This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa File: 90bd72ba-b30d-4433-a47e-e0543a4ea451.roa (raw, json) Hash identifier: iKNrQPBtrZTSa+V8vRvEEbtr0nRTCaKRPu3tPQdMsYs= Subject key identifier: 33:92:50:FB:83:C4:36:D7:63:3C:38:71:9B:BE:CC:92:9E:88:9F:67 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7E5B4AC1600BB76C0C7EEF48E7781A26AAB9B911 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa Signing time: Wed 10 Dec 2025 05:41:00 +0000 ROA not before: Wed 10 Dec 2025 05:41:00 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:5b:4a:c1:60:0b:b7:6c:0c:7e:ef:48:e7:78:1a:26:aa:b9:b9:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:00 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=fa983d5d036b8f86af117be5c5c19fd9b8ce72c4937d03a9d08615203cbee5b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:09:7b:34:b7:7b:dd:ba:e8:0e:35:fb:94:2d: e0:5d:46:9b:aa:6d:8b:43:81:aa:dd:9d:5d:3f:5b: fd:ed:8a:a3:84:94:57:0a:4e:6d:b0:90:fe:17:be: 42:a6:81:75:51:49:ad:4c:8f:51:47:47:f8:c1:0e: 5a:d7:3e:c3:7b:d9:88:b4:01:6c:02:59:48:1f:70: 60:c3:6e:45:c6:d0:d6:03:25:66:b5:6a:f8:cb:56: d4:6b:bc:3d:3d:e3:ce:58:56:ce:d8:81:0f:08:8a: 04:0a:c9:96:9c:90:0b:9d:08:74:39:63:ec:92:b5: 2f:97:34:fe:98:cf:3a:ad:fd:8e:f7:89:61:89:a0: db:c3:52:94:ff:21:8e:f1:07:85:4b:fc:e8:72:f9: e6:d0:49:4c:de:0a:82:df:ae:02:fd:2b:5f:77:5c: ab:0e:f2:a5:9b:2f:1e:54:1e:ba:1d:c0:d2:e0:a6: bb:23:74:b6:3a:1a:8d:70:ab:e0:00:5f:28:ba:8c: 9d:ac:93:68:8a:23:58:ab:1f:05:19:ed:e0:72:6c: c1:62:07:4e:e4:9f:63:e1:70:0b:93:8d:36:7e:74: 8a:1e:a4:66:a2:02:4a:32:0f:e3:c9:05:42:a6:f9: dd:4b:38:b4:9f:ef:32:1c:64:81:67:4f:e9:f8:f6: a9:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:92:50:FB:83:C4:36:D7:63:3C:38:71:9B:BE:CC:92:9E:88:9F:67 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:e000::/40 Signature Algorithm: sha256WithRSAEncryption c6:5a:de:db:7f:2f:fd:e7:84:59:5e:b8:a5:b6:9c:bf:9b:2a: f6:d8:61:1a:78:f4:28:58:6b:85:8a:b5:e8:fd:e9:cb:2c:4d: 67:47:a8:c8:3d:04:60:a2:37:90:32:43:38:89:76:dc:70:13: a2:fe:7b:0b:f0:1c:9c:19:9d:53:96:c4:36:98:85:2d:c7:c3: 7a:a9:fc:7a:0c:5d:6c:44:bf:8e:d9:c2:96:63:2b:62:76:27: b7:fd:5e:84:92:d3:f5:bb:77:d9:da:0c:b4:ce:5c:fe:f9:bd: 4b:d6:de:90:ec:cf:13:ef:c7:c1:b0:9a:dd:b8:04:f4:b3:5c: d6:60:ec:d6:e7:28:40:be:71:1d:c8:15:58:0b:48:67:39:6b: 67:36:dc:e6:1a:72:c0:95:49:b1:21:c5:cb:e6:6e:8f:f4:20: b9:cf:e6:42:9e:bc:c8:77:88:a6:39:1d:cd:1f:65:93:38:a0: ee:f5:96:5b:87:63:9e:d9:4a:82:02:eb:0a:2e:e8:cf:88:f2: aa:8f:70:ea:8b:bf:03:4f:a9:48:a7:1c:75:b7:6b:76:2d:e1: 1f:84:d2:2f:fc:7c:60:42:34:bd:d2:bb:a6:11:78:cd:4e:ae: db:aa:38:03:34:02:c8:76:02:7f:b1:9e:7f:51:84:cf:a3:8f: f0:3b:ff:ed -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfltKwWALt2wMfu9I53gaJqq5uREwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMDBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGZhOTgzZDVkMDM2YjhmODZhZjExN2JlNWM1YzE5ZmQ5YjhjZTcyYzQ5Mzdk MDNhOWQwODYxNTIwM2NiZWU1YjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANUJezS3e9266A41+5Qt4F1Gm6pti0OBqt2dXT9b/e2Ko4SUVwpObbCQ/he+ QqaBdVFJrUyPUUdH+MEOWtc+w3vZiLQBbAJZSB9wYMNuRcbQ1gMlZrVq+MtW1Gu8 PT3jzlhWztiBDwiKBArJlpyQC50IdDlj7JK1L5c0/pjPOq39jveJYYmg28NSlP8h jvEHhUv86HL55tBJTN4Kgt+uAv0rX3dcqw7ypZsvHlQeuh3A0uCmuyN0tjoajXCr 4ABfKLqMnayTaIojWKsfBRnt4HJswWIHTuSfY+FwC5ONNn50ih6kZqICSjIP48kF Qqb53Us4tJ/vMhxkgWdP6fj2qY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzklD7 g8Q212M8OHGbvsySnoifZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTBiZDcyYmEtYjMwZC00NDMzLWE0N2UtZTA1NDNhNGVhNDUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTg MA0GCSqGSIb3DQEBCwUAA4IBAQDGWt7bfy/954RZXriltpy/myr22GEaePQoWGuF irXo/enLLE1nR6jIPQRgojeQMkM4iXbccBOi/nsL8BycGZ1TlsQ2mIUtx8N6qfx6 DF1sRL+O2cKWYytidie3/V6EktP1u3fZ2gy0zlz++b1L1t6Q7M8T78fBsJrduAT0 s1zWYOzW5yhAvnEdyBVYC0hnOWtnNtzmGnLAlUmxIcXL5m6P9CC5z+ZCnrzId4im OR3NH2WTOKDu9ZZbh2Oe2UqCAusKLujPiPKqj3Dqi78DT6lIpxx1t2t2LeEfhNIv /HxgQjS90rumEXjNTq7bqjgDNALIdgJ/sZ5/UYTPo4/wO//t -----END CERTIFICATE-----Generated at Sun Dec 14 00:43:05 2025 by rpki-client