This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa File: 9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa (raw, json) Hash identifier: o+45PbicWEEMspiABnkycPSjGUViAYqs0jo2b46SxAg= Subject key identifier: F4:90:7A:BD:C5:3B:BB:11:C1:77:9C:6F:94:1A:F2:17:A3:BC:AA:9F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 327D9975C34D6B65F0E3B47C670FC8955F56C6C2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa Signing time: Wed 10 Dec 2025 06:30:41 +0000 ROA not before: Wed 10 Dec 2025 06:30:41 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d011::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:7d:99:75:c3:4d:6b:65:f0:e3:b4:7c:67:0f:c8:95:5f:56:c6:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:41 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=976aa2bf5488d92eb2eca8ae2981fca8b4b30ff5cc0c2f8ea3b14eb1829047b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:64:ea:6a:2d:f8:f3:07:fa:21:fc:d4:fa:2c: 23:4c:26:64:4e:e3:e5:9a:ec:ad:93:e8:c4:cf:1d: 56:47:03:8c:90:89:60:1f:c9:4e:8f:c0:fe:60:46: 0f:a4:a6:9d:e5:6a:f4:20:2a:2b:bd:e3:f1:d3:79: bd:98:43:7b:fa:cc:58:0a:aa:44:6d:79:0b:52:00: 3e:f9:fe:57:a2:56:ac:fe:80:62:51:8f:ba:22:66: 97:77:14:74:00:d9:7b:8b:dc:5d:3f:64:87:ae:1d: 87:36:b2:9f:1c:10:9f:53:f2:5f:8c:19:8c:05:41: 9d:b8:1d:bf:87:dc:68:12:c2:60:af:78:01:6c:5c: a5:cd:7a:51:51:9a:6f:a6:4e:75:aa:8f:31:e5:90: 4a:fe:a4:52:6a:0e:bf:3b:bd:0b:c6:c3:4c:14:68: 58:8b:12:b0:ba:94:59:fd:e7:78:f7:2d:ab:0c:49: 14:c5:72:e1:b8:e6:af:3f:ca:09:eb:73:6c:60:7f: 75:4c:70:46:70:01:37:41:17:c5:11:e8:38:73:8d: 48:a1:63:c7:a1:fa:b2:5e:2e:a6:d3:23:7e:1c:9b: 6e:2f:e6:97:56:3a:c5:d2:1e:fb:f7:8e:f2:50:53: de:dd:7c:27:a1:0a:e9:e4:74:af:0a:be:60:2e:e5: 9d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:90:7A:BD:C5:3B:BB:11:C1:77:9C:6F:94:1A:F2:17:A3:BC:AA:9F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d011::/36 Signature Algorithm: sha256WithRSAEncryption 98:a3:ba:47:57:f9:b2:08:31:ed:6e:a5:6b:ab:cf:78:9e:66: 2d:df:3b:d0:b1:e1:00:e9:e7:c4:81:0d:32:21:da:61:cf:69: 18:06:29:9f:b1:a7:0d:7f:98:d5:ca:80:14:d2:61:47:89:93: e1:9d:ce:fc:79:e3:58:41:99:e1:b5:fb:8f:9c:50:ca:6e:29: 68:ad:85:e7:71:da:ec:87:8c:60:d7:2e:84:eb:e0:f6:53:04: cd:d7:bc:ff:60:6f:40:eb:bf:0d:0a:de:a3:80:a1:99:94:55: cf:d9:f6:da:ec:a5:f6:b1:e1:ea:eb:3d:cc:28:a0:c4:34:c5: c1:85:37:80:4f:d5:65:36:96:e0:da:4d:f8:29:c0:eb:48:24: 99:84:84:64:cc:7b:3b:48:06:bc:97:27:1f:9d:84:ee:91:7f: ad:e1:c1:8f:cc:9c:da:0f:75:d3:d0:cf:e2:54:d7:71:05:db: d3:08:98:ce:3a:47:f1:d0:84:a8:c6:18:e9:45:4a:6d:dd:1f: 2f:c3:f6:1c:d4:e9:ce:92:96:9f:00:6b:17:16:f9:59:02:b3: 0a:56:76:f4:31:e2:d6:79:b8:1e:40:67:8f:56:86:58:f9:80: 3e:1d:01:f8:2a:27:49:c8:d2:fd:e6:30:9c:aa:5c:38:7a:c7: b6:2d:76:20 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMn2ZdcNNa2Xw47R8Zw/IlV9WxsIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDk3NmFhMmJmNTQ4OGQ5MmViMmVjYThhZTI5ODFmY2E4YjRiMzBmZjVjYzBj MmY4ZWEzYjE0ZWIxODI5MDQ3YjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALlk6mot+PMH+iH81PosI0wmZE7j5ZrsrZPoxM8dVkcDjJCJYB/JTo/A/mBG D6SmneVq9CAqK73j8dN5vZhDe/rMWAqqRG15C1IAPvn+V6JWrP6AYlGPuiJml3cU dADZe4vcXT9kh64dhzaynxwQn1PyX4wZjAVBnbgdv4fcaBLCYK94AWxcpc16UVGa b6ZOdaqPMeWQSv6kUmoOvzu9C8bDTBRoWIsSsLqUWf3nePctqwxJFMVy4bjmrz/K CetzbGB/dUxwRnABN0EXxRHoOHONSKFjx6H6sl4uptMjfhybbi/ml1Y6xdIe+/eO 8lBT3t18J6EK6eR0rwq+YC7lnYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0kHq9 xTu7EcF3nG+UGvIXo7yqnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWQ1ZmRjM2EtMWJmZC00Njc3LTllNTItYTEyYzg3Mjg1MmYyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BEA MA0GCSqGSIb3DQEBCwUAA4IBAQCYo7pHV/myCDHtbqVrq894nmYt3zvQseEA6efE gQ0yIdphz2kYBimfsacNf5jVyoAU0mFHiZPhnc78eeNYQZnhtfuPnFDKbilorYXn cdrsh4xg1y6E6+D2UwTN17z/YG9A678NCt6jgKGZlFXP2fba7KX2seHq6z3MKKDE NMXBhTeAT9VlNpbg2k34KcDrSCSZhIRkzHs7SAa8lycfnYTukX+t4cGPzJzaD3XT 0M/iVNdxBdvTCJjOOkfx0ISoxhjpRUpt3R8vw/Yc1OnOkpafAGsXFvlZArMKVnb0 MeLWebgeQGePVoZY+YA+HQH4KidJyNL95jCcqlw4ese2LXYg -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:53 2026 by rpki-client