This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json) Hash identifier: jOKlGk0MzTWA+oJZ2DdYUAD9nH3BsI22Csdj842R+Cc= Subject key identifier: 8F:2A:97:03:46:6C:56:96:33:8C:60:DB:3E:EA:34:85:27:D2:AF:95 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 134AAFB85037F37AF230FD550B69073D2E2D7DBB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa Signing time: Wed 10 Dec 2025 05:20:33 +0000 ROA not before: Wed 10 Dec 2025 05:20:33 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:4a:af:b8:50:37:f3:7a:f2:30:fd:55:0b:69:07:3d:2e:2d:7d:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:33 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=230281c58387d6018afa40570d414c78a4f1b67302a2ea0d9fc0b45d63bfeb43, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:7f:eb:47:1a:4a:81:0b:6b:55:20:de:ee:80: e8:75:a5:b4:8f:04:65:f2:74:4e:55:19:f2:f3:03: a2:4f:8d:0d:c7:b0:9a:02:c4:ad:11:b3:f5:fd:45: 39:22:47:8c:c6:d6:6c:f0:52:6f:ab:5c:09:11:df: 67:96:49:58:08:c8:03:f2:a3:8f:96:8c:e1:f9:41: 48:51:86:c7:d8:33:74:53:50:07:4e:10:ce:45:af: 31:fd:74:2a:fd:c1:54:8b:bc:67:99:74:ed:8f:7c: dc:1a:78:4f:cb:d7:61:2f:d2:05:3b:10:68:54:bd: b5:cf:43:30:38:ec:4d:b0:40:00:a9:6a:16:8e:b1: 98:ee:af:5a:a6:79:9f:d0:24:13:fa:c9:28:21:67: 5b:7b:0d:07:73:79:30:bf:e6:69:73:cb:75:c8:23: 5d:c9:23:53:46:f8:44:5b:e4:1e:ad:d7:ed:0e:94: 6e:9c:1c:81:65:77:29:30:03:c6:a3:f8:f1:e3:6d: 22:f4:51:71:6d:a9:38:d2:68:9e:20:2d:4d:4e:92: 61:63:6a:77:4e:bf:68:f7:0d:04:3b:57:95:22:8e: ea:3e:a8:a0:50:39:01:5c:f5:28:b9:ed:5c:1f:4b: b7:e8:fb:b9:09:33:4e:29:df:70:4c:56:fa:58:2a: ad:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:2A:97:03:46:6C:56:96:33:8C:60:DB:3E:EA:34:85:27:D2:AF:95 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:c080::/48 Signature Algorithm: sha256WithRSAEncryption 0b:5a:ad:34:49:95:62:65:9e:91:a7:c1:5b:2b:b0:e9:09:80: 35:71:a8:31:f9:49:87:66:1f:99:a8:e7:3d:67:64:b8:73:7a: 13:68:03:43:19:d7:fb:2c:b0:61:34:6c:b4:8a:33:ea:4e:1c: 57:a9:a6:bc:b2:00:b1:da:d0:a6:e7:61:1c:34:c5:53:54:7e: 6d:75:93:d8:7b:fb:3d:b5:c9:0e:99:28:c4:da:da:62:74:52: 34:be:af:ab:34:48:15:a8:45:fc:80:4e:f2:31:7c:1b:9c:a8: 53:0c:ab:73:af:79:30:f2:db:9d:0a:6f:5a:8a:80:01:76:f8: c4:25:5a:69:be:be:4b:73:90:b9:da:ea:b6:d7:bc:47:eb:f0: a2:fe:41:ba:52:2a:74:4f:b1:be:de:f1:e5:6e:c1:85:f9:4b: ad:00:8f:62:83:3b:29:d2:77:91:48:90:ec:a5:00:67:53:8b: ca:59:1f:88:59:90:38:0f:20:a2:37:b4:0e:69:ab:07:77:0a: f0:19:a2:7b:e6:fb:34:ea:c8:09:bf:c4:25:91:f9:26:ec:b4: 6c:52:aa:a8:cb:ea:71:aa:76:00:70:ed:3b:bc:54:b3:dc:bf: d1:44:7d:b2:d4:8f:7f:34:36:30:1a:fc:cd:19:d9:bc:db:bb: 73:49:04:2b -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUE0qvuFA383ryMP1VC2kHPS4tfbswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMzNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIzMDI4MWM1ODM4N2Q2MDE4YWZhNDA1NzBkNDE0Yzc4YTRmMWI2NzMwMmEy ZWEwZDlmYzBiNDVkNjNiZmViNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMF/60caSoELa1Ug3u6A6HWltI8EZfJ0TlUZ8vMDok+NDcewmgLErRGz9f1F OSJHjMbWbPBSb6tcCRHfZ5ZJWAjIA/Kjj5aM4flBSFGGx9gzdFNQB04QzkWvMf10 Kv3BVIu8Z5l07Y983Bp4T8vXYS/SBTsQaFS9tc9DMDjsTbBAAKlqFo6xmO6vWqZ5 n9AkE/rJKCFnW3sNB3N5ML/maXPLdcgjXckjU0b4RFvkHq3X7Q6UbpwcgWV3KTAD xqP48eNtIvRRcW2pONJoniAtTU6SYWNqd06/aPcNBDtXlSKO6j6ooFA5AVz1KLnt XB9Lt+j7uQkzTinfcExW+lgqrd8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPKpcD RmxWljOMYNs+6jSFJ9KvlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA gDANBgkqhkiG9w0BAQsFAAOCAQEAC1qtNEmVYmWekafBWyuw6QmANXGoMflJh2Yf majnPWdkuHN6E2gDQxnX+yywYTRstIoz6k4cV6mmvLIAsdrQpudhHDTFU1R+bXWT 2Hv7PbXJDpkoxNraYnRSNL6vqzRIFahF/IBO8jF8G5yoUwyrc695MPLbnQpvWoqA AXb4xCVaab6+S3OQudrqtte8R+vwov5BulIqdE+xvt7x5W7BhflLrQCPYoM7KdJ3 kUiQ7KUAZ1OLylkfiFmQOA8goje0DmmrB3cK8Bmie+b7NOrICb/EJZH5Juy0bFKq qMvqcap2AHDtO7xUs9y/0UR9stSPfzQ2MBr8zRnZvNu7c0kEKw== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:41 2026 by rpki-client