This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa File: d84b5798-b167-465e-8272-054986363200.roa (raw, json) Hash identifier: do5hG/g6koTGl3i9SFjCPpI0sEZPEARvtvMxmrc+Y0s= Subject key identifier: 4F:08:EA:3F:E8:73:E4:3B:63:BD:7D:B6:DE:CC:F5:DF:79:A2:7D:6E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1D8A6963DBFC525F48CE8B0405E917461C5DEB5E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa Signing time: Wed 10 Dec 2025 06:20:07 +0000 ROA not before: Wed 10 Dec 2025 06:20:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:8a:69:63:db:fc:52:5f:48:ce:8b:04:05:e9:17:46:1c:5d:eb:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2117d5d8cf77ab49218a515866249c735506bce9d806d1d7b4daa91ad9e43ab5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:be:a1:fc:d9:40:a0:02:0a:2b:b5:67:cd:99: 9d:db:68:aa:ad:46:99:55:85:80:b1:7b:3d:ef:e8: 9e:d9:ed:36:e1:46:8c:42:c6:44:54:45:e7:71:a2: 35:47:69:41:a6:56:f7:b5:a6:2f:76:76:07:bc:6c: 6a:ad:c3:32:8e:05:04:9f:85:b5:4c:71:d9:36:89: 65:85:ae:69:a6:de:a2:ba:a2:64:c1:3b:52:ac:65: 3d:e6:4b:a2:1e:7d:3d:b7:d9:a9:2e:87:12:8d:58: e5:72:08:47:c3:59:67:36:e9:50:93:b9:e5:e1:7e: 79:a8:c1:03:3c:e8:d5:b4:3b:5f:9d:0c:59:cf:36: 35:30:46:c3:81:4e:93:cf:34:84:5e:42:f4:18:93: 23:63:fd:95:95:35:ec:29:dd:96:95:d3:98:aa:6c: 06:95:a6:90:f6:94:da:45:99:0c:0c:b6:79:2c:8f: 81:b5:6c:d7:02:8f:92:b0:48:66:57:8f:ec:ec:15: 90:c3:c5:1e:f3:c5:de:46:58:0c:29:2c:6c:85:2a: ac:5f:68:1f:25:4f:3d:13:a3:53:f4:ea:e7:94:80: 28:9a:2e:74:9b:be:25:88:96:5e:dc:4e:ee:0a:bc: 19:00:cf:50:83:31:f1:67:b3:e1:f1:05:9a:9e:3b: 86:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:08:EA:3F:E8:73:E4:3B:63:BD:7D:B6:DE:CC:F5:DF:79:A2:7D:6E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 4e:92:27:07:ce:04:f2:c1:9d:cc:6e:9e:fb:47:3e:a0:5e:74: 41:63:44:21:64:40:33:36:8b:ba:69:e6:1c:9e:16:45:98:b5: 38:83:89:60:ca:26:06:5a:7c:fa:39:5f:c2:aa:3f:8a:c1:bc: 5c:5e:d5:16:7f:d9:63:90:b2:35:0c:5c:64:51:9c:e3:8a:6c: d0:a0:dd:2c:a1:90:a5:f8:02:58:ad:78:a3:40:eb:bc:eb:0f: 4d:e2:3f:85:8b:4d:db:99:63:8a:6b:7a:a2:dd:c1:39:b4:ba: 06:4b:d6:bf:b6:28:db:78:4d:29:83:c1:b4:26:07:7c:91:50: a4:32:72:49:a5:14:07:d7:b8:f9:38:21:c2:48:0f:d1:38:48: a0:91:96:79:f0:9a:dc:98:c0:27:86:ef:ec:f6:8d:7d:af:2b: 90:f6:16:4e:f5:be:b5:97:ec:f4:20:88:42:e4:0f:85:d7:6b: 4c:08:1a:76:a6:14:ca:43:7d:12:a2:d6:97:71:20:bb:fa:38: fb:fb:02:9a:9e:4b:0c:75:ab:6c:91:6f:cb:32:2c:5f:3b:65: 9f:9b:41:b5:ed:76:a3:91:b6:75:42:4a:c6:91:6c:cf:36:7d: 8e:31:cf:ac:c2:96:88:6b:b8:c9:3e:9b:72:41:4d:d1:52:9b: 66:00:dd:3e -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUHYppY9v8Ul9IzosEBekXRhxd614wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIxMTdkNWQ4Y2Y3N2FiNDkyMThhNTE1ODY2MjQ5YzczNTUwNmJjZTlkODA2 ZDFkN2I0ZGFhOTFhZDllNDNhYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK2+ofzZQKACCiu1Z82Zndtoqq1GmVWFgLF7Pe/ontntNuFGjELGRFRF53Gi NUdpQaZW97WmL3Z2B7xsaq3DMo4FBJ+FtUxx2TaJZYWuaabeorqiZME7UqxlPeZL oh59PbfZqS6HEo1Y5XIIR8NZZzbpUJO55eF+eajBAzzo1bQ7X50MWc82NTBGw4FO k880hF5C9BiTI2P9lZU17CndlpXTmKpsBpWmkPaU2kWZDAy2eSyPgbVs1wKPkrBI ZleP7OwVkMPFHvPF3kZYDCksbIUqrF9oHyVPPROjU/Tq55SAKJoudJu+JYiWXtxO 7gq8GQDPUIMx8Wez4fEFmp47hp0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRPCOo/ 6HPkO2O9fbbezPXfeaJ9bjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA wDANBgkqhkiG9w0BAQsFAAOCAQEATpInB84E8sGdzG6e+0c+oF50QWNEIWRAMzaL umnmHJ4WRZi1OIOJYMomBlp8+jlfwqo/isG8XF7VFn/ZY5CyNQxcZFGc44ps0KDd LKGQpfgCWK14o0DrvOsPTeI/hYtN25ljimt6ot3BObS6BkvWv7Yo23hNKYPBtCYH fJFQpDJySaUUB9e4+TghwkgP0ThIoJGWefCa3JjAJ4bv7PaNfa8rkPYWTvW+tZfs 9CCIQuQPhddrTAgadqYUykN9EqLWl3Egu/o4+/sCmp5LDHWrbJFvyzIsXztln5tB te12o5G2dUJKxpFszzZ9jjHPrMKWiGu4yT6bckFN0VKbZgDdPg== -----END CERTIFICATE-----Generated at Fri Jan 2 10:58:29 2026 by rpki-client