This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa File: 28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa (raw, json) Hash identifier: 7AyFuvvnVMJnkyr8dviV3x7EbEO/CIVf4cEzpJxhn6g= Subject key identifier: F4:51:D9:97:E1:B6:AA:60:B6:0B:E4:8F:E6:79:B7:74:C0:EF:1D:E3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3741DEA92DF9047DE41A80658A6A58EBEA4B59FE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa Signing time: Wed 10 Dec 2025 06:30:09 +0000 ROA not before: Wed 10 Dec 2025 06:30:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:80e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:41:de:a9:2d:f9:04:7d:e4:1a:80:65:8a:6a:58:eb:ea:4b:59:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a0b795c2b4d0c14228fa5baae059d0b57240a4cfd6f78c77d80a5946d7bc6caa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:7a:fe:da:4d:1d:c5:a2:8b:09:f5:24:d2:a1: a8:60:db:e2:57:20:d1:11:39:3d:62:f2:ed:1a:55: 7c:d1:0a:47:c0:a2:c6:18:9c:8c:0d:38:5a:f7:d6: c7:eb:cf:68:1e:a1:1f:bf:3b:0a:5d:e8:26:cb:a7: 7c:5a:97:ad:76:b0:78:86:fe:cd:f7:0a:f5:9a:9c: a4:0a:6a:f1:95:75:a5:ea:8e:96:7d:af:d3:6e:ba: 79:f1:37:24:1b:69:55:ed:8c:99:90:9f:a0:7c:7f: 62:7b:97:47:9f:57:80:aa:f1:8b:f8:e9:28:34:44: 5f:27:c0:6c:16:d7:a2:59:4b:17:28:d2:22:a5:1b: 25:ec:36:0b:86:f3:51:33:75:2a:7e:dd:d8:f1:98: f0:83:b8:1b:b1:e0:d1:fe:7a:fe:8e:1b:d7:0e:de: 23:13:9f:d1:b5:c1:2f:d3:a7:f9:e5:90:16:c6:fb: 44:35:a3:1d:2c:cd:2e:fc:49:0d:5c:00:66:2b:ad: 68:a5:e1:97:43:2b:da:a4:33:88:5f:bc:37:c3:33: 30:7c:a0:d4:13:7d:5d:a5:e5:88:9b:ff:78:b1:6c: e8:a3:10:47:5e:ce:b2:7b:d6:57:13:fe:2b:8a:d4: d6:00:9c:2b:47:0e:6b:9f:2c:5d:82:30:b1:13:c7: 80:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:51:D9:97:E1:B6:AA:60:B6:0B:E4:8F:E6:79:B7:74:C0:EF:1D:E3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:80e0::/48 Signature Algorithm: sha256WithRSAEncryption 48:f5:77:1e:a0:0c:03:5c:54:7d:34:a8:33:cf:70:d7:e1:25: c0:49:a1:82:6a:5f:bd:cf:57:a3:5d:68:86:51:03:bc:33:62: 97:5b:cc:70:91:05:ee:98:d3:11:aa:21:f9:10:f5:b3:3a:e3: be:84:d0:a4:23:0c:59:17:32:22:43:c8:cb:6b:18:a0:56:e1: 16:4f:7b:1d:20:4a:10:4e:bc:90:94:bd:96:e6:84:f9:47:f6: 9f:05:fc:71:f9:66:54:70:5a:c1:a5:ab:5d:a4:d9:f6:5f:ae: 9e:3d:27:a1:c7:bc:17:70:7e:c2:19:0e:2c:78:57:6e:4a:0e: e4:c7:a4:e8:24:63:91:7e:67:80:c1:05:8a:d8:95:89:31:a4: 95:84:d2:09:c0:9c:7e:6a:5c:ed:d6:1c:ae:f6:6c:57:3a:b4: 66:52:1b:8c:1b:92:2f:7c:88:c7:a0:72:4b:e4:83:7e:ec:d9: 7d:76:e5:3f:13:99:8a:5d:18:6c:0e:b8:34:2b:d1:7b:19:e0: ff:10:59:42:55:61:d5:af:b2:f3:0e:9d:67:f9:e0:ef:25:13: 08:b8:a3:f8:16:f9:ee:f8:b5:48:70:7f:8b:84:b1:67:c3:e9: 9f:fb:0b:61:96:ca:99:72:cb:f2:d4:ca:13:6b:f3:95:34:0d: 12:cb:78:d0 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUN0HeqS35BH3kGoBlimpY6+pLWf4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGEwYjc5NWMyYjRkMGMxNDIyOGZhNWJhYWUwNTlkMGI1NzI0MGE0Y2ZkNmY3 OGM3N2Q4MGE1OTQ2ZDdiYzZjYWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANB6/tpNHcWiiwn1JNKhqGDb4lcg0RE5PWLy7RpVfNEKR8CixhicjA04WvfW x+vPaB6hH787Cl3oJsunfFqXrXaweIb+zfcK9ZqcpApq8ZV1peqOln2v0266efE3 JBtpVe2MmZCfoHx/YnuXR59XgKrxi/jpKDREXyfAbBbXollLFyjSIqUbJew2C4bz UTN1Kn7d2PGY8IO4G7Hg0f56/o4b1w7eIxOf0bXBL9On+eWQFsb7RDWjHSzNLvxJ DVwAZiutaKXhl0Mr2qQziF+8N8MzMHyg1BN9XaXliJv/eLFs6KMQR17OsnvWVxP+ K4rU1gCcK0cOa58sXYIwsRPHgNUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT0UdmX 4baqYLYL5I/mebd0wO8d4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjhmYzQzYWQtMGMzYi00ZDc3LWFhMzItNWVmYzQzMWU2OWMzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A 4DANBgkqhkiG9w0BAQsFAAOCAQEASPV3HqAMA1xUfTSoM89w1+ElwEmhgmpfvc9X o11ohlEDvDNil1vMcJEF7pjTEaoh+RD1szrjvoTQpCMMWRcyIkPIy2sYoFbhFk97 HSBKEE68kJS9luaE+Uf2nwX8cflmVHBawaWrXaTZ9l+unj0noce8F3B+whkOLHhX bkoO5Mek6CRjkX5ngMEFitiViTGklYTSCcCcfmpc7dYcrvZsVzq0ZlIbjBuSL3yI x6ByS+SDfuzZfXblPxOZil0YbA64NCvRexng/xBZQlVh1a+y8w6dZ/ng7yUTCLij +Bb57vi1SHB/i4SxZ8Ppn/sLYZbKmXLL8tTKE2vzlTQNEst40A== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:46 2026 by rpki-client