This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa File: a6c61029-f559-411c-89fd-a1970cac6bc1.roa (raw, json) Hash identifier: whWms26jmrqkqAp11RnwieB3y/SykFFfgwq7W3v7NAs= Subject key identifier: 27:22:3E:3C:D9:CC:5D:F1:61:28:AB:32:29:AA:B7:62:37:82:31:CF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 70448BA3A167DD9260724EA557C3D07B6019CDF1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa Signing time: Wed 10 Dec 2025 06:20:06 +0000 ROA not before: Wed 10 Dec 2025 06:20:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d036:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:44:8b:a3:a1:67:dd:92:60:72:4e:a5:57:c3:d0:7b:60:19:cd:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c99248b3cef7c2c7352e6c217175fd5e1519272c62635374143c3b200e315abf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:86:cb:2d:0f:d9:17:71:cc:d5:3e:01:11:9a: 5e:cf:62:6c:b6:6b:0d:52:39:47:1d:ca:c3:d4:d2: 07:f3:e2:81:99:05:fb:f2:b6:02:e2:3e:65:c8:3c: b6:36:75:62:91:3a:8a:37:a7:52:0e:3d:05:f8:5e: 44:59:62:bd:b3:a0:95:66:90:de:4d:7e:04:e4:ee: fd:3b:df:c7:fd:3f:1d:f3:b1:32:94:ee:64:d4:79: 77:bd:fc:51:c5:2b:06:c9:59:86:cb:4d:3c:72:4f: e9:94:2a:ec:ac:65:6a:9b:9f:46:16:15:a8:c0:77: 8b:01:f8:b2:11:4a:0d:a4:ab:f4:8f:fd:3a:d1:1a: b7:df:cb:51:d5:e5:ff:cc:e4:f0:40:73:cf:7e:7a: 4e:d4:ae:00:ad:13:9f:36:c1:49:d2:54:6b:56:30: 11:1d:90:9c:a6:b6:8d:f7:99:51:7f:7d:20:27:54: e5:73:69:8b:a6:ba:0f:8d:64:ad:31:71:4f:e4:06: 5c:d0:74:43:e3:05:2f:75:40:e5:ff:75:4d:2e:7f: 63:c5:4f:9b:5e:1a:f7:77:c0:69:05:ca:be:97:af: 32:e4:20:91:3b:45:7f:4f:02:2b:a5:44:df:bb:23: c9:69:cd:ae:4d:85:39:b3:58:81:21:29:85:75:46: ac:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:22:3E:3C:D9:CC:5D:F1:61:28:AB:32:29:AA:B7:62:37:82:31:CF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d036:9000::/40 Signature Algorithm: sha256WithRSAEncryption 23:b2:21:32:a9:5d:53:55:5a:be:cb:db:8c:d4:42:c8:11:00: ac:8c:55:09:ee:8e:e1:0e:1c:02:7c:c6:0c:3e:cb:18:2d:72: 88:8f:4b:ab:03:76:1a:50:49:4e:32:20:1c:16:66:02:67:2f: 5a:1f:07:63:1b:02:58:d0:b8:84:30:63:7d:cb:81:77:e2:63: dd:3e:de:47:8b:ea:fa:c6:44:d8:b5:3c:66:51:db:61:69:85: 44:15:2c:2c:ce:70:6f:ed:6c:98:d0:51:84:61:e1:73:81:5d: 39:35:16:f5:df:ef:6a:2f:1d:64:a7:59:45:3b:de:b1:b5:9e: f2:b9:08:4e:08:42:22:25:e9:06:7a:bb:59:bf:f2:31:e1:b0: 23:ec:aa:93:c6:a0:81:12:cc:22:88:6e:48:f7:c3:81:4e:be: 27:60:f8:33:cd:46:1b:98:b4:4f:2c:71:eb:53:ca:7e:c9:62: 31:04:49:a7:fb:57:1c:87:7f:0b:74:07:64:36:09:02:1d:8e: 75:f0:64:61:31:bb:ca:b9:6e:4c:ff:9a:f3:42:e9:96:37:ec: 54:27:fc:17:f4:d6:92:6e:d9:43:11:d2:a8:41:80:f7:49:83: de:7e:c2:4c:ca:01:88:1e:c7:d0:1c:2b:39:b3:49:d7:01:10: 8e:ed:d3:a2 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUcESLo6Fn3ZJgck6lV8PQe2AZzfEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM5OTI0OGIzY2VmN2MyYzczNTJlNmMyMTcxNzVmZDVlMTUxOTI3MmM2MjYz NTM3NDE0M2MzYjIwMGUzMTVhYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOSGyy0P2RdxzNU+ARGaXs9ibLZrDVI5Rx3Kw9TSB/PigZkF+/K2AuI+Zcg8 tjZ1YpE6ijenUg49BfheRFlivbOglWaQ3k1+BOTu/Tvfx/0/HfOxMpTuZNR5d738 UcUrBslZhstNPHJP6ZQq7KxlapufRhYVqMB3iwH4shFKDaSr9I/9OtEat9/LUdXl /8zk8EBzz356TtSuAK0TnzbBSdJUa1YwER2QnKa2jfeZUX99ICdU5XNpi6a6D41k rTFxT+QGXNB0Q+MFL3VA5f91TS5/Y8VPm14a93fAaQXKvpevMuQgkTtFf08CK6VE 37sjyWnNrk2FObNYgSEphXVGrH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQnIj48 2cxd8WEoqzIpqrdiN4IxzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTZjNjEwMjktZjU1OS00MTFjLTg5ZmQtYTE5NzBjYWM2YmMxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaQ MA0GCSqGSIb3DQEBCwUAA4IBAQAjsiEyqV1TVVq+y9uM1ELIEQCsjFUJ7o7hDhwC fMYMPssYLXKIj0urA3YaUElOMiAcFmYCZy9aHwdjGwJY0LiEMGN9y4F34mPdPt5H i+r6xkTYtTxmUdthaYVEFSwsznBv7WyY0FGEYeFzgV05NRb13+9qLx1kp1lFO96x tZ7yuQhOCEIiJekGertZv/Ix4bAj7KqTxqCBEswiiG5I98OBTr4nYPgzzUYbmLRP LHHrU8p+yWIxBEmn+1cch38LdAdkNgkCHY518GRhMbvKuW5M/5rzQumWN+xUJ/wX 9NaSbtlDEdKoQYD3SYPefsJMygGIHsfQHCs5s0nXARCO7dOi -----END CERTIFICATE-----Generated at Fri Jan 2 10:59:55 2026 by rpki-client