This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json) Hash identifier: VneZpRYKogMn9lpjqUWZl8Prs4G6hGardldEPliwb6M= Subject key identifier: E5:1C:D7:EE:EB:59:76:7A:76:6C:A4:D2:A3:52:75:D3:DF:AC:E8:7D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 651218ADC27602BD16C36C62D40C670FCE03D174 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa Signing time: Wed 10 Dec 2025 06:30:42 +0000 ROA not before: Wed 10 Dec 2025 06:30:42 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d016::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:12:18:ad:c2:76:02:bd:16:c3:6c:62:d4:0c:67:0f:ce:03:d1:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:42 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c995ca72256781b45f62988897924c1c23fbd78edc27e9da35e0b1af0ebfaed7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:a6:58:d2:b0:74:eb:c0:59:9a:74:c5:37:4e: db:10:89:16:76:47:93:3f:95:fb:cf:bd:08:57:8d: 8f:97:90:7c:96:77:9f:9d:27:dc:c6:1f:6a:61:81: e7:3d:e9:9e:b5:ad:69:0e:b3:b9:01:0c:65:40:44: 2a:b7:25:96:a8:d8:53:89:a4:05:78:6b:8b:33:05: 0f:8f:2a:e3:86:38:e3:30:25:6f:f3:5e:f0:54:33: e6:53:53:2f:19:ed:34:e2:4b:af:f0:ac:e6:4b:92: f9:ea:79:9e:63:94:04:a3:74:1a:d5:23:32:32:f9: 41:3b:e6:89:a7:94:53:68:12:6a:4e:8c:0a:65:79: ac:ae:fe:c5:f8:1c:4c:bb:a7:3c:f7:14:20:82:71: c8:4c:c4:de:09:f4:7d:c2:ee:44:fe:d4:b0:b5:3b: b0:96:cc:42:82:72:6c:88:fc:c6:29:03:8a:23:4f: 39:eb:81:fc:a3:e6:66:cc:b5:65:e9:88:b3:70:fe: 01:6c:ce:1d:00:ab:e5:a5:f5:df:37:bd:21:7a:fe: 02:5a:a3:44:57:3d:d0:f8:8b:82:41:e1:f4:67:06: 8c:dd:ac:12:1d:85:04:8c:55:d1:01:d8:12:eb:17: 29:bb:31:09:d0:f9:a0:f0:a2:02:b9:21:5e:bd:5b: ba:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:1C:D7:EE:EB:59:76:7A:76:6C:A4:D2:A3:52:75:D3:DF:AC:E8:7D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d016::/38 Signature Algorithm: sha256WithRSAEncryption 9a:a4:c3:08:c9:ef:57:50:26:5d:2d:cb:0b:2a:66:b0:bb:b8: 70:c2:82:d2:19:d4:c8:1a:1f:41:b4:d8:9e:c6:0b:86:47:4e: 54:05:a1:f6:db:f7:00:98:a9:d7:d3:a6:fe:0a:16:c6:f0:0e: c0:b0:24:ea:15:91:be:30:14:77:d3:7e:f5:84:16:8e:0c:61: 83:35:d4:fa:c4:6a:25:f6:cf:bd:df:cb:69:49:05:bd:6e:79: 55:be:e0:3d:33:26:0d:bc:bc:4f:9c:ad:fc:b7:e2:e6:fb:22: 5a:76:23:18:61:1b:36:d6:de:0b:4e:6c:38:e3:31:82:dc:1c: 96:b3:e0:0c:e5:22:c1:a9:d1:ba:aa:c8:33:98:3f:f2:c6:ab: 84:fb:d2:d4:16:68:48:84:a8:74:19:3b:48:99:2c:e0:46:3f: 84:52:dd:39:11:7c:b0:72:8f:1a:54:2f:d5:34:64:59:31:ce: 25:92:ed:b8:87:6c:8a:91:4f:64:6b:dc:5a:dc:ee:d8:8b:10: 12:1b:25:23:a3:38:7a:60:68:df:51:e8:a8:80:9e:23:ab:94: e9:c6:1f:d6:6a:bb:9a:62:ff:ca:43:ee:98:be:1c:27:e4:c1: de:41:36:74:63:e6:1c:b8:e9:f6:81:c7:e8:8e:d9:e1:40:87: 72:44:2b:2d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZRIYrcJ2Ar0Ww2xi1AxnD84D0XQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwNDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM5OTVjYTcyMjU2NzgxYjQ1ZjYyOTg4ODk3OTI0YzFjMjNmYmQ3OGVkYzI3 ZTlkYTM1ZTBiMWFmMGViZmFlZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALimWNKwdOvAWZp0xTdO2xCJFnZHkz+V+8+9CFeNj5eQfJZ3n50n3MYfamGB 5z3pnrWtaQ6zuQEMZUBEKrcllqjYU4mkBXhrizMFD48q44Y44zAlb/Ne8FQz5lNT LxntNOJLr/Cs5kuS+ep5nmOUBKN0GtUjMjL5QTvmiaeUU2gSak6MCmV5rK7+xfgc TLunPPcUIIJxyEzE3gn0fcLuRP7UsLU7sJbMQoJybIj8xikDiiNPOeuB/KPmZsy1 ZemIs3D+AWzOHQCr5aX13ze9IXr+AlqjRFc90PiLgkHh9GcGjN2sEh2FBIxV0QHY EusXKbsxCdD5oPCiArkhXr1bum8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlHNfu 61l2enZspNKjUnXT36zofTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA MA0GCSqGSIb3DQEBCwUAA4IBAQCapMMIye9XUCZdLcsLKmawu7hwwoLSGdTIGh9B tNiexguGR05UBaH22/cAmKnX06b+ChbG8A7AsCTqFZG+MBR30371hBaODGGDNdT6 xGol9s+938tpSQW9bnlVvuA9MyYNvLxPnK38t+Lm+yJadiMYYRs21t4LTmw44zGC 3ByWs+AM5SLBqdG6qsgzmD/yxquE+9LUFmhIhKh0GTtImSzgRj+EUt05EXywco8a VC/VNGRZMc4lku24h2yKkU9ka9xa3O7YixASGyUjozh6YGjfUeiogJ4jq5Tpxh/W aruaYv/KQ+6Yvhwn5MHeQTZ0Y+YcuOn2gcfojtnhQIdyRCst -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:32 2026 by rpki-client