This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa File: a96d9971-6d4e-47a3-9408-d633699b643b.roa (raw, json) Hash identifier: fmvBTHwbdFDHMxqrU87eCx53Ut31kTyD1lYPHcf0mRM= Subject key identifier: D9:FB:5C:D3:0C:D2:EC:44:EE:CF:36:47:C4:C2:A1:48:D5:75:10:C8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 51042564626B2A8D3737354CF4A95AAD7149DC9C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa Signing time: Wed 10 Dec 2025 05:31:26 +0000 ROA not before: Wed 10 Dec 2025 05:31:26 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07e:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:04:25:64:62:6b:2a:8d:37:37:35:4c:f4:a9:5a:ad:71:49:dc:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:26 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d2b1ecd66e67cc4057fa7213817e31b446db07491297224a2b11dc21f5f7c2c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ce:a2:7e:2e:f7:94:f2:e0:19:ad:21:54:02: 94:2c:f5:5e:ab:65:34:81:93:26:c5:78:fe:61:27: 60:60:22:41:2f:9f:ae:9a:f5:d6:f3:cf:69:42:43: 97:ed:a4:b3:6d:e1:e1:50:a2:e0:fe:c1:71:b7:ac: 3d:41:c8:a7:de:c5:5e:4e:1f:5a:a0:da:98:14:71: 93:da:1f:5c:e1:61:6f:f9:4d:bc:59:6c:3f:02:b4: a2:1e:2d:90:f1:3d:b9:9c:42:87:36:1e:ed:96:20: a5:69:92:2a:e6:6d:00:74:c2:f9:82:16:19:d8:95: 41:43:27:0b:e0:f9:96:93:6b:62:b3:32:b8:00:f4: 49:27:2a:ef:4d:88:46:4c:82:29:70:ba:0d:61:fa: 1a:bd:c8:9b:a8:4f:ea:64:4a:33:7b:28:bf:5f:4a: 6a:96:1b:7b:59:0a:d5:b2:8b:9d:66:fb:cd:52:62: 1b:30:54:8c:3a:90:73:52:9f:e4:9d:2d:ae:56:28: f7:fe:5d:4c:32:bc:02:c4:36:81:c4:44:b8:be:b0: e3:77:ca:dc:67:a7:1a:6c:5c:5c:90:27:56:7b:49: 98:94:cc:38:f5:b9:42:0e:25:b4:16:d8:27:30:51: c1:f6:51:07:3d:c9:12:73:d3:b6:12:22:2f:c1:f5: 91:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:FB:5C:D3:0C:D2:EC:44:EE:CF:36:47:C4:C2:A1:48:D5:75:10:C8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07e:2000::/40 Signature Algorithm: sha256WithRSAEncryption ba:c2:f1:2c:4f:be:b7:1a:be:b1:59:a7:c8:8e:12:86:70:6f: 91:29:ce:1d:c4:9e:d8:ad:4c:c8:25:1d:41:61:0f:c4:61:b4: 11:ef:fa:c2:de:a0:82:cc:8d:d0:81:21:42:de:56:75:d6:74: 28:85:e3:22:b4:37:5a:f5:d7:51:3c:2f:da:58:69:d7:00:ac: 8a:9b:4a:13:5f:35:be:a1:5b:7c:4e:d5:f4:88:f8:14:55:66: 7f:bb:f5:77:07:87:94:bc:80:3a:91:d7:b8:ef:ac:0b:7d:26: b4:d9:e2:73:7e:d1:96:20:4e:8c:67:cb:e9:3d:3c:ff:9f:ee: 93:d1:90:41:d2:92:7f:10:b4:48:38:ff:95:14:98:47:79:57: a2:aa:7c:43:3f:eb:dc:e0:c3:f6:bb:7a:ae:10:d5:bc:17:26: 69:fb:5d:5c:fa:8b:48:77:4e:d8:40:42:b2:8e:a9:65:d0:ac: 81:39:d9:d5:a9:3e:81:dd:51:1e:3a:ae:ee:6d:04:1a:b9:54: 22:f8:27:1e:d3:e1:e5:9d:9f:84:b0:a3:43:3b:63:25:cf:8c: c3:03:2a:fa:7c:23:25:e3:a4:bb:52:4e:ac:fe:9a:0a:b7:db: 5b:80:d2:8d:fc:54:aa:40:6f:a8:f8:76:65:05:91:eb:fa:06: 26:aa:f3:82 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUUQQlZGJrKo03NzVM9KlarXFJ3JwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMjZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQyYjFlY2Q2NmU2N2NjNDA1N2ZhNzIxMzgxN2UzMWI0NDZkYjA3NDkxMjk3 MjI0YTJiMTFkYzIxZjVmN2MyYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnOon4u95Ty4BmtIVQClCz1XqtlNIGTJsV4/mEnYGAiQS+frpr11vPPaUJD l+2ks23h4VCi4P7BcbesPUHIp97FXk4fWqDamBRxk9ofXOFhb/lNvFlsPwK0oh4t kPE9uZxChzYe7ZYgpWmSKuZtAHTC+YIWGdiVQUMnC+D5lpNrYrMyuAD0SScq702I RkyCKXC6DWH6Gr3Im6hP6mRKM3sov19KapYbe1kK1bKLnWb7zVJiGzBUjDqQc1Kf 5J0trlYo9/5dTDK8AsQ2gcREuL6w43fK3GenGmxcXJAnVntJmJTMOPW5Qg4ltBbY JzBRwfZRBz3JEnPTthIiL8H1kQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZ+1zT DNLsRO7PNkfEwqFI1XUQyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTk2ZDk5NzEtNmQ0ZS00N2EzLTk0MDgtZDYzMzY5OWI2NDNiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4g MA0GCSqGSIb3DQEBCwUAA4IBAQC6wvEsT763Gr6xWafIjhKGcG+RKc4dxJ7YrUzI JR1BYQ/EYbQR7/rC3qCCzI3QgSFC3lZ11nQoheMitDda9ddRPC/aWGnXAKyKm0oT XzW+oVt8TtX0iPgUVWZ/u/V3B4eUvIA6kde476wLfSa02eJzftGWIE6MZ8vpPTz/ n+6T0ZBB0pJ/ELRIOP+VFJhHeVeiqnxDP+vc4MP2u3quENW8FyZp+11c+otId07Y QEKyjqll0KyBOdnVqT6B3VEeOq7ubQQauVQi+Cce0+HlnZ+EsKNDO2Mlz4zDAyr6 fCMl46S7Uk6s/poKt9tbgNKN/FSqQG+o+HZlBZHr+gYmqvOC -----END CERTIFICATE-----Generated at Sun Dec 14 03:41:22 2025 by rpki-client