3:7b:ef:d0:86:c9:61:a5:16:e7:76:0b:d6:99:08: ed:42:c3:00:87:aa:5a:0a:a9:e9:08:1c:cd:5b:5a: 5d:1e:22:db:b6:ae:d3:7a:ed:29:28:03:7c:d4:86: 60:d7:d5:51:47:d4:a8:9f:2c:70:1e:2a:08:4a:15: 97:4d:d7:2b:cc:c5:26:e2:e8:d4:49:3b:04:af:04: 29:99:f8:d1:f9:e0:5e:ce:74:4d:54:ee:74:8c:06: 00:08:ba:71:ce:3c:f8:ad:dd:bc:18:5f:c5:fb:5c: 45:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:19:32:F8:FC:6C:C3:7B:61:4B:03:1E:30:6D:09:C6:C5:D6:BE:BF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:e000::/40 Signature Algorithm: sha256WithRSAEncryption aa:33:d7:ef:79:e1:3e:b0:67:80:f8:70:9d:fd:22:97:3d:51: e7:55:f6:1c:7e:23:14:98:8a:66:9d:ca:cc:32:42:b6:cc:14: 6a:d1:e2:43:4c:ad:8d:96:1b:39:32:a0:30:0b:c3:1c:04:3c: 04:88:c6:67:05:34:be:73:5b:5b:5f:17:a6:a3:f5:20:d6:7b: 09:dc:07:1d:b7:a8:59:32:51:ca:11:7d:fc:f8:01:b7:1c:66: 5a:65:e3:75:5e:ec:42:4c:cf:6a:57:c6:66:4c:bb:02:8d:29: 4b:5a:b8:9b:a1:a4:a0:c5:3f:fa:e7:28:da:28:31:67:a6:65: 98:d4:4c:45:61:ad:91:9d:a2:46:c2:94:f5:76:8d:1b:76:f2: ba:d6:07:07:98:ec:ac:24:ce:d5:e6:03:34:f0:7a:92:0f:61: 33:5b:43:92:0b:f5:1c:c5:1b:2f:97:fb:76:ca:8b:ae:3b:37: 4f:c8:e1:11:2d:c6:81:bd:8d:8b:1f:2c:47:8f:6a:b9:ba:82: e7:53:4a:5c:bd:c8:2c:45:9a:81:23:08:c5:66:b8:9a:82:03: 81:c9:22:16:4d:19:c5:92:13:04:e5:26:fc:9c:19:91:8b:f1: 77:d2:e9:0a:5b:52:ea:8c:73:d0:ee:a1:db:45:f8:c2:46:d3: 2f:56:2f:45 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUduYhwnfNUAz3oFkEhbJ/GSbYMxgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNTZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDhiMjE4ZTQ2ODFmYjQwZmY0MTc5ODRkYTEwMmU0ZTJmYjUyY2FhMjExYWM1 ZDg5ZGViMjhhZWE2NTFmZGJkMGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUMOjbCjHMKynQqLoxQ38LHiKzMECFuCPqrZsq3se7GBQ4+nCZimVKnhhKj 5JJtea4P5vSYHxq26VzNyTwibwXwb6m/zulbpSmL0KJnEeReGxnqgW9RAd5sFCf0 an0pzsUA6bMyd4LlMeBMK0dSIKeMltKPc63WBUG5vdMhri0CyyCh7CeHyuAHPbjA N6M0v1g7dEKow3vv0IbJYaUW53YL1pkI7ULDAIeqWgqp6QgczVtaXR4i27au03rt KSgDfNSGYNfVUUfUqJ8scB4qCEoVl03XK8zFJuLo1Ek7BK8EKZn40fngXs50TVTu dIwGAAi6cc48+K3dvBhfxftcRecCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0GTL4 /GzDe2FLAx4wbQnGxda+vzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg MA0GCSqGSIb3DQEBCwUAA4IBAQCqM9fveeE+sGeA+HCd/SKXPVHnVfYcfiMUmIpm ncrMMkK2zBRq0eJDTK2Nlhs5MqAwC8McBDwEiMZnBTS+c1tbXxemo/Ug1nsJ3Acd t6hZMlHKEX38+AG3HGZaZeN1XuxCTM9qV8ZmTLsCjSlLWriboaSgxT/65yjaKDFn pmWY1ExFYa2RnaJGwpT1do0bdvK61gcHmOysJM7V5gM08HqSD2EzW0OSC/UcxRsv l/t2youuOzdPyOERLcaBvY2LHyxHj2q5uoLnU0pcvcgsRZqBIwjFZriaggOBySIW TRnFkhME5Sb8nBmRi/F30ukKW1LqjHPQ7qHbRfjCRtMvVi9F -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:28 2026 by rpki-client