This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json) Hash identifier: 21h4maiwxoiAwggK15AZzIkX0odHLzLzbiNriMgd7uQ= Subject key identifier: 4F:35:B4:A2:86:76:E6:C3:7C:1A:F8:31:7C:4B:6B:B1:A9:F6:69:63 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6D4AAEC5BAB80B558A679FF49E90145CF12AF174 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa Signing time: Wed 10 Dec 2025 06:11:05 +0000 ROA not before: Wed 10 Dec 2025 06:11:05 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:4a:ae:c5:ba:b8:0b:55:8a:67:9f:f4:9e:90:14:5c:f1:2a:f1:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:05 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9ac3d6d18a21d1f865110632b0302a77dfc5d28c8c11852dd6b1cfcf7179129d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:f7:24:70:2f:cb:e4:2a:d2:0c:3d:5b:3d:c2: b4:62:1a:5f:10:11:7d:0a:66:9c:2b:ac:c9:ba:57: 13:89:a4:90:13:aa:f0:9b:f2:f6:4f:b2:4c:28:db: 89:21:75:9e:f3:70:5e:f4:16:41:59:13:f0:b0:fb: 94:85:d4:34:c1:e4:e4:5b:e2:98:f1:11:e1:85:24: 58:64:b6:fa:10:b6:67:b3:0e:21:29:ff:3e:85:68: d7:63:61:6f:c7:d1:e8:09:f8:e8:44:0d:d3:36:38: 20:d1:ff:9d:6a:7a:0c:bd:46:71:26:ea:15:d9:86: a7:67:6c:0e:9a:a8:3a:38:b9:74:a3:90:70:5f:d5: 5b:ff:41:31:96:86:a2:1b:2d:00:69:89:0e:1e:23: 14:8c:b5:a4:f5:63:6b:5a:93:38:88:95:6f:e6:09: e5:a1:f2:77:06:59:b5:4b:9d:3a:1e:16:85:d5:53: 0d:a4:b5:62:ee:7f:9c:4a:3f:7b:52:7f:2f:5f:ff: fb:37:11:5c:99:77:e3:60:b9:a9:1e:76:9a:f9:5f: 71:3e:94:eb:96:14:79:e9:54:f3:fd:8c:98:0f:76: 3b:1e:37:e3:59:aa:d9:60:79:74:b9:86:3c:4e:f9: bf:17:1a:0c:fc:9d:10:4d:12:43:6e:46:02:25:a9: 12:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:35:B4:A2:86:76:E6:C3:7C:1A:F8:31:7C:4B:6B:B1:A9:F6:69:63 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:6080::/48 Signature Algorithm: sha256WithRSAEncryption 8c:30:e6:d3:1c:3d:d7:53:e3:58:6a:7f:b4:a6:c1:cf:e6:94: 21:b3:36:68:eb:2c:6c:68:4d:99:61:50:3e:32:a3:9b:1b:91: e0:a2:b7:57:01:60:c8:ef:3a:2f:70:25:35:c8:10:fa:75:25: 8e:10:d8:21:10:89:66:3f:66:cf:51:de:93:77:e2:68:e7:1c: 8d:50:99:4a:99:d1:15:ff:68:32:bf:43:3c:64:e9:d9:72:e0: 25:67:3c:d0:20:77:49:9c:10:e5:22:a8:f9:18:36:7b:47:10: 02:19:4d:02:32:84:97:be:4d:1d:8b:dd:0b:33:1f:01:a8:2c: 31:a7:36:2b:d3:04:4c:e7:1b:eb:16:02:c0:61:20:c7:0b:0f: 81:96:ee:8f:6e:0a:c7:d7:e3:ab:ec:88:7e:fa:3b:18:f4:f5: 18:cb:84:18:42:4d:d3:fa:6c:d3:48:a4:de:a7:bb:ea:8e:b0: 72:57:eb:2d:64:be:2c:fc:c9:f2:8c:4a:0e:97:d8:f6:00:ae: de:3b:be:3f:79:f3:8b:06:0c:5a:39:66:f2:1e:e0:cc:fe:4e: 31:d3:37:ec:45:30:6e:8e:4b:c9:c7:8d:6a:a7:ce:8a:bb:7e: 4a:e7:2a:45:9a:18:64:99:52:2f:0b:62:c8:4e:73:fa:6a:36: e4:58:55:fe -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUbUquxbq4C1WKZ5/0npAUXPEq8XQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDlhYzNkNmQxOGEyMWQxZjg2NTExMDYzMmIwMzAyYTc3ZGZjNWQyOGM4YzEx ODUyZGQ2YjFjZmNmNzE3OTEyOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN73JHAvy+Qq0gw9Wz3CtGIaXxARfQpmnCusybpXE4mkkBOq8Jvy9k+yTCjb iSF1nvNwXvQWQVkT8LD7lIXUNMHk5FvimPER4YUkWGS2+hC2Z7MOISn/PoVo12Nh b8fR6An46EQN0zY4INH/nWp6DL1GcSbqFdmGp2dsDpqoOji5dKOQcF/VW/9BMZaG ohstAGmJDh4jFIy1pPVja1qTOIiVb+YJ5aHydwZZtUudOh4WhdVTDaS1Yu5/nEo/ e1J/L1//+zcRXJl342C5qR52mvlfcT6U65YUeelU8/2MmA92Ox4341mq2WB5dLmG PE75vxcaDPydEE0SQ25GAiWpEoMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRPNbSi hnbmw3wa+DF8S2uxqfZpYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg gDANBgkqhkiG9w0BAQsFAAOCAQEAjDDm0xw911PjWGp/tKbBz+aUIbM2aOssbGhN mWFQPjKjmxuR4KK3VwFgyO86L3AlNcgQ+nUljhDYIRCJZj9mz1Hek3fiaOccjVCZ SpnRFf9oMr9DPGTp2XLgJWc80CB3SZwQ5SKo+Rg2e0cQAhlNAjKEl75NHYvdCzMf AagsMac2K9METOcb6xYCwGEgxwsPgZbuj24Kx9fjq+yIfvo7GPT1GMuEGEJN0/ps 00ik3qe76o6wclfrLWS+LPzJ8oxKDpfY9gCu3ju+P3nziwYMWjlm8h7gzP5OMdM3 7EUwbo5LyceNaqfOirt+SucqRZoYZJlSLwtiyE5z+mo25FhV/g== -----END CERTIFICATE-----Generated at Mon Dec 15 19:49:13 2025 by rpki-client