This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa File: ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa (raw, json) Hash identifier: OQfYGuYmqWfqBOAANOktyGudErQXJ9w/QqP1y4t7k38= Subject key identifier: 57:D6:F7:30:1F:53:A3:6B:4F:26:74:5F:99:E5:D4:7B:BA:76:5D:A2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 368BA1092947BE609D0BA51B79DE3A01EAD2924B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa Signing time: Wed 10 Dec 2025 05:41:22 +0000 ROA not before: Wed 10 Dec 2025 05:41:22 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:8b:a1:09:29:47:be:60:9d:0b:a5:1b:79:de:3a:01:ea:d2:92:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:22 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=cce5c1e97b9139e253196801fd804e15eb61675601760ab0ab83f006bbb9a24a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:bd:a2:1f:a2:52:5c:66:25:ed:99:53:88:54: e7:78:19:2d:b8:c8:39:d6:a6:8d:46:20:14:ac:02: 5e:8d:54:73:62:dd:12:c1:80:b9:50:3b:11:97:5b: 3d:86:3c:e2:41:df:46:dc:e1:24:b2:86:87:d5:74: 04:da:b9:02:a7:de:ff:4d:87:fb:0a:a1:a7:32:f3: bd:ff:de:ad:fb:cd:68:8b:f6:b4:7b:74:ee:9e:0b: aa:fe:25:aa:09:af:a6:a4:dc:82:f1:53:42:dd:38: bb:ec:1c:d6:9b:3b:c7:82:c1:5d:94:16:60:74:80: b9:c6:e6:1a:25:a7:1c:49:2a:bf:21:49:a7:7f:f8: a5:2c:94:a3:7b:d7:dc:ec:fd:5a:20:30:58:84:d9: dd:49:83:3d:86:e0:3e:d3:e3:e2:ba:85:90:82:6a: cb:15:06:97:52:70:fb:bc:c6:e3:62:82:76:4a:ac: 77:5e:5f:d6:8e:8a:f1:76:fc:7b:f0:15:0c:99:10: db:b8:c4:39:13:41:1e:85:81:bd:d1:a0:9f:ca:4c: f6:46:1c:30:f6:41:14:0c:f6:e0:63:21:bb:12:88: a4:ba:9d:b4:dc:b9:98:e0:d9:bc:37:19:e7:61:26: c5:b4:c6:ca:03:34:04:b0:19:b9:9c:a6:28:07:dd: f1:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:D6:F7:30:1F:53:A3:6B:4F:26:74:5F:99:E5:D4:7B:BA:76:5D:A2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca3f4d11-dc6b-4a82-be61-68f1d7838f90.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:1000::/40 Signature Algorithm: sha256WithRSAEncryption 9a:fa:7d:1e:26:49:66:db:a6:99:3b:38:da:3f:2c:6b:2d:c0: 3a:90:75:33:2f:e8:6c:07:66:69:aa:c7:2c:95:38:37:9c:6e: 98:e4:a3:fd:b8:29:e3:f1:57:22:9b:38:4e:7e:d1:ce:94:50: eb:fc:f0:0c:3c:00:b9:f8:f7:c7:3d:09:25:6d:0a:ea:e9:d1: 19:21:49:7e:aa:fa:c4:5d:a8:00:d0:4f:36:3e:30:0f:0e:71: 00:8d:87:01:a6:74:5e:c6:d1:4c:4c:c6:17:85:72:56:f9:eb: 2f:9b:97:c6:ad:dd:f8:5f:fa:8f:15:1a:77:3e:e1:0c:10:e9: df:9c:7a:ca:f5:7d:82:36:dd:78:41:d9:3c:96:89:b6:f0:a1: 40:81:f6:af:47:bd:7f:10:13:90:e7:8a:31:79:ef:e2:c3:1d: b3:99:e1:df:00:7d:52:1e:b7:6e:53:8e:d9:5b:cc:18:4e:18: 53:22:97:9b:9e:3d:2a:ce:8a:b3:0c:1b:78:05:42:20:cd:11: d5:d7:5c:03:f3:36:91:f8:28:90:44:ae:32:cb:ce:aa:3a:6d: e5:3a:2a:ab:e7:85:7d:79:76:3c:1e:d1:72:65:d5:4e:c6:e3: 22:94:36:54:f0:ef:99:1f:ba:df:a8:9a:1e:71:7d:67:ac:30: 91:90:53:8f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNouhCSlHvmCdC6Ubed46AerSkkswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMjJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNjZTVjMWU5N2I5MTM5ZTI1MzE5NjgwMWZkODA0ZTE1ZWI2MTY3NTYwMTc2 MGFiMGFiODNmMDA2YmJiOWEyNGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOG9oh+iUlxmJe2ZU4hU53gZLbjIOdamjUYgFKwCXo1Uc2LdEsGAuVA7EZdb PYY84kHfRtzhJLKGh9V0BNq5Aqfe/02H+wqhpzLzvf/erfvNaIv2tHt07p4Lqv4l qgmvpqTcgvFTQt04u+wc1ps7x4LBXZQWYHSAucbmGiWnHEkqvyFJp3/4pSyUo3vX 3Oz9WiAwWITZ3UmDPYbgPtPj4rqFkIJqyxUGl1Jw+7zG42KCdkqsd15f1o6K8Xb8 e/AVDJkQ27jEORNBHoWBvdGgn8pM9kYcMPZBFAz24GMhuxKIpLqdtNy5mODZvDcZ 52EmxbTGygM0BLAZuZymKAfd8WsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRX1vcw H1Oja08mdF+Z5dR7unZdojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2EzZjRkMTEtZGM2Yi00YTgyLWJlNjEtNjhmMWQ3ODM4ZjkwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8Q MA0GCSqGSIb3DQEBCwUAA4IBAQCa+n0eJklm26aZOzjaPyxrLcA6kHUzL+hsB2Zp qscslTg3nG6Y5KP9uCnj8VcimzhOftHOlFDr/PAMPAC5+PfHPQklbQrq6dEZIUl+ qvrEXagA0E82PjAPDnEAjYcBpnRextFMTMYXhXJW+esvm5fGrd34X/qPFRp3PuEM EOnfnHrK9X2CNt14Qdk8lom28KFAgfavR71/EBOQ54oxee/iwx2zmeHfAH1SHrdu U47ZW8wYThhTIpebnj0qzoqzDBt4BUIgzRHV11wD8zaR+CiQRK4yy86qOm3lOiqr 54V9eXY8HtFyZdVOxuMilDZU8O+ZH7rfqJoecX1nrDCRkFOP -----END CERTIFICATE-----Generated at Fri Jan 2 11:05:00 2026 by rpki-client