This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json) Hash identifier: AbJdWqw+I0R7306amhkULhJ6gHWFd46s/KfA1Zben7U= Subject key identifier: 34:57:77:E7:B0:B5:FA:55:1D:D2:20:44:9C:0C:DA:02:50:AA:7F:88 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 33EA1F4BDEE70DB09C16C6C959EE49CA39BBCE55 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa Signing time: Wed 10 Dec 2025 06:11:32 +0000 ROA not before: Wed 10 Dec 2025 06:11:32 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:ea:1f:4b:de:e7:0d:b0:9c:16:c6:c9:59:ee:49:ca:39:bb:ce:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:32 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=7f484b3cdffb1654fb0c63906d4ea3c1c5685c749330b63744e11fd039f92e09, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:4c:d0:4b:d2:3e:77:13:5e:e4:14:4d:47:c5: 9a:6e:03:a5:ea:d0:62:59:f4:86:df:24:70:f3:9b: 54:c2:60:d1:d1:1c:06:1d:e3:02:49:4f:17:7b:4b: af:f9:c8:d3:8f:6e:81:09:7e:7b:04:ec:ac:22:b5: 2c:45:31:b4:a3:3b:5f:cc:cb:82:4e:29:17:08:46: f5:90:de:e2:61:49:d0:c9:80:2e:10:cc:78:4f:2f: a2:93:cb:cd:54:79:9e:55:0f:a0:5e:c4:37:0f:fb: 8e:20:fd:ee:9c:0d:a8:3a:9d:6c:e1:12:28:59:cb: eb:b6:fe:d8:81:a9:6f:4d:90:4b:17:46:c8:3e:e7: 93:56:78:eb:a2:db:a9:ff:9c:9b:8f:79:0a:16:1b: 68:61:1a:44:59:42:94:42:71:2d:7f:65:d9:db:58: ef:cc:3d:34:c3:05:e3:e9:c9:11:bf:4d:e3:a2:9e: 01:cb:cb:b2:c9:ae:95:a4:24:18:4a:50:8a:0c:d9: 96:f7:24:95:90:54:15:55:b7:e5:fd:00:30:6d:4c: 01:bc:cd:72:72:e9:0e:27:95:a6:69:42:06:12:fe: cb:cc:cf:f5:ce:d6:99:34:a5:95:53:73:0b:db:67: 71:bf:68:1f:b2:8e:fe:a9:fc:39:5d:0c:b2:5e:2f: 82:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:57:77:E7:B0:B5:FA:55:1D:D2:20:44:9C:0C:DA:02:50:AA:7F:88 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption c3:d3:ec:43:b1:8d:34:c0:83:57:c5:38:10:c2:ad:a8:11:f3: 91:24:61:4d:ed:ff:02:a8:d4:0c:94:86:da:ea:b7:c5:9c:45: f9:59:e1:83:40:1a:48:20:2d:be:3e:8c:67:4b:3a:f1:06:1d: 00:02:97:01:6f:48:44:e3:82:21:d7:f9:62:b7:1d:6f:82:e0: 41:82:2c:cb:b5:9a:6c:08:19:cc:13:e6:97:26:40:c9:92:a9: b3:2f:bf:6e:24:47:2b:3c:f1:68:d8:c9:db:4f:a2:72:1b:c7: 26:c2:86:5d:0c:49:67:84:d8:c7:bf:f6:59:f5:d3:87:e5:63: c1:81:43:6a:ed:09:49:b1:8c:2e:81:35:bf:e6:3f:c7:b9:88: 63:7c:b1:93:51:e1:ee:06:84:81:c8:5c:b1:64:27:e4:d6:21: 87:f8:84:ed:84:f3:d6:a2:02:61:c1:e5:1d:40:0a:32:ac:db: 03:33:b1:d1:f6:52:63:a2:a8:e8:a2:ee:f6:f4:a7:52:03:79: 1a:e1:d4:85:33:e8:df:3b:93:af:0c:1c:fc:3d:ba:12:af:94: 5f:35:3b:e6:69:4a:77:94:6f:5e:46:21:97:9b:31:5e:67:aa: ab:d7:44:00:49:be:ad:fe:70:0e:6b:33:c4:b8:d1:e5:10:ff: 5d:40:e4:54 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUM+ofS97nDbCcFsbJWe5Jyjm7zlUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMzJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDdmNDg0YjNjZGZmYjE2NTRmYjBjNjM5MDZkNGVhM2MxYzU2ODVjNzQ5MzMw YjYzNzQ0ZTExZmQwMzlmOTJlMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANtM0EvSPncTXuQUTUfFmm4DperQYln0ht8kcPObVMJg0dEcBh3jAklPF3tL r/nI049ugQl+ewTsrCK1LEUxtKM7X8zLgk4pFwhG9ZDe4mFJ0MmALhDMeE8vopPL zVR5nlUPoF7ENw/7jiD97pwNqDqdbOESKFnL67b+2IGpb02QSxdGyD7nk1Z466Lb qf+cm495ChYbaGEaRFlClEJxLX9l2dtY78w9NMMF4+nJEb9N46KeAcvLssmulaQk GEpQigzZlvcklZBUFVW35f0AMG1MAbzNcnLpDieVpmlCBhL+y8zP9c7WmTSllVNz C9tncb9oH7KO/qn8OV0Msl4vgu8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ0V3fn sLX6VR3SIEScDNoCUKp/iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg wDANBgkqhkiG9w0BAQsFAAOCAQEAw9PsQ7GNNMCDV8U4EMKtqBHzkSRhTe3/AqjU DJSG2uq3xZxF+Vnhg0AaSCAtvj6MZ0s68QYdAAKXAW9IROOCIdf5Yrcdb4LgQYIs y7WabAgZzBPmlyZAyZKpsy+/biRHKzzxaNjJ20+ichvHJsKGXQxJZ4TYx7/2WfXT h+VjwYFDau0JSbGMLoE1v+Y/x7mIY3yxk1Hh7gaEgchcsWQn5NYhh/iE7YTz1qIC YcHlHUAKMqzbAzOx0fZSY6Ko6KLu9vSnUgN5GuHUhTPo3zuTrwwc/D26Eq+UXzU7 5mlKd5RvXkYhl5sxXmeqq9dEAEm+rf5wDmszxLjR5RD/XUDkVA== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:40 2026 by rpki-client