This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json) Hash identifier: 04AZRoI/r5cUOpX4krh3v7HquJEEevApylbgS6Jcctw= Subject key identifier: 6A:AF:27:7A:1F:8E:94:A4:15:FB:9E:9E:60:2D:79:03:F3:64:0F:80 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6AF737EC82E5CE29DA378AC9A6815E397AA6A18C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa Signing time: Wed 10 Dec 2025 06:20:45 +0000 ROA not before: Wed 10 Dec 2025 06:20:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:f7:37:ec:82:e5:ce:29:da:37:8a:c9:a6:81:5e:39:7a:a6:a1:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c989f85005ed63bac8a37162a57db160e0a43f37b2987b45c4aebb01f8b51a42, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:7a:de:e3:c2:fe:0f:ff:5e:1e:a0:06:b3:da: ab:64:63:04:ac:b6:fb:cd:3c:8a:74:c7:cb:5f:ce: ff:3b:9b:75:5f:dc:1b:61:f4:37:36:08:33:7f:0d: 40:75:54:80:af:54:45:be:f5:c5:3e:d4:c0:60:42: 2f:0a:4d:0f:6f:74:3b:cd:63:1a:9f:a3:a5:7d:10: b6:61:c7:83:6b:bb:37:44:73:8f:0e:b8:b4:ab:d5: f1:a5:8e:8e:be:6a:16:7a:6e:f0:3b:e8:a0:6e:f1: 47:47:d4:e8:e0:b9:d7:46:20:bd:e0:01:85:6d:df: ee:eb:c1:06:c9:40:a8:68:a7:2f:b2:51:47:1e:8f: eb:75:78:bd:7c:66:a4:62:48:34:f0:38:0c:ed:d4: 08:75:7a:7b:7f:88:73:32:d9:bc:4a:63:6b:35:ad: 8f:86:1c:e0:8f:a2:dc:2c:9a:cd:02:2f:9d:78:c4: 15:49:78:bc:68:dc:dc:f8:a9:b2:c3:ba:60:19:a9: 63:f2:75:fb:0c:89:a9:ce:4e:7c:4a:8e:bd:11:8b: 1b:18:60:b3:06:a8:b7:6d:e0:c1:d2:c2:0f:e8:27: 28:02:e8:c0:75:a9:12:bb:6e:e8:e2:ff:bb:7d:a8: 1a:ed:fa:45:41:89:00:1a:6d:ca:01:d5:fa:8c:8b: fc:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:AF:27:7A:1F:8E:94:A4:15:FB:9E:9E:60:2D:79:03:F3:64:0F:80 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:2000::/40 Signature Algorithm: sha256WithRSAEncryption 31:2d:e4:57:39:b1:25:bb:e8:71:2d:63:8f:61:90:8a:70:f5: 82:5e:87:c0:81:8e:11:d0:21:d4:90:82:6c:3c:f4:f2:7c:fb: ce:2b:aa:d8:fe:f9:b0:9d:9e:7f:0f:d6:2c:7d:2f:af:7c:08: 0b:05:25:d4:a2:93:16:9b:69:91:d8:ba:b7:ee:a9:da:15:fc: 86:4c:83:eb:72:cf:1f:4e:b1:8a:59:b4:a9:47:38:51:8e:5b: 8e:22:ce:b9:0a:17:16:56:be:37:7f:46:0c:1c:12:b9:b9:c7: a3:2b:27:ff:6b:29:7e:76:a8:93:b0:c5:34:01:a5:17:5e:4a: 97:09:c4:a7:71:b3:ab:1c:ea:20:38:de:35:05:c3:43:b5:69: 62:78:1a:e5:40:79:95:28:e1:7f:d6:2a:00:9a:45:c9:5d:b0: 8c:3c:4a:bd:78:1b:1c:33:b3:fc:11:04:21:4c:23:b1:2b:2f: 98:29:e1:b7:90:5d:5d:e7:d5:06:32:9b:b7:a4:9e:0d:06:93: ca:ab:e9:13:eb:a2:f3:50:0b:66:7f:a8:2f:b4:5e:3a:d5:aa: 74:d1:8c:2d:17:1b:cc:c8:59:1c:30:7e:df:08:94:22:9b:d7: ac:a3:a7:e5:76:24:40:1d:b7:e5:7b:56:41:78:8a:64:91:e1: f8:c6:62:5c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUavc37ILlzinaN4rJpoFeOXqmoYwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM5ODlmODUwMDVlZDYzYmFjOGEzNzE2MmE1N2RiMTYwZTBhNDNmMzdiMjk4 N2I0NWM0YWViYjAxZjhiNTFhNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI563uPC/g//Xh6gBrPaq2RjBKy2+808inTHy1/O/zubdV/cG2H0NzYIM38N QHVUgK9URb71xT7UwGBCLwpND290O81jGp+jpX0QtmHHg2u7N0Rzjw64tKvV8aWO jr5qFnpu8DvooG7xR0fU6OC510YgveABhW3f7uvBBslAqGinL7JRRx6P63V4vXxm pGJINPA4DO3UCHV6e3+IczLZvEpjazWtj4Yc4I+i3CyazQIvnXjEFUl4vGjc3Pip ssO6YBmpY/J1+wyJqc5OfEqOvRGLGxhgswaot23gwdLCD+gnKALowHWpErtu6OL/ u32oGu36RUGJABptygHV+oyL/CsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqryd6 H46UpBX7np5gLXkD82QPgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg MA0GCSqGSIb3DQEBCwUAA4IBAQAxLeRXObElu+hxLWOPYZCKcPWCXofAgY4R0CHU kIJsPPTyfPvOK6rY/vmwnZ5/D9YsfS+vfAgLBSXUopMWm2mR2Lq37qnaFfyGTIPr cs8fTrGKWbSpRzhRjluOIs65ChcWVr43f0YMHBK5ucejKyf/ayl+dqiTsMU0AaUX XkqXCcSncbOrHOogON41BcNDtWlieBrlQHmVKOF/1ioAmkXJXbCMPEq9eBscM7P8 EQQhTCOxKy+YKeG3kF1d59UGMpu3pJ4NBpPKq+kT66LzUAtmf6gvtF461ap00Ywt FxvMyFkcMH7fCJQim9eso6fldiRAHbfle1ZBeIpkkeH4xmJc -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:54 2026 by rpki-client