This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa File: cead5bc0-2620-45bc-b97b-adb00020a426.roa (raw, json) Hash identifier: cwpbnwVLgKu7NInK4hGQz+HRpAvGfBq7o63TSI7aBfQ= Subject key identifier: 5C:41:CA:1B:69:FB:BE:9A:8A:E6:71:BC:3B:E7:7D:AC:F1:E4:8B:68 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5F9A01A7B93D6F09B91F4FB6D4F817E6A9BD6134 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa Signing time: Wed 10 Dec 2025 06:20:09 +0000 ROA not before: Wed 10 Dec 2025 06:20:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:9a:01:a7:b9:3d:6f:09:b9:1f:4f:b6:d4:f8:17:e6:a9:bd:61:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=625c9f975b4d15a2658959b7d6a546115b7038e04e73d538457b984c14eb15c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:89:82:62:48:d8:93:dd:12:9d:11:e4:56:44: af:44:50:76:64:94:6f:6a:2c:55:e9:c9:9c:dc:b3: df:36:c1:03:3d:02:3f:4f:81:43:82:dc:8b:97:b2: 10:4d:ea:6f:52:e4:96:6f:f5:85:d6:ec:66:76:d2: dd:e2:4c:4b:ed:1e:1b:0b:9e:57:72:63:cd:de:de: 16:81:d2:12:b9:1f:61:8c:c6:cb:b3:cc:e1:88:92: 33:33:50:73:05:44:50:76:02:3f:d2:14:95:7d:d1: 5b:52:ba:2a:be:78:1b:3a:cf:f0:a4:1d:ac:cb:74: 0a:91:ca:1a:56:1b:57:90:ac:af:5b:97:ef:6d:29: ee:4c:d8:a1:ce:5e:84:83:80:89:59:1d:d5:3c:7b: 67:a3:38:21:5b:2f:cc:19:1b:d3:31:a5:eb:22:e4: 32:23:5d:f8:d5:97:90:6f:fe:d4:b8:3e:58:5e:9d: 07:cc:10:de:9a:83:ea:b4:70:ac:61:65:c7:cd:a5: 98:65:c1:6f:6c:29:8a:3d:4d:32:19:86:05:da:54: 5e:be:49:5a:5e:e3:93:c5:fb:9c:92:c7:8e:5d:dc: 91:34:f0:d3:d6:85:8f:c4:d0:b5:95:31:ee:31:2e: 1c:7e:bc:49:7f:26:01:be:4b:f1:3f:ea:4c:88:22: df:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:41:CA:1B:69:FB:BE:9A:8A:E6:71:BC:3B:E7:7D:AC:F1:E4:8B:68 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:e080::/48 Signature Algorithm: sha256WithRSAEncryption 6d:47:86:54:f4:ba:08:38:d9:ab:72:c1:d1:3d:7a:6c:29:8d: be:18:65:af:77:de:34:af:35:6b:97:f2:13:da:1b:76:fe:78: 91:c1:5b:83:f3:cc:1f:60:ff:3c:41:ac:68:0d:20:dd:75:48: b0:7c:06:29:10:d0:53:ab:2c:51:98:8f:27:41:1b:4f:1d:5a: 60:a8:20:f2:d3:16:11:33:fa:96:73:2c:5e:c4:e2:66:d5:29: 08:a6:13:a3:9d:4b:47:67:28:80:8b:14:1c:c4:bc:09:5a:2f: c9:16:56:34:95:a1:37:21:63:98:20:a2:ae:9c:64:ab:cc:fc: 7a:2a:dd:96:84:7f:f4:87:1a:3b:72:9b:73:30:9e:ca:31:2e: e2:10:ac:0c:db:a4:b0:96:a1:30:2b:6a:d8:b1:f4:d6:5c:d9: dc:f1:e8:42:b4:bd:6f:5e:4d:21:db:cd:24:3f:7d:fc:7b:28: 28:c5:e0:14:41:5b:7f:33:c3:0a:00:b6:5c:1c:f8:1e:e5:1d: ac:da:7a:af:21:0c:4f:08:ec:d6:17:7c:72:db:95:36:28:a1: c0:b6:ff:bb:32:1c:f5:aa:10:71:2a:b0:a0:1e:25:d4:36:45: 59:d5:f2:b0:43:56:62:16:ad:c4:88:cd:50:5e:6b:66:df:2e: a5:b9:43:67 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUX5oBp7k9bwm5H0+21PgX5qm9YTQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDYyNWM5Zjk3NWI0ZDE1YTI2NTg5NTliN2Q2YTU0NjExNWI3MDM4ZTA0ZTcz ZDUzODQ1N2I5ODRjMTRlYjE1YzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN2JgmJI2JPdEp0R5FZEr0RQdmSUb2osVenJnNyz3zbBAz0CP0+BQ4Lci5ey EE3qb1Lklm/1hdbsZnbS3eJMS+0eGwueV3Jjzd7eFoHSErkfYYzGy7PM4YiSMzNQ cwVEUHYCP9IUlX3RW1K6Kr54GzrP8KQdrMt0CpHKGlYbV5Csr1uX720p7kzYoc5e hIOAiVkd1Tx7Z6M4IVsvzBkb0zGl6yLkMiNd+NWXkG/+1Lg+WF6dB8wQ3pqD6rRw rGFlx82lmGXBb2wpij1NMhmGBdpUXr5JWl7jk8X7nJLHjl3ckTTw09aFj8TQtZUx 7jEuHH68SX8mAb5L8T/qTIgi380CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcQcob afu+mormcbw7532s8eSLaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2VhZDViYzAtMjYyMC00NWJjLWI5N2ItYWRiMDAwMjBhNDI2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg gDANBgkqhkiG9w0BAQsFAAOCAQEAbUeGVPS6CDjZq3LB0T16bCmNvhhlr3feNK81 a5fyE9obdv54kcFbg/PMH2D/PEGsaA0g3XVIsHwGKRDQU6ssUZiPJ0EbTx1aYKgg 8tMWETP6lnMsXsTiZtUpCKYTo51LR2cogIsUHMS8CVovyRZWNJWhNyFjmCCirpxk q8z8eirdloR/9IcaO3KbczCeyjEu4hCsDNuksJahMCtq2LH01lzZ3PHoQrS9b15N IdvNJD99/HsoKMXgFEFbfzPDCgC2XBz4HuUdrNp6ryEMTwjs1hd8ctuVNiihwLb/ uzIc9aoQcSqwoB4l1DZFWdXysENWYhatxIjNUF5rZt8upblDZw== -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:12 2026 by rpki-client