This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa File: caeeaf61-b927-4d38-b398-1efb2c05d49e.roa (raw, json) Hash identifier: oDvyzg4+B0BLTHUEQXrPAbLnM1pKl/rBV04x9YYNCEI= Subject key identifier: 0A:5E:BD:41:DD:2F:8B:00:75:33:05:9C:63:7D:28:45:62:97:D3:CF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0A1E5E230093349DDEC63B04A1755A039EA24A42 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa Signing time: Mon 08 Dec 2025 02:10:10 +0000 ROA not before: Mon 08 Dec 2025 02:10:10 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:1e:5e:23:00:93:34:9d:de:c6:3b:04:a1:75:5a:03:9e:a2:4a:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 8 02:10:10 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=fbf2fa50359bd36966e0949fa1a2a93b4d414c2372301115cbd9ee7c90fc9cb1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d7:b8:d0:eb:6e:d4:49:83:5c:7d:2e:0c:04: 71:de:e0:9d:ec:1f:2e:0c:f7:a8:ab:1f:98:b5:d1: 06:7e:45:62:52:79:5a:81:ec:b1:e0:6a:c8:b8:0a: ab:8d:a4:3a:22:95:c9:1d:a1:3f:5c:04:88:e9:8a: ec:af:8d:6a:35:f4:00:0c:af:84:d7:3f:68:7d:ca: fb:6e:ee:53:a2:09:6c:86:c4:22:bf:81:99:78:b3: cd:88:49:3c:37:ea:5f:9c:f7:22:61:46:ad:1d:8b: 4d:fd:f0:73:78:4e:de:21:a2:42:cc:8d:9c:46:9f: 4d:85:3f:ef:12:0e:ab:c7:cf:d1:cb:44:ab:64:ea: 11:70:16:50:50:68:7c:45:5f:3a:bd:fa:09:4f:c0: 19:3e:4e:63:41:72:47:70:62:74:76:e0:44:3a:a3: 7e:7c:9f:1d:f4:e1:48:b4:af:3d:c6:df:be:6d:93: b1:a1:12:f9:d5:84:12:68:36:08:b2:2a:04:7e:bd: ef:06:9c:d8:c6:f3:ee:0a:c2:b0:55:a6:5f:58:a5: fb:43:4b:e0:7a:fa:cd:50:fb:95:2e:9b:17:d8:b4: 3c:0c:4f:b8:7d:c9:6f:16:7f:dc:7a:1e:a9:6b:d3: 24:06:d3:94:f1:26:65:e0:a7:d8:86:ea:ef:ac:01: 9c:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:5E:BD:41:DD:2F:8B:00:75:33:05:9C:63:7D:28:45:62:97:D3:CF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:800::/40 Signature Algorithm: sha256WithRSAEncryption 3e:9d:57:7e:14:e6:aa:54:7a:ad:32:5e:47:6c:af:e8:fa:2a: 2c:b2:ff:24:13:04:41:d3:04:b2:bb:2e:d4:ea:f1:3a:41:1b: 6c:f8:8c:f0:e1:e2:c3:49:90:23:ad:44:74:39:2d:e8:f1:e0: a2:bb:69:2f:54:21:79:5b:3a:d3:45:47:53:14:c6:ae:9b:26: 94:10:df:f1:77:f6:47:dc:61:44:a2:50:13:99:b5:d4:0b:5d: b8:22:17:d8:f5:03:d6:78:b0:2c:86:d7:49:5f:45:0c:49:b1: b2:a4:73:d3:44:fb:32:01:1f:cb:3d:5c:0b:54:29:55:65:c7: f9:c3:ef:75:bd:9c:74:d0:71:78:1a:00:7c:35:42:4a:2e:7b: 09:ca:f2:fb:5c:d1:2f:08:a4:7f:be:f9:31:2b:97:82:68:61: 5e:d0:44:c4:68:58:d7:42:1e:b0:fc:64:9c:ce:e8:aa:eb:f5: 08:0e:f4:24:14:a8:d4:54:27:b6:c4:4c:8d:59:89:85:d1:01: 85:f7:59:0f:22:5e:3d:da:71:02:27:69:9b:6d:b1:b5:1c:2d: 82:42:6b:2c:49:4d:3f:a1:d0:ec:2c:80:8f:f5:c5:c1:71:9e: 75:41:40:38:0d:47:75:39:1e:0b:27:d5:22:3f:da:a0:cf:49: e9:1f:a2:fc -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUCh5eIwCTNJ3exjsEoXVaA56iSkIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDgwMjEwMTBaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQGZiZjJmYTUwMzU5YmQzNjk2NmUwOTQ5ZmExYTJhOTNiNGQ0MTRjMjM3MjMw MTExNWNiZDllZTdjOTBmYzljYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzXuNDrbtRJg1x9LgwEcd7gnewfLgz3qKsfmLXRBn5FYlJ5WoHsseBqyLgK q42kOiKVyR2hP1wEiOmK7K+NajX0AAyvhNc/aH3K+27uU6IJbIbEIr+BmXizzYhJ PDfqX5z3ImFGrR2LTf3wc3hO3iGiQsyNnEafTYU/7xIOq8fP0ctEq2TqEXAWUFBo fEVfOr36CU/AGT5OY0FyR3BidHbgRDqjfnyfHfThSLSvPcbfvm2TsaES+dWEEmg2 CLIqBH697wac2Mbz7grCsFWmX1il+0NL4Hr6zVD7lS6bF9i0PAxPuH3JbxZ/3Hoe qWvTJAbTlPEmZeCn2Ibq76wBnN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQKXr1B 3S+LAHUzBZxjfShFYpfTzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2FlZWFmNjEtYjkyNy00ZDM4LWIzOTgtMWVmYjJjMDVkNDllLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgI MA0GCSqGSIb3DQEBCwUAA4IBAQA+nVd+FOaqVHqtMl5HbK/o+iossv8kEwRB0wSy uy7U6vE6QRts+Izw4eLDSZAjrUR0OS3o8eCiu2kvVCF5WzrTRUdTFMaumyaUEN/x d/ZH3GFEolATmbXUC124IhfY9QPWeLAshtdJX0UMSbGypHPTRPsyAR/LPVwLVClV Zcf5w+91vZx00HF4GgB8NUJKLnsJyvL7XNEvCKR/vvkxK5eCaGFe0ETEaFjXQh6w /GSczuiq6/UIDvQkFKjUVCe2xEyNWYmF0QGF91kPIl492nECJ2mbbbG1HC2CQmss SU0/odDsLICP9cXBcZ51QUA4DUd1OR4LJ9UiP9qgz0npH6L8 -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:28 2026 by rpki-client