This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json) Hash identifier: s4iXz0d/wRatVs0i1cbM+kc3vUfMsm/2HAKuoR5W03c= Subject key identifier: E8:BB:B9:41:5B:FB:79:6F:BD:DB:71:8B:3D:6E:FF:9E:A2:34:3E:99 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1EB5FDA7C3DFA68C2279ABF230330096887CC68D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa Signing time: Thu 11 Dec 2025 00:00:11 +0000 ROA not before: Thu 11 Dec 2025 00:00:11 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014:1400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:b5:fd:a7:c3:df:a6:8c:22:79:ab:f2:30:33:00:96:88:7c:c6:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 11 00:00:11 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=d65d4bed1e9ab55c523c8238e31fdb650550b3e2a19aec33aa2423963aa5c3d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c3:b3:65:e8:52:08:0f:2f:d2:27:92:07:f8: a5:54:5b:32:e9:f5:88:d0:22:60:17:57:41:89:dc: 4b:a5:ea:70:ae:43:e4:5a:09:d8:53:e8:c5:ec:8c: 03:8e:56:06:d5:7a:2a:cc:60:82:54:c9:e6:d4:fa: af:46:01:64:f9:23:38:b8:09:96:a3:e9:b8:9a:03: 65:58:26:79:de:4d:31:70:00:d0:fe:8d:c5:35:63: d9:e5:66:51:b5:09:33:1f:a9:1c:60:04:67:82:ce: 50:75:59:f5:5a:fe:f1:9b:4a:94:57:c2:6d:db:73: f1:a2:95:fb:82:de:20:29:27:f2:f3:f0:6b:bc:b6: 58:bd:10:21:9c:e8:e2:19:5b:5a:bd:0b:d0:8f:73: 0e:62:7c:bf:96:55:f8:43:ae:22:a5:14:5a:ad:2e: 19:41:d2:a1:04:5c:59:ad:c9:d5:c7:3e:a2:27:d2: 04:d3:0e:64:a5:b4:42:82:2a:94:c9:7f:f6:d4:c3: 55:ff:c0:3c:2b:7f:d2:16:d4:ae:2e:49:ac:3b:05: f9:7f:7a:64:04:f3:ee:12:32:d0:36:c8:07:23:73: c3:5a:0c:25:aa:e8:b2:d7:ef:39:7c:66:b1:fd:d7: fd:2a:b4:82:d0:fd:16:ca:af:81:08:11:c5:c9:56: 79:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:BB:B9:41:5B:FB:79:6F:BD:DB:71:8B:3D:6E:FF:9E:A2:34:3E:99 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014:1400::/38 Signature Algorithm: sha256WithRSAEncryption 55:ac:e0:af:e5:08:5d:25:04:d7:24:b0:b2:10:95:73:66:87: c1:a3:76:36:4d:a6:34:29:e2:cb:f7:df:3d:ae:22:22:84:67: 76:70:bd:86:42:36:18:ab:dd:2c:1c:86:0b:d1:b2:39:5a:4a: 51:68:7a:bc:e7:ef:b3:52:06:9b:23:e6:d3:5c:31:81:e6:9e: 5e:d6:88:fc:68:02:b3:4b:88:90:d6:8e:99:75:70:e3:93:d7: 39:db:cc:02:b5:b4:7e:71:70:cc:85:0a:bb:da:95:93:49:3a: 88:7a:f6:6d:f7:7b:9d:bb:c8:5a:b7:f6:dc:93:d6:43:f8:df: 35:37:ba:10:e0:47:de:eb:bc:45:da:f0:0b:ed:45:08:1e:cd: 93:fb:77:4a:6b:b7:cd:4c:23:3b:73:50:1c:15:27:cb:97:ec: 16:98:88:ac:7a:ba:8f:bf:56:3d:30:af:f7:ab:20:9b:a7:e9: 07:e6:de:03:92:ea:c0:89:af:0d:fe:c8:50:cf:70:d6:76:a9: d3:a9:7f:b7:e8:ff:9e:d9:12:1c:39:34:b5:b7:e6:95:4a:7a: 56:d7:72:b5:b8:c3:58:d2:a5:96:f4:81:69:43:c2:90:bf:8e: f3:98:98:74:b3:9a:53:f0:c2:91:18:de:39:32:09:3e:f5:cf: 2e:87:04:67 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHrX9p8PfpowieavyMDMAloh8xo0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTEwMDAwMTFaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQGQ2NWQ0YmVkMWU5YWI1NWM1MjNjODIzOGUzMWZkYjY1MDU1MGIzZTJhMTlh ZWMzM2FhMjQyMzk2M2FhNWMzZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/Ds2XoUggPL9Inkgf4pVRbMun1iNAiYBdXQYncS6XqcK5D5FoJ2FPoxeyM A45WBtV6KsxgglTJ5tT6r0YBZPkjOLgJlqPpuJoDZVgmed5NMXAA0P6NxTVj2eVm UbUJMx+pHGAEZ4LOUHVZ9Vr+8ZtKlFfCbdtz8aKV+4LeICkn8vPwa7y2WL0QIZzo 4hlbWr0L0I9zDmJ8v5ZV+EOuIqUUWq0uGUHSoQRcWa3J1cc+oifSBNMOZKW0QoIq lMl/9tTDVf/APCt/0hbUri5JrDsF+X96ZATz7hIy0DbIByNzw1oMJarostfvOXxm sf3X/Sq0gtD9FsqvgQgRxclWeZkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTou7lB W/t5b73bcYs9bv+eojQ+mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU MA0GCSqGSIb3DQEBCwUAA4IBAQBVrOCv5QhdJQTXJLCyEJVzZofBo3Y2TaY0KeLL 9989riIihGd2cL2GQjYYq90sHIYL0bI5WkpRaHq85++zUgabI+bTXDGB5p5e1oj8 aAKzS4iQ1o6ZdXDjk9c528wCtbR+cXDMhQq72pWTSTqIevZt93udu8hat/bck9ZD +N81N7oQ4Efe67xF2vAL7UUIHs2T+3dKa7fNTCM7c1AcFSfLl+wWmIiserqPv1Y9 MK/3qyCbp+kH5t4DkurAia8N/shQz3DWdqnTqX+36P+e2RIcOTS1t+aVSnpW13K1 uMNY0qWW9IFpQ8KQv47zmJh0s5pT8MKRGN45Mgk+9c8uhwRn -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:50 2026 by rpki-client