This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json) Hash identifier: O/wA4jxE4eMXFDMouXH69XnsK8FDBwJoQ7t/Xt816OM= Subject key identifier: 54:3F:88:CB:BF:98:98:00:29:B2:79:84:0D:97:6B:E4:CD:B5:EE:6B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1742ABC0C5C0CBBB9D92F5D9741B8FCA7A49C194 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa Signing time: Wed 10 Dec 2025 06:01:22 +0000 ROA not before: Wed 10 Dec 2025 06:01:22 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:42:ab:c0:c5:c0:cb:bb:9d:92:f5:d9:74:1b:8f:ca:7a:49:c1:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:22 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=209790e66b6a5b6f17fa3394644680cb5f8595ce5a5b6b111ce65738dd3a837b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e6:16:7c:73:23:63:32:cf:e2:f6:2a:02:ff: 90:9c:e4:7c:7a:88:82:f4:e0:60:76:dc:69:d2:f7: 8b:06:a8:e3:53:a4:7b:25:71:45:e3:38:f7:e4:79: 6d:84:a6:de:72:df:bf:7e:3d:0c:6f:58:db:dd:5f: d8:10:9e:62:22:83:ee:5d:66:ef:ac:cc:e2:18:d9: ca:81:6f:10:f8:17:64:15:78:68:26:ec:8b:58:f0: 4f:bf:c6:01:98:8a:dd:0a:e7:b1:c4:b3:e5:86:b4: 48:45:10:f6:da:21:9c:f0:84:01:9c:ec:a8:7e:a0: e2:67:7a:f5:47:4c:a9:92:ed:f7:b6:73:ad:40:5e: 31:02:e6:dd:77:11:14:ec:c6:ad:4a:26:42:8b:58: 9a:fb:e9:8e:81:53:21:8a:0a:96:4f:d5:59:29:76: fc:73:43:ff:c8:bd:59:9a:ff:04:97:ea:52:ca:45: d7:d4:ae:e9:9f:9f:ba:8a:4e:9e:4f:13:8d:80:e7: b4:02:5b:d4:7d:86:d1:af:a4:98:6e:ae:47:b1:16: 1c:f4:ae:c1:17:83:8b:94:91:83:cb:20:34:ea:74: f4:d9:82:a3:d0:6e:bb:46:16:70:9e:19:a5:a1:32: e6:3e:1d:79:ab:6b:e8:6c:87:de:0a:4d:3e:8c:7b: 37:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:3F:88:CB:BF:98:98:00:29:B2:79:84:0D:97:6B:E4:CD:B5:EE:6B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:8000::/40 Signature Algorithm: sha256WithRSAEncryption af:c3:0c:37:2f:ae:83:2e:bd:96:c0:3d:75:ff:f6:a0:24:1e: 1f:77:8f:95:2e:3e:19:e3:66:09:20:6c:35:86:84:e2:57:7d: 99:3d:45:0f:38:1d:36:c1:f1:f5:aa:5b:d0:0d:02:d1:fa:07: 66:f4:65:95:57:7d:a9:38:e5:d6:ba:33:72:5e:2f:4f:f3:c8: 21:10:9a:d5:09:22:f5:c4:a1:a0:d0:cd:80:f3:ed:72:1d:d5: c4:43:3e:af:96:13:57:3d:34:f3:23:6b:26:fb:2c:75:91:97: 1c:6f:21:46:44:3a:2f:35:40:1e:c3:46:77:ad:f5:9e:88:47: 43:89:e1:c0:05:18:cb:7b:7c:19:ef:86:97:5b:3f:67:17:1d: 29:3e:54:d6:3b:76:81:4d:9e:ad:16:83:00:91:77:90:eb:04: f5:2b:d4:10:2e:0b:b9:07:e8:51:e6:ec:5b:69:53:1b:96:e4: be:20:e8:f2:f8:ba:54:f0:1a:cd:0c:ce:21:09:0f:f4:ab:c1: bd:6f:15:f8:36:c8:80:e7:5e:31:15:76:f3:36:fc:91:53:09: 9e:e0:93:0d:a9:a1:de:af:86:84:68:e4:6f:95:b5:0e:ef:7f: 79:4b:22:cb:29:cb:a8:87:f9:81:12:03:a3:f0:f3:65:ab:91: 53:b0:80:df -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUF0KrwMXAy7udkvXZdBuPynpJwZQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMjJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIwOTc5MGU2NmI2YTViNmYxN2ZhMzM5NDY0NDY4MGNiNWY4NTk1Y2U1YTVi NmIxMTFjZTY1NzM4ZGQzYTgzN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnmFnxzI2Myz+L2KgL/kJzkfHqIgvTgYHbcadL3iwao41OkeyVxReM49+R5 bYSm3nLfv349DG9Y291f2BCeYiKD7l1m76zM4hjZyoFvEPgXZBV4aCbsi1jwT7/G AZiK3QrnscSz5Ya0SEUQ9tohnPCEAZzsqH6g4md69UdMqZLt97ZzrUBeMQLm3XcR FOzGrUomQotYmvvpjoFTIYoKlk/VWSl2/HND/8i9WZr/BJfqUspF19Su6Z+fuopO nk8TjYDntAJb1H2G0a+kmG6uR7EWHPSuwReDi5SRg8sgNOp09NmCo9Buu0YWcJ4Z paEy5j4deatr6GyH3gpNPox7N1sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUP4jL v5iYACmyeYQNl2vkzbXuazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA MA0GCSqGSIb3DQEBCwUAA4IBAQCvwww3L66DLr2WwD11//agJB4fd4+VLj4Z42YJ IGw1hoTiV32ZPUUPOB02wfH1qlvQDQLR+gdm9GWVV32pOOXWujNyXi9P88ghEJrV CSL1xKGg0M2A8+1yHdXEQz6vlhNXPTTzI2sm+yx1kZccbyFGRDovNUAew0Z3rfWe iEdDieHABRjLe3wZ74aXWz9nFx0pPlTWO3aBTZ6tFoMAkXeQ6wT1K9QQLgu5B+hR 5uxbaVMbluS+IOjy+LpU8BrNDM4hCQ/0q8G9bxX4NsiA514xFXbzNvyRUwme4JMN qaHer4aEaORvlbUO7395SyLLKcuoh/mBEgOj8PNlq5FTsIDf -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:11 2025 by rpki-client