This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json) Hash identifier: JDzK9gRI9E36H2RfXu9IdUH9YUKOz6ohzwn1lfXDdMk= Subject key identifier: 87:C9:E1:C3:F0:CD:2E:18:DF:13:25:0A:A8:E1:BA:35:02:A2:97:0B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5FAACA3A9C993249C988A3F67AFE317FC450653E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa Signing time: Wed 10 Dec 2025 06:10:45 +0000 ROA not before: Wed 10 Dec 2025 06:10:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01e::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:aa:ca:3a:9c:99:32:49:c9:88:a3:f6:7a:fe:31:7f:c4:50:65:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f42352db8411dd5a5fb379e52001cfad4f690f653e517d3b1eb2e8692ce9adc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:07:e1:5c:b9:66:50:ef:cd:4f:7a:78:a6:5d: 11:50:25:c7:3b:12:4f:d4:c1:11:4f:a1:2d:cc:2c: 2c:98:e6:f6:a4:a1:6a:48:db:63:32:1b:6e:bb:0b: 5f:49:d7:34:21:d2:e5:8e:e1:c0:85:75:c5:85:d1: f8:f0:4c:12:b9:70:e8:c2:05:69:53:ae:e5:c4:15: 4c:97:d5:b7:16:dd:74:5c:a0:cb:45:f2:0d:db:bb: 76:b1:19:73:62:f9:81:99:7c:ee:58:7f:72:81:58: ae:2c:85:2d:9f:c5:01:2e:b2:f1:af:3b:ee:4e:fe: 97:42:8e:84:5e:df:5c:10:6f:4d:d5:ce:dc:1e:45: c0:3b:2e:9b:84:32:27:ae:17:26:20:76:13:1d:1d: 2b:a3:b3:ff:86:d1:54:da:5b:e4:7e:cd:1b:5f:a1: 79:23:3b:a5:75:92:fe:3b:ce:4c:35:ce:c2:92:69: e1:31:d0:e9:db:be:b3:5d:1f:5c:19:ce:a9:74:a7: 0e:79:36:72:65:5d:39:23:26:a0:09:ef:56:06:fd: 76:52:ee:13:6d:8b:7a:a3:c7:28:c4:0b:a2:8d:4b: 5e:24:96:20:9f:4d:76:ce:4a:76:21:9e:8a:08:f8: 98:78:d8:f7:dc:c9:65:2e:bb:91:c3:7f:15:b6:80: 8c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:C9:E1:C3:F0:CD:2E:18:DF:13:25:0A:A8:E1:BA:35:02:A2:97:0B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01e::/38 Signature Algorithm: sha256WithRSAEncryption 20:87:d5:88:bb:cb:c9:2d:65:1d:50:81:8d:d5:10:e7:67:39: 33:40:16:95:1e:f9:2a:ef:5d:d6:1e:64:15:09:f8:23:08:bf: bf:b4:65:f5:15:7b:6d:89:1f:61:ea:6f:d4:e2:11:49:59:72: bd:00:b7:61:71:a9:a8:4e:37:c7:d6:39:00:f5:96:55:50:68: f8:46:ff:5f:20:88:45:1b:31:d9:c9:e4:93:5c:03:f2:60:73: dd:70:77:8e:1f:86:ec:8f:0a:b9:88:17:fe:28:95:ab:86:f2: 53:8e:2e:12:de:c2:f9:e7:75:08:82:fc:b7:9b:f0:47:4b:61: da:ee:5b:80:55:7d:ef:d1:ae:b0:06:d9:1f:23:10:5d:78:62: c2:e6:d1:0c:40:b4:ff:1e:20:40:34:ec:92:fa:f4:75:22:86: a5:27:5c:f4:98:42:aa:76:a9:f7:77:4d:35:a6:4f:c3:08:75: 1f:49:d7:bd:31:33:cb:34:bb:c9:7f:61:2d:14:74:87:f9:77: 32:18:88:0e:bc:dc:35:7e:b6:81:83:22:8d:0c:7d:62:e0:bd: c2:1a:aa:1d:ed:26:e4:36:df:00:85:d7:fe:ca:3f:ff:85:44: 99:b8:f0:a1:4b:a8:11:4e:03:24:65:f2:4b:b9:09:18:54:f5: 8f:20:a5:35 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUX6rKOpyZMknJiKP2ev4xf8RQZT4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY0MjM1MmRiODQxMWRkNWE1ZmIzNzllNTIwMDFjZmFkNGY2OTBmNjUzZTUx N2QzYjFlYjJlODY5MmNlOWFkYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4H4Vy5ZlDvzU96eKZdEVAlxzsST9TBEU+hLcwsLJjm9qShakjbYzIbbrsL X0nXNCHS5Y7hwIV1xYXR+PBMErlw6MIFaVOu5cQVTJfVtxbddFygy0XyDdu7drEZ c2L5gZl87lh/coFYriyFLZ/FAS6y8a877k7+l0KOhF7fXBBvTdXO3B5FwDsum4Qy J64XJiB2Ex0dK6Oz/4bRVNpb5H7NG1+heSM7pXWS/jvOTDXOwpJp4THQ6du+s10f XBnOqXSnDnk2cmVdOSMmoAnvVgb9dlLuE22LeqPHKMQLoo1LXiSWIJ9Nds5KdiGe igj4mHjY99zJZS67kcN/FbaAjH8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHyeHD 8M0uGN8TJQqo4bo1AqKXCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A MA0GCSqGSIb3DQEBCwUAA4IBAQAgh9WIu8vJLWUdUIGN1RDnZzkzQBaVHvkq713W HmQVCfgjCL+/tGX1FXttiR9h6m/U4hFJWXK9ALdhcamoTjfH1jkA9ZZVUGj4Rv9f IIhFGzHZyeSTXAPyYHPdcHeOH4bsjwq5iBf+KJWrhvJTji4S3sL553UIgvy3m/BH S2Ha7luAVX3v0a6wBtkfIxBdeGLC5tEMQLT/HiBANOyS+vR1IoalJ1z0mEKqdqn3 d001pk/DCHUfSde9MTPLNLvJf2EtFHSH+XcyGIgOvNw1fraBgyKNDH1i4L3CGqod 7SbkNt8Ahdf+yj//hUSZuPChS6gRTgMkZfJLuQkYVPWPIKU1 -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:34 2026 by rpki-client