This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json) Hash identifier: OCCV194cOvLHJ7OxXamS7JWdIMZjX6Wrp3/Xzm0xtCU= Subject key identifier: F1:74:B7:08:DD:FC:18:AE:1D:61:F1:C5:9B:C9:1D:30:A1:F9:3E:2E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 142794F9E1C655D7EF3B41499911EF29655114B7 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa Signing time: Wed 10 Dec 2025 06:00:43 +0000 ROA not before: Wed 10 Dec 2025 06:00:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:e040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:27:94:f9:e1:c6:55:d7:ef:3b:41:49:99:11:ef:29:65:51:14:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ee6217353e07c82378f5d0f45655c4ca4fc15aec78990adce1981cbc6d269967, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:56:a1:7c:82:88:ea:10:47:6b:3c:10:f5:93: 89:ec:24:5a:c4:47:23:0c:42:1d:2f:89:2e:bb:7d: 8d:f5:fc:63:ae:a7:f6:92:47:81:fc:dd:57:dc:7b: 34:89:b0:19:a8:6e:93:c1:e8:96:37:90:83:97:43: c6:2b:f7:10:1a:ab:63:9b:8c:1b:81:d5:b2:87:7f: ae:7f:54:44:61:26:2a:ca:c3:08:4d:e6:c0:7b:73: 41:2f:83:f8:f4:ab:ef:ff:c2:2f:48:be:15:40:0a: a4:ab:00:27:cb:ca:f3:af:ec:ca:df:ad:4b:ab:cf: 6b:eb:04:d0:f0:38:1b:ec:a9:e3:40:6b:4b:63:d9: 5e:7c:60:d0:ce:b9:cd:82:65:1f:60:c7:22:c4:4f: aa:86:96:81:08:4f:30:fc:cc:b2:26:c9:e7:07:fc: f5:42:38:36:ba:38:88:ea:a3:bb:cf:66:12:56:4f: aa:68:69:4d:79:e6:29:3f:c4:2e:e2:f7:c1:6e:3f: 0d:d2:2e:49:3b:a3:c6:72:8b:8b:cc:ce:d6:8c:df: ea:e2:93:de:c9:4a:68:f6:97:41:c8:4f:0d:fa:1a: 21:c0:c2:c4:86:ff:2a:fe:c8:d5:94:47:c5:c9:06: 1b:d9:87:84:12:73:e2:89:36:3a:43:82:ce:3d:46: e3:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:74:B7:08:DD:FC:18:AE:1D:61:F1:C5:9B:C9:1D:30:A1:F9:3E:2E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:e040::/48 Signature Algorithm: sha256WithRSAEncryption a4:d3:c2:08:2a:8f:2a:e4:cb:07:19:7f:a6:ce:bb:4a:1f:85: c2:df:e4:0c:78:53:54:5c:2d:41:90:88:fa:8f:50:1d:f1:be: ca:f6:db:6f:6d:cc:45:dc:40:b1:2f:35:2c:dc:d9:21:c3:33: a9:a9:e6:65:70:d0:e9:b4:8b:c0:7f:97:e2:3c:d2:f3:3c:a9: a3:6c:a2:b3:4a:7a:55:e1:a0:0c:84:c8:93:09:ed:0e:18:32: 91:a1:11:67:37:25:3c:3b:14:75:63:19:af:0d:35:90:3d:73: d0:40:74:44:65:29:e9:41:b3:a7:4f:24:b2:c3:91:59:47:df: 42:9b:13:9b:09:11:c1:e1:24:c6:82:12:3e:16:c9:f8:fe:ef: 2a:1d:77:9a:a6:64:4a:00:0f:62:41:b4:1f:06:01:b5:e8:8e: 2f:8f:14:c4:b1:72:c9:b3:c5:89:3a:8c:03:4b:54:d6:00:f1: 60:69:8f:48:1b:60:63:03:cf:4a:f2:6a:4d:ec:09:c2:95:3a: 4f:b8:58:0d:04:db:12:ac:dc:b1:c9:6a:c2:4f:fa:c3:d5:13: 23:29:89:65:0f:8d:66:88:aa:2a:ef:b6:04:cf:19:8d:15:af: 9c:ce:ed:38:7d:1a:9a:8e:c6:74:63:cf:1f:f1:d5:ee:c1:01: 2c:56:ca:f6 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFCeU+eHGVdfvO0FJmRHvKWVRFLcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVlNjIxNzM1M2UwN2M4MjM3OGY1ZDBmNDU2NTVjNGNhNGZjMTVhZWM3ODk5 MGFkY2UxOTgxY2JjNmQyNjk5NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANZWoXyCiOoQR2s8EPWTiewkWsRHIwxCHS+JLrt9jfX8Y66n9pJHgfzdV9x7 NImwGahuk8HoljeQg5dDxiv3EBqrY5uMG4HVsod/rn9URGEmKsrDCE3mwHtzQS+D +PSr7//CL0i+FUAKpKsAJ8vK86/syt+tS6vPa+sE0PA4G+yp40BrS2PZXnxg0M65 zYJlH2DHIsRPqoaWgQhPMPzMsibJ5wf89UI4Nro4iOqju89mElZPqmhpTXnmKT/E LuL3wW4/DdIuSTujxnKLi8zO1ozf6uKT3slKaPaXQchPDfoaIcDCxIb/Kv7I1ZRH xckGG9mHhBJz4ok2OkOCzj1G42sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTxdLcI 3fwYrh1h8cWbyR0wofk+LjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g QDANBgkqhkiG9w0BAQsFAAOCAQEApNPCCCqPKuTLBxl/ps67Sh+Fwt/kDHhTVFwt QZCI+o9QHfG+yvbbb23MRdxAsS81LNzZIcMzqanmZXDQ6bSLwH+X4jzS8zypo2yi s0p6VeGgDITIkwntDhgykaERZzclPDsUdWMZrw01kD1z0EB0RGUp6UGzp08kssOR WUffQpsTmwkRweEkxoISPhbJ+P7vKh13mqZkSgAPYkG0HwYBteiOL48UxLFyybPF iTqMA0tU1gDxYGmPSBtgYwPPSvJqTewJwpU6T7hYDQTbEqzcsclqwk/6w9UTIymJ ZQ+NZoiqKu+2BM8ZjRWvnM7tOH0amo7GdGPPH/HV7sEBLFbK9g== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:48 2026 by rpki-client