This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json) Hash identifier: umn70idrPFNZZ67qmg6EhCuSTtIsvKPCd+ZHonhRZ0c= Subject key identifier: F8:AD:D5:31:6F:04:7A:05:42:EA:2F:CA:31:9B:DA:AF:68:05:25:4E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7F2985DD24B9BE2D7FF5FC31F8D2708706011B41 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa Signing time: Wed 10 Dec 2025 06:21:01 +0000 ROA not before: Wed 10 Dec 2025 06:21:01 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:29:85:dd:24:b9:be:2d:7f:f5:fc:31:f8:d2:70:87:06:01:1b:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:01 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=bb589c6022acdca8aded502eb51a24201c8b3553e31531b34acd50aae77562ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:3f:60:37:ff:44:87:75:fe:c1:c0:00:f6:12: 17:14:a6:c2:4e:43:8d:8d:e2:e9:53:b3:94:41:e5: b9:c1:80:fd:07:e0:16:a8:1f:29:8e:21:ce:09:cb: e5:0d:66:d5:6a:63:83:92:36:7c:d8:23:e5:0d:70: 91:bc:ed:fe:aa:40:45:ef:88:c8:47:ba:fa:49:86: fe:3a:ec:93:22:4d:94:87:db:76:f4:80:7e:0e:01: f1:3e:29:80:d7:c0:e1:a8:e5:33:fa:90:d7:3f:1e: 9f:c9:cd:10:62:17:86:e6:bd:83:ed:27:dd:59:c5: 12:dd:30:74:24:e3:7d:22:62:36:38:c1:74:de:5a: cc:3a:81:91:62:4e:2d:40:b9:d0:99:ce:20:87:53: a1:b4:87:4b:58:19:66:52:8b:48:7a:0f:28:ac:13: e1:fc:1f:82:0c:bf:ba:a3:de:ba:41:40:9a:5b:98: ba:ba:5e:25:0a:28:67:0f:a5:ce:d2:ab:b6:02:ee: 24:61:24:b3:54:de:5f:e4:e5:2d:fb:51:2a:72:a1: 1e:71:e0:96:68:fa:fd:5e:eb:82:c6:a8:c7:f3:90: 1b:40:fc:ea:bd:6a:fc:e2:c6:8f:17:f1:d7:a5:b8: 3b:75:58:72:a5:20:cc:93:ba:c3:a0:d4:88:6a:5e: 3a:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:AD:D5:31:6F:04:7A:05:42:EA:2F:CA:31:9B:DA:AF:68:05:25:4E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:1000::/40 Signature Algorithm: sha256WithRSAEncryption a3:ad:c5:ef:72:68:0f:f5:c6:ad:6b:43:12:a6:ca:04:bc:6e: 23:51:89:e7:ee:cd:c8:e4:7e:61:9e:04:81:96:8f:b6:9d:6c: 48:83:3a:2e:5c:eb:67:36:e8:02:78:1d:d4:2c:aa:84:3d:05: bf:b2:28:5c:2a:e0:6a:8f:40:01:b3:40:07:60:85:15:57:f5: 91:30:a7:c9:bc:32:41:3f:02:f1:db:26:58:c1:89:47:45:f8: ec:17:02:85:2c:38:b1:d5:48:13:f9:c4:98:4e:8f:8d:97:78: 12:65:14:ae:c8:90:3b:42:89:05:2c:89:90:aa:bc:e8:7f:9e: 28:18:b6:f7:a0:ac:ff:c8:3d:89:b8:81:e5:c3:41:66:40:41: b7:9c:7e:9c:33:f5:f1:03:b7:78:6d:fe:96:68:c3:d5:75:49: 86:51:d1:cc:73:4f:58:5d:50:8d:c4:a7:82:7c:30:3d:1f:33: 31:d7:81:44:86:25:8e:9b:05:14:0f:b3:ca:56:6c:56:87:a8: c2:22:3a:5f:20:30:6d:ae:a5:c8:8d:ba:90:50:ac:a1:2d:56: a8:e7:12:84:d9:2f:95:2c:38:3c:32:93:9d:7b:d0:d6:a8:e2: 46:d9:e5:d9:c6:cf:df:17:63:ac:45:d3:10:91:2e:c7:24:79: a8:e0:fa:c3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfymF3SS5vi1/9fwx+NJwhwYBG0EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJiNTg5YzYwMjJhY2RjYThhZGVkNTAyZWI1MWEyNDIwMWM4YjM1NTNlMzE1 MzFiMzRhY2Q1MGFhZTc3NTYyY2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI4/YDf/RId1/sHAAPYSFxSmwk5DjY3i6VOzlEHlucGA/QfgFqgfKY4hzgnL 5Q1m1Wpjg5I2fNgj5Q1wkbzt/qpARe+IyEe6+kmG/jrskyJNlIfbdvSAfg4B8T4p gNfA4ajlM/qQ1z8en8nNEGIXhua9g+0n3VnFEt0wdCTjfSJiNjjBdN5azDqBkWJO LUC50JnOIIdTobSHS1gZZlKLSHoPKKwT4fwfggy/uqPeukFAmluYurpeJQooZw+l ztKrtgLuJGEks1TeX+TlLftRKnKhHnHglmj6/V7rgsaox/OQG0D86r1q/OLGjxfx 16W4O3VYcqUgzJO6w6DUiGpeOn0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4rdUx bwR6BULqL8oxm9qvaAUlTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ MA0GCSqGSIb3DQEBCwUAA4IBAQCjrcXvcmgP9cata0MSpsoEvG4jUYnn7s3I5H5h ngSBlo+2nWxIgzouXOtnNugCeB3ULKqEPQW/sihcKuBqj0ABs0AHYIUVV/WRMKfJ vDJBPwLx2yZYwYlHRfjsFwKFLDix1UgT+cSYTo+Nl3gSZRSuyJA7QokFLImQqrzo f54oGLb3oKz/yD2JuIHlw0FmQEG3nH6cM/XxA7d4bf6WaMPVdUmGUdHMc09YXVCN xKeCfDA9HzMx14FEhiWOmwUUD7PKVmxWh6jCIjpfIDBtrqXIjbqQUKyhLVao5xKE 2S+VLDg8MpOde9DWqOJG2eXZxs/fF2OsRdMQkS7HJHmo4PrD -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:55 2026 by rpki-client