This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json) Hash identifier: HMhJ3Dr3Fqk+z8S3Nv6jQXBp1WaghfL4YTXz/3btWPM= Subject key identifier: AA:8F:6D:3E:7F:D9:E8:E2:41:F0:18:26:B6:DE:6D:84:90:6E:67:CC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2F0F78A26CCF1CFF95B989629C71359C253D414E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa Signing time: Wed 10 Dec 2025 05:30:13 +0000 ROA not before: Wed 10 Dec 2025 05:30:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:0f:78:a2:6c:cf:1c:ff:95:b9:89:62:9c:71:35:9c:25:3d:41:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c40f6faaa2320ea89eb7560d1b9cb13836d12b37f07456b390574faf0318ce1d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:9a:92:d7:2b:b9:6f:3b:fc:db:1b:c9:f9:53: a2:a8:51:df:08:f7:3b:21:b8:6c:79:1a:85:38:21: f0:62:bb:ba:97:fa:9a:f0:a1:c1:e3:f2:8e:80:f0: be:be:00:bc:4b:05:93:ca:d2:c9:63:4c:70:fe:1e: 28:a7:9f:6e:75:52:9c:9d:f3:c0:4a:77:fd:69:ce: 38:b0:2f:67:c2:61:6d:a4:a7:f0:08:72:7f:99:1d: 36:3d:8f:ed:2e:a8:e9:b2:f7:a5:ca:db:ec:35:8f: 21:b2:b9:f2:b3:49:8a:7b:cc:52:10:f6:ff:1b:34: 9a:82:f3:7c:51:39:8c:fd:18:08:4a:52:ab:64:47: 37:5b:a9:54:02:73:2a:d8:46:5d:4a:db:8a:53:fa: ce:28:28:74:9f:2b:fe:27:05:85:76:32:ec:fa:a3: dc:8e:78:a5:9c:32:97:b6:c5:26:c9:c4:81:d9:1e: ad:43:f6:ae:2c:82:33:84:5e:cc:f3:ee:3f:cd:fa: de:af:a4:fd:cc:bd:ca:a9:fd:4b:f6:64:86:f4:d1: 45:b3:cc:e1:7f:45:0d:73:3a:76:27:0b:3f:0c:d7: 5a:c9:8b:07:b4:8f:40:25:66:81:f5:54:c3:6d:85: 24:b0:a4:43:5c:f4:fd:35:a9:ca:f6:90:c1:45:46: d7:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:8F:6D:3E:7F:D9:E8:E2:41:F0:18:26:B6:DE:6D:84:90:6E:67:CC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:a000::/40 Signature Algorithm: sha256WithRSAEncryption 17:d2:b9:18:b9:ca:5b:bb:84:f5:24:6f:f9:61:42:e0:65:d8: d0:02:3d:d5:cc:3e:c2:71:29:e0:56:25:b4:9c:2d:46:79:7f: 9d:72:ba:72:dc:18:72:47:b7:2f:3d:ff:41:0c:8b:4b:e3:f3: c0:fa:ac:88:a9:e7:4b:98:7e:03:65:7b:fe:da:e8:68:07:fe: 9c:1c:99:03:c3:89:d1:d0:ad:72:d0:68:07:03:6e:ba:22:9b: d6:d4:6c:03:75:e5:9e:b9:cc:74:93:5d:7f:3b:ac:f8:68:cf: b6:c2:4c:33:87:78:be:ae:65:5e:43:d3:7c:23:24:02:ea:33: 53:f2:0b:ac:30:24:e7:32:9c:0e:e0:69:6d:e4:55:02:18:5e: 9b:ae:50:78:70:bc:cc:34:6a:a6:7f:c5:10:66:c9:77:f2:2c: 01:90:81:f0:f3:22:fd:09:f8:c6:0d:d5:1b:04:54:4f:c7:32: 82:34:d0:55:5f:d1:c9:f2:c9:bd:72:63:29:fe:20:dd:6f:58: c8:08:c4:c2:06:ef:7b:fa:c0:c7:41:0a:75:5a:e9:de:c2:9e: cd:a0:0c:85:ac:f4:6f:e2:b2:29:3a:f1:14:7c:32:99:fe:60: c4:6e:c9:ce:89:db:d3:9a:56:9c:a2:39:c0:54:9e:53:5d:38: c0:df:41:44 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIULw94omzPHP+VuYlinHE1nCU9QU4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM0MGY2ZmFhYTIzMjBlYTg5ZWI3NTYwZDFiOWNiMTM4MzZkMTJiMzdmMDc0 NTZiMzkwNTc0ZmFmMDMxOGNlMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+aktcruW87/NsbyflToqhR3wj3OyG4bHkahTgh8GK7upf6mvChwePyjoDw vr4AvEsFk8rSyWNMcP4eKKefbnVSnJ3zwEp3/WnOOLAvZ8JhbaSn8Ahyf5kdNj2P 7S6o6bL3pcrb7DWPIbK58rNJinvMUhD2/xs0moLzfFE5jP0YCEpSq2RHN1upVAJz KthGXUrbilP6zigodJ8r/icFhXYy7Pqj3I54pZwyl7bFJsnEgdkerUP2riyCM4Re zPPuP8363q+k/cy9yqn9S/ZkhvTRRbPM4X9FDXM6dicLPwzXWsmLB7SPQCVmgfVU w22FJLCkQ1z0/TWpyvaQwUVG1z0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqj20+ f9no4kHwGCa23m2EkG5nzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg MA0GCSqGSIb3DQEBCwUAA4IBAQAX0rkYucpbu4T1JG/5YULgZdjQAj3VzD7CcSng ViW0nC1GeX+dcrpy3BhyR7cvPf9BDItL4/PA+qyIqedLmH4DZXv+2uhoB/6cHJkD w4nR0K1y0GgHA266IpvW1GwDdeWeucx0k11/O6z4aM+2wkwzh3i+rmVeQ9N8IyQC 6jNT8gusMCTnMpwO4Glt5FUCGF6brlB4cLzMNGqmf8UQZsl38iwBkIHw8yL9CfjG DdUbBFRPxzKCNNBVX9HJ8sm9cmMp/iDdb1jICMTCBu97+sDHQQp1Wunewp7NoAyF rPRv4rIpOvEUfDKZ/mDEbsnOidvTmlacojnAVJ5TXTjA30FE -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:49 2026 by rpki-client