This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa File: cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa (raw, json) Hash identifier: tke1hkYS/SA3V1aNMG5uNz4f5UQLftCcsOBW7pORc6c= Subject key identifier: 67:7B:3D:92:1C:C1:CF:D9:E1:57:05:47:39:B7:DD:54:3D:FF:0B:F1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1DE70675E64E6A3DAE017FBD30337C56F43D3B43 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa Signing time: Wed 10 Dec 2025 05:50:38 +0000 ROA not before: Wed 10 Dec 2025 05:50:38 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:80a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:e7:06:75:e6:4e:6a:3d:ae:01:7f:bd:30:33:7c:56:f4:3d:3b:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:38 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d8bfbb368e46ef807b781e6c34e8c11f846146b994ab2a8c31528d4157da5d4b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:84:2d:00:31:55:d1:a7:8b:93:5e:79:dd:4f: f0:f2:06:66:28:16:85:74:a1:b9:e3:db:08:a6:20: 7c:ce:5c:c0:51:3f:e9:56:51:6a:0e:4a:28:a4:39: 1d:63:b9:11:4c:57:53:18:bf:86:d8:dc:cb:9e:a6: 11:eb:f2:20:9d:46:4f:37:01:e0:0d:ef:99:e9:9c: dd:8e:7f:b2:93:90:28:39:60:6e:e3:db:b8:20:63: 0c:d5:54:3d:d8:c4:25:37:82:10:da:d7:ec:4d:45: 36:5d:bb:fb:a5:b6:73:4b:5b:d6:23:72:26:e4:f0: 8d:44:ce:0e:5f:77:d1:be:5d:76:50:c5:f4:2a:36: d1:f2:9d:71:cf:80:9e:77:31:70:16:88:b6:17:42: 3b:e9:35:dd:08:d4:8c:15:26:fc:31:fe:67:3d:c9: e5:26:73:19:8b:95:28:6a:10:05:5f:d7:a1:4b:32: 4a:2c:f7:bf:84:9d:17:4a:88:4b:16:df:ab:79:67: 93:ec:90:bf:8e:d9:04:a2:f5:69:33:17:ad:fd:15: 31:9c:d7:89:31:73:7b:e5:9b:68:30:93:4a:b8:43: 17:50:63:31:95:21:4c:86:ec:8b:dc:e1:22:91:c0: d0:e9:71:7b:4e:cd:fc:87:fb:b5:55:12:f3:1d:b3: af:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:7B:3D:92:1C:C1:CF:D9:E1:57:05:47:39:B7:DD:54:3D:FF:0B:F1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:80a0::/48 Signature Algorithm: sha256WithRSAEncryption 6d:e2:7f:18:8e:5f:01:4e:0a:0d:0c:bb:78:15:83:85:08:e4: a3:d2:54:7a:67:03:c2:e9:da:25:3c:7b:79:82:5a:4b:aa:0a: 78:eb:be:6d:cf:03:79:62:d1:fa:24:37:13:03:c0:52:92:5e: f6:19:b8:e8:a0:bc:9b:d3:62:ad:60:32:03:ed:3e:a9:b3:33: c0:dd:9a:cc:0e:b4:f2:ef:3b:97:da:d0:c4:49:cc:3e:d2:0c: 78:a1:ee:a1:61:74:60:bd:cb:50:6a:19:07:c2:a1:85:89:24: 64:7b:b2:2c:13:69:f3:89:9b:44:db:e9:17:fa:01:e1:49:e3: fb:09:e3:c2:5a:31:b8:1f:1d:8a:1a:5d:06:c1:31:36:c0:09: f3:3d:d1:2c:6a:a5:39:be:bc:bf:a7:a9:93:13:37:57:9f:50: 38:07:63:a5:a1:74:0a:ee:4b:2d:76:b7:69:c8:44:76:96:92: 13:54:05:b9:ca:94:60:49:2a:d0:66:ed:55:4f:ef:24:cb:23: fd:98:39:8f:c6:0d:86:36:ee:6d:cc:1c:86:6b:19:1d:70:94: ab:aa:5f:01:09:75:6e:ed:3a:c1:80:f6:3b:08:13:45:af:14: 03:6c:9a:d8:f8:10:2f:ed:f5:3a:2e:4c:ab:c5:70:10:72:15: da:f1:d2:3c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUHecGdeZOaj2uAX+9MDN8VvQ9O0MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMzhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ4YmZiYjM2OGU0NmVmODA3Yjc4MWU2YzM0ZThjMTFmODQ2MTQ2Yjk5NGFi MmE4YzMxNTI4ZDQxNTdkYTVkNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKWELQAxVdGni5Need1P8PIGZigWhXShuePbCKYgfM5cwFE/6VZRag5KKKQ5 HWO5EUxXUxi/htjcy56mEevyIJ1GTzcB4A3vmemc3Y5/spOQKDlgbuPbuCBjDNVU PdjEJTeCENrX7E1FNl27+6W2c0tb1iNyJuTwjUTODl930b5ddlDF9Co20fKdcc+A nncxcBaIthdCO+k13QjUjBUm/DH+Zz3J5SZzGYuVKGoQBV/XoUsySiz3v4SdF0qI Sxbfq3lnk+yQv47ZBKL1aTMXrf0VMZzXiTFze+WbaDCTSrhDF1BjMZUhTIbsi9zh IpHA0Olxe07N/If7tVUS8x2zr/sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnez2S HMHP2eFXBUc5t91UPf8L8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2Y2YWMzZWYtODJmNS00YWJjLWEzNmUtNDA1Yjg2M2Y4ODRiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA oDANBgkqhkiG9w0BAQsFAAOCAQEAbeJ/GI5fAU4KDQy7eBWDhQjko9JUemcDwuna JTx7eYJaS6oKeOu+bc8DeWLR+iQ3EwPAUpJe9hm46KC8m9NirWAyA+0+qbMzwN2a zA608u87l9rQxEnMPtIMeKHuoWF0YL3LUGoZB8KhhYkkZHuyLBNp84mbRNvpF/oB 4Unj+wnjwloxuB8dihpdBsExNsAJ8z3RLGqlOb68v6epkxM3V59QOAdjpaF0Cu5L LXa3achEdpaSE1QFucqUYEkq0GbtVU/vJMsj/Zg5j8YNhjbubcwchmsZHXCUq6pf AQl1bu06wYD2OwgTRa8UA2ya2PgQL+31Oi5Mq8VwEHIV2vHSPA== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:51 2026 by rpki-client