This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json) Hash identifier: czTvVNHQ6Z3e28iyDbeceaUHDrrgAJvnmMfymVFMaQQ= Subject key identifier: E8:B6:73:96:91:43:8D:CF:FE:D2:E7:4C:38:07:74:71:1A:C7:04:D7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 66E6A6639E8B7FEEAF118B9CBA764875BD7D5005 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa Signing time: Wed 10 Dec 2025 05:40:42 +0000 ROA not before: Wed 10 Dec 2025 05:40:42 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:e6:a6:63:9e:8b:7f:ee:af:11:8b:9c:ba:76:48:75:bd:7d:50:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:42 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=56129f0033f7ae2d8b13e2f85af0a25c8062158054da807045bee29cb8188d84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0a:d7:0f:71:4e:4c:16:c6:fe:bb:3f:28:16: 68:f7:d8:2c:61:06:ce:85:59:87:a1:9f:f6:5e:30: 9f:a0:8b:c1:c9:0a:78:83:bd:97:e4:b7:7d:8e:5b: a9:a6:01:aa:33:33:b6:f7:dd:ac:90:20:23:82:51: 91:e0:5e:6f:ba:52:06:b1:ae:3a:50:b7:24:31:f1: 1b:80:24:b2:3f:6e:b6:f1:e7:a8:77:f8:b9:7a:d0: 10:84:c9:3d:6a:86:dd:a0:1a:bb:1c:47:93:ff:35: 76:af:d2:ed:ce:51:9e:8a:54:04:45:b9:b8:4d:89: 0c:40:02:6a:cf:2b:10:f2:09:6b:fc:fc:a5:09:86: ee:2b:35:76:91:1a:8a:79:13:7d:25:24:f0:22:3d: df:73:7e:8b:75:ed:a8:d0:10:bf:15:ce:72:06:16: 26:2b:f2:34:10:25:69:2f:90:51:68:4d:f3:72:52: 26:b8:5a:e3:bb:89:1c:d6:0e:f8:c2:ae:99:f6:f8: 89:40:d1:f2:97:db:33:bf:ec:21:9c:5f:d5:b4:7a: 8d:d2:4b:b0:ba:ed:4a:3d:c0:ef:51:e8:c6:4f:25: ac:e9:c9:1e:00:cf:bb:95:9c:47:55:c9:60:a5:44: 4f:7e:07:12:7b:02:36:75:de:18:15:93:d5:d0:10: c7:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:B6:73:96:91:43:8D:CF:FE:D2:E7:4C:38:07:74:71:1A:C7:04:D7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 14:44:35:49:3b:39:a0:69:9d:66:a0:1a:b3:82:ce:2e:6f:66: 2a:e2:cf:f6:e2:c4:94:42:80:bc:86:92:ea:a4:f8:3a:43:0a: 86:d0:9a:2b:55:d7:77:7a:73:cc:31:84:39:f4:16:fb:25:8b: c8:89:04:7c:95:7d:6f:ed:e5:48:03:00:29:a7:2c:74:55:f0: 65:a3:2a:c4:bd:bd:c7:7a:9b:8b:f5:84:0c:aa:9c:7e:2f:83: 82:7c:fc:d0:2a:fa:a4:4c:27:92:dd:c4:a9:c1:bc:6d:45:61: 6b:26:60:1e:17:f1:1e:17:4b:72:2f:10:f3:82:bd:77:00:20: 2d:95:ab:6e:b6:29:e3:a3:b3:93:23:a8:4f:2b:61:22:ae:db: b7:81:51:c9:a6:e9:0a:b7:cb:60:69:fc:a8:00:3b:60:7a:d4: 7e:24:0b:4c:80:e4:39:4d:9d:9a:c7:7e:52:84:d4:ad:06:53: 4b:dc:a2:e1:2d:79:26:75:b6:dc:3b:40:e8:4f:94:c0:3d:68: f9:48:0e:2a:17:85:6c:ca:b3:65:83:71:38:c8:47:90:5d:5b: 71:d7:c8:dd:3e:b7:34:6b:00:57:61:4a:00:92:c6:f9:02:23: 1c:86:39:ef:9d:e1:e2:1e:6b:3b:eb:bb:2a:9e:e5:d6:cf:69: 40:77:e6:8e -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUZuamY56Lf+6vEYucunZIdb19UAUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU2MTI5ZjAwMzNmN2FlMmQ4YjEzZTJmODVhZjBhMjVjODA2MjE1ODA1NGRh ODA3MDQ1YmVlMjljYjgxODhkODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYK1w9xTkwWxv67PygWaPfYLGEGzoVZh6Gf9l4wn6CLwckKeIO9l+S3fY5b qaYBqjMztvfdrJAgI4JRkeBeb7pSBrGuOlC3JDHxG4Aksj9utvHnqHf4uXrQEITJ PWqG3aAauxxHk/81dq/S7c5RnopUBEW5uE2JDEACas8rEPIJa/z8pQmG7is1dpEa inkTfSUk8CI933N+i3XtqNAQvxXOcgYWJivyNBAlaS+QUWhN83JSJrha47uJHNYO +MKumfb4iUDR8pfbM7/sIZxf1bR6jdJLsLrtSj3A71Hoxk8lrOnJHgDPu5WcR1XJ YKVET34HEnsCNnXeGBWT1dAQx9kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTotnOW kUONz/7S50w4B3RxGscE1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ wDANBgkqhkiG9w0BAQsFAAOCAQEAFEQ1STs5oGmdZqAas4LOLm9mKuLP9uLElEKA vIaS6qT4OkMKhtCaK1XXd3pzzDGEOfQW+yWLyIkEfJV9b+3lSAMAKacsdFXwZaMq xL29x3qbi/WEDKqcfi+Dgnz80Cr6pEwnkt3EqcG8bUVhayZgHhfxHhdLci8Q84K9 dwAgLZWrbrYp46OzkyOoTythIq7bt4FRyabpCrfLYGn8qAA7YHrUfiQLTIDkOU2d msd+UoTUrQZTS9yi4S15JnW23DtA6E+UwD1o+UgOKheFbMqzZYNxOMhHkF1bcdfI 3T63NGsAV2FKAJLG+QIjHIY5753h4h5rO+u7Kp7l1s9pQHfmjg== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:23 2026 by rpki-client