This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json) Hash identifier: clweWKKBb6w4TKbHmkjVnIZXEl2h91qSF2ihQhqTYkE= Subject key identifier: B8:20:DB:E7:29:3C:ED:96:8B:4C:8E:88:18:24:03:B8:87:92:CF:F7 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5AE649680FD666A4462A7372B683B10180C99CEC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa Signing time: Wed 10 Dec 2025 06:31:09 +0000 ROA not before: Wed 10 Dec 2025 06:31:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:e6:49:68:0f:d6:66:a4:46:2a:73:72:b6:83:b1:01:80:c9:9c:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:31:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e33b6dc29d6e31b6ff3a16fd3d2ecf00d0fce0d5c32bdd08b0c6c8c2f34263ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:22:b9:eb:f3:77:1d:29:b2:48:60:0b:6b:db: bf:95:d8:f0:a0:a3:05:e1:4d:b1:d1:c0:ff:14:dc: 7e:93:a0:89:e6:a0:ba:fc:c1:de:76:8e:3b:cb:0e: 19:37:d9:fd:46:cf:1f:63:be:77:a0:9c:32:6a:de: 61:d5:67:59:a5:c0:21:cd:8e:d5:3a:63:40:84:11: 7d:57:dc:55:65:08:39:bb:69:be:98:db:66:39:e7: cd:79:f2:2b:c7:0f:97:7c:5d:4b:f9:86:ac:e3:81: 28:a1:6f:a8:c6:e3:63:5c:8a:fe:c3:0c:4e:51:52: 11:fd:7e:bc:e8:da:c9:84:ee:4a:a5:42:e7:10:7b: 24:ba:03:61:52:e1:ed:1c:66:ce:e9:d4:fb:4d:a9: 48:d9:ec:70:d4:a2:8f:70:01:28:0b:45:f7:0d:97: 74:7e:40:5a:96:71:87:0a:4e:a6:9b:19:03:5a:e7: 29:08:4d:30:c1:78:e7:fb:e5:76:e2:a8:d3:71:99: 3f:39:d0:af:cf:f5:fb:39:a6:88:54:0e:c4:bb:47: 93:38:7a:67:c6:5a:16:e9:96:76:fc:d2:da:a0:ea: fa:d1:09:f9:86:f0:cf:7f:f5:6b:17:5c:13:3f:ed: 01:36:d5:18:6f:37:d9:d9:92:19:ff:10:7d:bc:8a: f3:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:20:DB:E7:29:3C:ED:96:8B:4C:8E:88:18:24:03:B8:87:92:CF:F7 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:1040::/48 Signature Algorithm: sha256WithRSAEncryption 4f:2c:c6:3f:bb:83:e1:99:ae:60:ed:7c:f0:d2:6e:30:c7:bf: 32:1e:fb:84:2e:35:c7:9f:f9:d9:fc:38:03:2a:c2:d3:54:b2: 85:df:9f:7c:ee:ee:86:c4:09:f3:c7:20:97:01:9d:be:bd:9f: 38:cb:93:3a:a7:4c:f3:e2:fb:6c:6e:4b:ee:97:c5:6b:be:95: b4:bc:67:24:a9:70:07:e9:29:c1:cf:37:8a:9c:d7:8d:5b:12: 46:59:83:ee:c1:1c:25:43:af:9c:ad:4c:2d:e3:8e:80:86:5e: ca:53:2d:f0:7a:5f:76:33:26:42:39:27:ef:ce:ab:3e:d4:ce: 5b:ac:c5:a4:72:7b:c6:57:0f:84:04:2a:d7:06:22:61:61:2c: 48:92:22:bd:db:f4:f6:e2:63:f9:47:cc:c7:94:28:b3:f0:8e: e5:6b:a9:ee:20:f3:0e:6e:6a:92:c3:92:1a:c0:f5:25:af:0d: 01:6c:37:b4:1c:a6:bf:cb:7e:bb:ee:21:8c:4c:6a:58:be:e9: f1:4b:a3:b9:cb:3a:fa:c4:16:a4:ac:1f:ee:0f:f2:b5:73:f2: db:e7:3b:13:4b:35:0b:31:6c:ca:4d:62:e9:be:67:d0:39:4e: 79:c9:a9:d7:1b:6b:cf:6f:5c:d0:22:02:45:d6:e2:c0:6f:8e: 09:43:80:59 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUWuZJaA/WZqRGKnNytoOxAYDJnOwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMxMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGUzM2I2ZGMyOWQ2ZTMxYjZmZjNhMTZmZDNkMmVjZjAwZDBmY2UwZDVjMzJi ZGQwOGIwYzZjOGMyZjM0MjYzZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANIiuevzdx0pskhgC2vbv5XY8KCjBeFNsdHA/xTcfpOgieaguvzB3naOO8sO GTfZ/UbPH2O+d6CcMmreYdVnWaXAIc2O1TpjQIQRfVfcVWUIObtpvpjbZjnnzXny K8cPl3xdS/mGrOOBKKFvqMbjY1yK/sMMTlFSEf1+vOjayYTuSqVC5xB7JLoDYVLh 7RxmzunU+02pSNnscNSij3ABKAtF9w2XdH5AWpZxhwpOppsZA1rnKQhNMMF45/vl duKo03GZPznQr8/1+zmmiFQOxLtHkzh6Z8ZaFumWdvzS2qDq+tEJ+Ybwz3/1axdc Ez/tATbVGG832dmSGf8QfbyK83kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS4INvn KTztlotMjogYJAO4h5LP9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ QDANBgkqhkiG9w0BAQsFAAOCAQEATyzGP7uD4ZmuYO188NJuMMe/Mh77hC41x5/5 2fw4AyrC01Syhd+ffO7uhsQJ88cglwGdvr2fOMuTOqdM8+L7bG5L7pfFa76VtLxn JKlwB+kpwc83ipzXjVsSRlmD7sEcJUOvnK1MLeOOgIZeylMt8HpfdjMmQjkn786r PtTOW6zFpHJ7xlcPhAQq1wYiYWEsSJIivdv09uJj+UfMx5Qos/CO5Wup7iDzDm5q ksOSGsD1Ja8NAWw3tBymv8t+u+4hjExqWL7p8Uujucs6+sQWpKwf7g/ytXPy2+c7 E0s1CzFsyk1i6b5n0DlOecmp1xtrz29c0CICRdbiwG+OCUOAWQ== -----END CERTIFICATE-----Generated at Sun Dec 14 03:23:24 2025 by rpki-client