This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json) Hash identifier: MYxP4aYKhTSZTDMERa/2cLbrpatRzviGOHe+KK4ZOWQ= Subject key identifier: 7E:AE:E6:28:3C:FA:58:49:6B:89:37:3A:A2:39:3F:07:AD:69:DC:30 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 59A20DE6E9E6A4557DF41BB2E39F8BABEC427834 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa Signing time: Wed 10 Dec 2025 05:30:08 +0000 ROA not before: Wed 10 Dec 2025 05:30:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:a2:0d:e6:e9:e6:a4:55:7d:f4:1b:b2:e3:9f:8b:ab:ec:42:78:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=51e87e9bf158ed879e99c9e5cd8193280a83f7c9c04749d5207feb28e65a1097, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:af:13:6f:ea:38:97:df:88:1e:c4:30:2e:81: 81:86:c6:88:08:8a:50:5a:39:be:ad:88:43:eb:1b: e9:ad:2b:07:6e:bb:d1:c3:f7:6e:67:14:6b:58:e1: 6f:19:25:03:5d:32:06:60:aa:94:bd:54:7a:b8:48: 6c:ff:31:f9:33:dc:55:0c:aa:af:f5:44:3c:29:38: a2:c8:79:cc:d8:ea:d2:c9:16:99:89:43:86:d9:61: 8c:e5:d4:38:81:fa:74:83:6c:61:3f:6f:7c:43:35: f8:d8:8e:63:7e:a1:ce:f6:5a:24:7a:b3:ff:a1:0d: 87:bb:10:8a:55:38:8f:bf:37:10:82:2e:a8:43:2b: 7e:49:49:db:7d:97:43:13:3f:ed:c1:c1:29:e9:93: 4d:83:37:2f:75:e7:94:b1:42:c3:a3:6b:af:ed:09: 31:ac:95:aa:3b:86:5e:79:e9:32:8a:90:90:14:ef: 54:03:08:e9:49:3c:b0:9e:81:ca:a9:67:11:e7:e8: 0f:e2:3d:0f:ca:3f:b9:87:96:e6:3f:b0:1c:d8:8a: 43:e5:52:74:44:f2:07:67:6c:91:36:25:cb:74:62: c3:bd:79:26:cd:0b:a1:fd:9f:f2:9c:19:a3:c2:b1: b5:1a:fb:3d:ca:54:b1:42:07:fc:ef:63:ed:fb:f6: bb:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:AE:E6:28:3C:FA:58:49:6B:89:37:3A:A2:39:3F:07:AD:69:DC:30 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038::/32 Signature Algorithm: sha256WithRSAEncryption 4a:75:f2:88:a1:c1:15:7a:5a:d6:06:15:59:a4:10:fb:e3:c4: f9:8b:5c:2c:83:77:55:8b:aa:e8:b4:c1:65:97:a1:b1:47:25: 12:f3:11:9f:42:bc:e9:db:1b:bb:f0:12:f8:6a:36:de:e3:29: 6f:fa:6d:b9:a8:12:8e:3e:8f:bf:b9:fe:91:16:17:af:48:f7: 58:1c:47:fd:99:a7:f6:50:d1:fa:5a:28:60:0d:94:2b:be:4b: 92:ec:2e:4e:be:22:38:c6:18:99:4a:05:f8:dd:c3:cb:8b:21: 49:c3:04:ab:64:eb:2a:8d:d6:82:f5:28:07:f3:5e:84:00:64: 84:0c:50:8e:62:c0:ef:30:16:03:82:e1:98:62:93:0e:75:0c: 3e:2a:18:c1:e3:8e:ab:de:53:1d:16:86:8d:8e:c0:fb:bc:50: 8b:bb:29:48:eb:d6:5a:d9:42:98:a9:59:ad:2f:de:9a:f9:5c: 68:c8:05:37:c1:cc:64:d9:77:c2:79:ec:2e:fd:fd:67:30:e8: 77:8e:b9:da:04:77:47:77:ad:6f:fe:44:a0:c8:89:a9:4f:91: 24:7d:52:f6:16:48:b3:3e:9c:cc:7d:2b:d9:97:16:c9:fb:39: c8:79:f6:a3:a6:42:c1:39:44:1c:fc:09:24:bd:ea:e7:ed:fa: 35:19:3c:b1 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUWaIN5unmpFV99Buy45+Lq+xCeDQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDUxZTg3ZTliZjE1OGVkODc5ZTk5YzllNWNkODE5MzI4MGE4M2Y3YzljMDQ3 NDlkNTIwN2ZlYjI4ZTY1YTEwOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMqvE2/qOJffiB7EMC6BgYbGiAiKUFo5vq2IQ+sb6a0rB2670cP3bmcUa1jh bxklA10yBmCqlL1UerhIbP8x+TPcVQyqr/VEPCk4osh5zNjq0skWmYlDhtlhjOXU OIH6dINsYT9vfEM1+NiOY36hzvZaJHqz/6ENh7sQilU4j783EIIuqEMrfklJ232X QxM/7cHBKemTTYM3L3XnlLFCw6Nrr+0JMayVqjuGXnnpMoqQkBTvVAMI6Uk8sJ6B yqlnEefoD+I9D8o/uYeW5j+wHNiKQ+VSdETyB2dskTYly3Riw715Js0Lof2f8pwZ o8KxtRr7PcpUsUIH/O9j7fv2u+sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR+ruYo PPpYSWuJNzqiOT8HrWncMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw DQYJKoZIhvcNAQELBQADggEBAEp18oihwRV6WtYGFVmkEPvjxPmLXCyDd1WLqui0 wWWXobFHJRLzEZ9CvOnbG7vwEvhqNt7jKW/6bbmoEo4+j7+5/pEWF69I91gcR/2Z p/ZQ0fpaKGANlCu+S5LsLk6+IjjGGJlKBfjdw8uLIUnDBKtk6yqN1oL1KAfzXoQA ZIQMUI5iwO8wFgOC4Zhikw51DD4qGMHjjqveUx0Who2OwPu8UIu7KUjr1lrZQpip Wa0v3pr5XGjIBTfBzGTZd8J57C79/Wcw6HeOudoEd0d3rW/+RKDIialPkSR9UvYW SLM+nMx9K9mXFsn7Och59qOmQsE5RBz8CSS96uft+jUZPLE= -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:49 2026 by rpki-client