This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa File: 819bfec2-19de-4cdb-ba40-657fff6a743e.roa (raw, json) Hash identifier: fr9fE94kMekY3XTLT1Vg4MH+LXv2cV/c2pObVkTpg54= Subject key identifier: FD:F9:DC:56:C5:32:F7:AD:3E:4A:9D:E2:8E:85:91:FD:C3:25:B6:FC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1C544A27B5AE3C3BB730CD65FECAF7EE34898BD3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa Signing time: Wed 10 Dec 2025 05:20:04 +0000 ROA not before: Wed 10 Dec 2025 05:20:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:54:4a:27:b5:ae:3c:3b:b7:30:cd:65:fe:ca:f7:ee:34:89:8b:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=caea1f109045cd569cee960d602d1b04f31e7f7656464c5f8a6d7e3ca6db06c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:4f:16:9b:42:f8:a7:fc:19:34:1a:09:74:86: 0d:cc:ad:ce:dd:dc:4a:30:23:e5:b9:50:7b:67:c7: 21:0e:f6:5d:3c:17:73:ce:9e:9c:6d:5a:b3:68:57: aa:7d:b6:17:95:04:69:d8:ad:37:7e:f2:17:06:f4: 98:9d:52:93:07:f0:3e:42:1b:29:99:d5:19:da:7f: 43:05:5a:5f:64:ea:89:c8:1d:67:4e:15:8b:12:b0: 8d:d8:5f:a9:64:f0:06:64:be:1a:3d:62:bf:41:0c: d7:8b:93:dc:71:ef:ed:18:77:ac:6b:af:11:73:02: a4:6a:45:b4:49:d9:ee:e4:23:d8:73:c3:f7:dc:f6: ba:76:67:39:59:6d:17:6a:67:27:d7:de:ef:9e:e8: f1:a8:44:fe:56:bd:a7:1c:86:81:98:e5:11:42:4f: ca:6b:c7:5a:53:70:b1:b5:7a:86:25:a9:ab:2c:18: b8:ec:51:93:d4:48:6c:a6:7d:6d:18:95:56:85:9b: ac:f4:68:20:14:5b:ff:58:4e:58:ba:c7:c8:48:7c: d0:d7:9f:df:c8:fa:9b:84:2c:75:86:27:cf:2e:ad: b1:a1:a1:c0:9c:62:33:08:6e:b6:47:b7:c8:26:bf: ab:2f:23:4b:e9:d3:26:76:d3:1b:75:dd:e8:e8:d1: 75:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:F9:DC:56:C5:32:F7:AD:3E:4A:9D:E2:8E:85:91:FD:C3:25:B6:FC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:9000::/40 Signature Algorithm: sha256WithRSAEncryption 95:a6:45:7f:9c:67:22:86:c6:cb:9d:b8:ea:91:1c:70:49:36: 43:48:63:39:48:a6:3e:67:e4:ce:d6:47:43:fa:0d:20:e0:76: 5b:9b:1f:c8:d1:9f:9c:a5:7b:ea:3c:eb:aa:e5:9f:de:b2:41: 6a:a5:f8:47:52:d4:f6:34:2f:21:78:7b:53:74:46:49:8e:a7: 00:64:3f:c9:b7:8a:1c:8c:6b:32:f7:7c:fd:ea:b9:ff:b0:85: f2:ea:4b:7b:2b:f6:39:b2:8f:10:0e:4b:71:4a:98:64:5b:64: a2:d6:86:ca:fd:a6:70:01:12:8b:3d:f0:5d:9c:12:fa:3b:d6: a0:50:69:7b:04:ee:4d:50:b0:bc:f0:44:d2:6b:71:9c:de:76: 5b:ab:30:d7:18:0f:50:7b:55:64:84:8c:6f:dc:5c:2e:57:89: c3:83:b8:b7:e5:26:fb:99:7d:2c:cd:1c:5f:8a:43:b3:76:da: dd:08:fe:d8:d3:4f:a2:ca:50:54:4b:2b:16:fc:86:cc:68:c6: e2:6c:0a:cc:bf:a2:6c:a7:7f:fa:8f:ef:4a:7f:28:f4:b3:53: 84:6c:8a:62:5a:53:cc:d9:db:fa:3a:c8:99:cb:64:0b:dc:ee: 3f:f9:6b:a9:0a:46:e1:54:14:ce:40:e0:3a:da:ce:56:46:04: fe:f7:71:1f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHFRKJ7WuPDu3MM1l/sr37jSJi9MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNhZWExZjEwOTA0NWNkNTY5Y2VlOTYwZDYwMmQxYjA0ZjMxZTdmNzY1NjQ2 NGM1ZjhhNmQ3ZTNjYTZkYjA2YzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOdPFptC+Kf8GTQaCXSGDcytzt3cSjAj5blQe2fHIQ72XTwXc86enG1as2hX qn22F5UEaditN37yFwb0mJ1SkwfwPkIbKZnVGdp/QwVaX2TqicgdZ04VixKwjdhf qWTwBmS+Gj1iv0EM14uT3HHv7Rh3rGuvEXMCpGpFtEnZ7uQj2HPD99z2unZnOVlt F2pnJ9fe757o8ahE/la9pxyGgZjlEUJPymvHWlNwsbV6hiWpqywYuOxRk9RIbKZ9 bRiVVoWbrPRoIBRb/1hOWLrHyEh80Nef38j6m4QsdYYnzy6tsaGhwJxiMwhutke3 yCa/qy8jS+nTJnbTG3Xd6OjRdTcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT9+dxW xTL3rT5KneKOhZH9wyW2/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODE5YmZlYzItMTlkZS00Y2RiLWJhNDAtNjU3ZmZmNmE3NDNlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q MA0GCSqGSIb3DQEBCwUAA4IBAQCVpkV/nGcihsbLnbjqkRxwSTZDSGM5SKY+Z+TO 1kdD+g0g4HZbmx/I0Z+cpXvqPOuq5Z/eskFqpfhHUtT2NC8heHtTdEZJjqcAZD/J t4ocjGsy93z96rn/sIXy6kt7K/Y5so8QDktxSphkW2Si1obK/aZwARKLPfBdnBL6 O9agUGl7BO5NULC88ETSa3Gc3nZbqzDXGA9Qe1VkhIxv3FwuV4nDg7i35Sb7mX0s zRxfikOzdtrdCP7Y00+iylBUSysW/IbMaMbibArMv6Jsp3/6j+9Kfyj0s1OEbIpi WlPM2dv6OsiZy2QL3O4/+WupCkbhVBTOQOA62s5WRgT+93Ef -----END CERTIFICATE-----Generated at Fri Jan 2 11:05:01 2026 by rpki-client