This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa File: 904a13d7-baa1-4bc7-b805-601d0b998680.roa (raw, json) Hash identifier: 7IPiQQlbvA9qDl4NRusN0rliJ5ncVw7d6cJZ3ZGmex8= Subject key identifier: A7:CA:3B:11:62:58:39:0F:4F:FB:82:4C:C1:3D:B9:4D:79:A2:8E:32 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 39D839B6F6ED59C412915C37A144FD9C6C1F7DA4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa Signing time: Wed 10 Dec 2025 05:50:06 +0000 ROA not before: Wed 10 Dec 2025 05:50:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d050:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:d8:39:b6:f6:ed:59:c4:12:91:5c:37:a1:44:fd:9c:6c:1f:7d:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=94248fcfd7dd4c5073774d60ea96e69684517e9393743adaea91272b483fed22, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:3e:e7:ac:d0:0c:4b:33:ef:fa:93:5d:99:a0: d6:72:a3:1f:da:11:2a:d1:d5:a4:62:ec:87:d2:1c: 1c:92:67:de:5f:c7:03:1d:da:81:e6:b6:7f:50:6e: b6:e5:a4:9c:e7:9f:7d:8a:9a:94:e9:43:1c:cb:76: b9:85:94:e5:d5:70:fe:e9:0f:86:b1:aa:21:0c:82: 18:ca:9f:8c:0a:f5:d0:62:2d:f2:33:f6:0e:ab:1f: 6c:59:17:0a:3e:92:d6:10:25:5f:87:7d:de:c0:5f: 69:41:9e:6c:7c:e8:79:2f:37:81:10:ca:2d:98:5e: e1:13:b8:60:fa:cf:71:fa:92:20:c6:5d:cb:48:57: 98:b9:ec:98:84:34:89:31:c3:da:a1:a5:cd:72:53: f5:bf:a9:94:60:3e:82:06:f0:8d:d6:1e:25:9a:87: e4:23:2d:5f:2a:95:84:f5:7a:99:d7:0a:6f:4d:4d: 93:b6:cb:3c:60:74:d9:7c:66:65:98:8d:b0:3d:32: 12:6f:40:60:54:64:04:d6:82:d1:0e:64:99:b2:4b: 19:39:34:eb:27:42:c0:08:8c:6e:90:5f:49:9e:a7: 6c:60:54:3f:11:c7:d7:36:9b:f4:1a:4d:93:f6:f5: 5f:5c:ab:17:a5:4b:f1:70:08:70:2c:b0:e2:55:2d: 67:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:CA:3B:11:62:58:39:0F:4F:FB:82:4C:C1:3D:B9:4D:79:A2:8E:32 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/904a13d7-baa1-4bc7-b805-601d0b998680.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d050:8000::/40 Signature Algorithm: sha256WithRSAEncryption 63:e0:be:11:64:d2:f8:ba:e7:d8:3b:5e:44:c3:78:6e:b1:31: 66:82:c8:64:bc:6a:bd:6b:b8:e7:65:93:30:c8:5e:9b:d7:1b: 74:2c:c6:54:97:64:8a:b9:6e:9c:9d:a2:13:56:a2:45:be:29: ce:e6:d3:0b:30:9a:3d:2e:c2:97:68:09:5c:d1:b6:cf:3b:0c: 6c:3a:03:6b:70:77:2c:90:4c:1a:8b:9e:8d:91:f9:a7:5d:96: 59:3f:3f:cf:3e:b2:55:91:89:ff:08:b5:aa:71:ae:b3:a1:72: d8:4c:0c:1a:2d:22:ab:b5:66:a3:af:3a:66:7b:50:6c:52:9f: 95:38:14:81:e4:31:ea:b2:b4:15:23:e5:cd:68:ad:26:b8:d8: 8a:65:95:9d:22:99:1d:6e:35:0b:24:69:a7:7f:fd:2d:98:1d: 04:30:89:15:89:ee:b8:8e:57:f5:d0:3d:c4:54:c7:29:88:cf: c3:05:bc:2a:79:45:51:24:5a:79:35:bb:be:a1:25:0c:2d:1a: d8:c0:d9:c9:c8:a1:23:95:d5:10:72:a4:fb:0d:3c:b3:7a:5a: dd:2b:93:4b:38:ef:67:54:d5:09:00:f6:e6:1a:18:04:9f:b5: cf:46:45:77:7f:d6:a0:c2:ac:c9:e9:1b:6a:3e:91:9c:a6:8e: c1:34:81:c5 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOdg5tvbtWcQSkVw3oUT9nGwffaQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDk0MjQ4ZmNmZDdkZDRjNTA3Mzc3NGQ2MGVhOTZlNjk2ODQ1MTdlOTM5Mzc0 M2FkYWVhOTEyNzJiNDgzZmVkMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK0+56zQDEsz7/qTXZmg1nKjH9oRKtHVpGLsh9IcHJJn3l/HAx3agea2f1Bu tuWknOeffYqalOlDHMt2uYWU5dVw/ukPhrGqIQyCGMqfjAr10GIt8jP2DqsfbFkX Cj6S1hAlX4d93sBfaUGebHzoeS83gRDKLZhe4RO4YPrPcfqSIMZdy0hXmLnsmIQ0 iTHD2qGlzXJT9b+plGA+ggbwjdYeJZqH5CMtXyqVhPV6mdcKb01Nk7bLPGB02Xxm ZZiNsD0yEm9AYFRkBNaC0Q5kmbJLGTk06ydCwAiMbpBfSZ6nbGBUPxHH1zab9BpN k/b1X1yrF6VL8XAIcCyw4lUtZyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnyjsR Ylg5D0/7gkzBPblNeaKOMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTA0YTEzZDctYmFhMS00YmM3LWI4MDUtNjAxZDBiOTk4NjgwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCA MA0GCSqGSIb3DQEBCwUAA4IBAQBj4L4RZNL4uufYO15Ew3husTFmgshkvGq9a7jn ZZMwyF6b1xt0LMZUl2SKuW6cnaITVqJFvinO5tMLMJo9LsKXaAlc0bbPOwxsOgNr cHcskEwai56NkfmnXZZZPz/PPrJVkYn/CLWqca6zoXLYTAwaLSKrtWajrzpme1Bs Up+VOBSB5DHqsrQVI+XNaK0muNiKZZWdIpkdbjULJGmnf/0tmB0EMIkVie64jlf1 0D3EVMcpiM/DBbwqeUVRJFp5Nbu+oSUMLRrYwNnJyKEjldUQcqT7DTyzelrdK5NL OO9nVNUJAPbmGhgEn7XPRkV3f9agwqzJ6RtqPpGcpo7BNIHF -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:43 2026 by rpki-client