This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa File: cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa (raw, json) Hash identifier: XW2Ak+lkC9Q1wu5XXavtsmhxIGjxtSu7lQ9YM4c5bzo= Subject key identifier: 5E:AE:EE:76:03:D5:EA:BD:C2:A4:F1:1C:81:9D:0E:98:0B:E5:FC:E8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5DA2C0C2A983315409C015EE73D6505DDBB50427 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa Signing time: Wed 10 Dec 2025 05:30:46 +0000 ROA not before: Wed 10 Dec 2025 05:30:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:a2:c0:c2:a9:83:31:54:09:c0:15:ee:73:d6:50:5d:db:b5:04:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4b517e5246252a331f15a27fd93b501e311ef494c8727d6ce7e43129540edda6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:cb:e2:ba:4c:2c:9a:f0:e6:98:02:44:35:17: 8f:34:e0:26:f1:e0:f3:08:d8:a6:07:84:72:89:34: fd:58:31:ff:4c:dd:51:8a:a0:ed:40:20:1f:64:41: d3:71:88:c2:35:5d:ed:74:98:ad:2c:5c:e5:af:66: 31:76:64:b3:88:a7:03:f7:1e:75:2d:9d:11:81:c1: 10:80:81:9b:d9:18:02:cb:29:85:e7:9f:b5:d7:2e: fb:02:98:d3:16:29:b9:7a:6c:89:f8:56:82:db:91: 70:4a:be:3a:c9:61:be:4c:1e:17:8b:06:98:9d:e9: 3e:d1:9e:94:e7:ad:2a:4e:46:6b:f6:08:34:6b:97: 34:12:d5:97:b7:71:51:12:6f:cb:88:65:ba:00:e0: 4a:56:16:b9:e1:ec:62:93:aa:f1:2a:93:e1:13:58: ed:c1:4a:6c:ae:ba:7e:2c:9d:f5:fb:35:86:4a:4e: 2d:43:1c:dc:37:7a:15:b4:ee:cf:59:b3:a0:ca:73: eb:3f:22:21:34:17:46:5e:27:ed:de:27:d5:f3:7b: 64:77:4b:ba:09:e9:58:d9:1a:79:04:18:98:a8:9e: 70:71:9e:bc:42:1b:cd:73:7a:0d:2e:25:e2:35:bd: dc:09:79:ef:85:90:56:bb:2a:d6:40:db:a4:b1:dd: 94:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:AE:EE:76:03:D5:EA:BD:C2:A4:F1:1C:81:9D:0E:98:0B:E5:FC:E8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfe315e6-c630-48bd-8de5-23eee0ad40cd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:8020::/48 Signature Algorithm: sha256WithRSAEncryption 59:37:bf:1c:53:12:e8:b4:aa:0a:d0:d3:ed:56:1c:25:7f:de: 6f:ac:b6:e9:6b:31:14:7a:55:14:c7:03:55:fe:21:66:33:10: d0:d3:1f:e1:84:2f:b8:1a:7a:63:39:41:9c:c2:8c:f5:d1:7f: a3:85:a1:de:c3:32:6b:bb:7f:6d:3f:94:66:22:f1:f0:65:88: bf:6a:6f:d6:94:64:92:b5:e3:4c:5a:5a:72:cf:af:33:c6:0d: 52:48:b2:f1:bb:e0:5f:59:0f:20:e8:0c:91:1c:4f:44:76:88: cb:fd:a8:aa:ca:dc:9f:85:24:4e:17:e8:60:52:26:e3:56:4d: fe:56:78:9e:c8:f4:62:5e:b3:ae:a3:2b:36:77:aa:82:a3:d1: c4:b4:42:4b:42:59:9d:f9:06:6c:da:ff:f5:65:1f:c2:f8:ed: 7b:33:70:4d:73:cf:d6:fc:50:10:13:12:f7:cb:3c:17:8f:d6: 5f:ae:82:41:26:d8:b5:3d:d6:f1:48:b1:57:3d:c7:5e:2a:01: 34:37:06:32:6a:10:71:e6:f2:b1:7a:4b:85:5a:33:0b:3d:97: 75:93:da:3c:ad:e4:2f:72:97:17:ed:fd:11:e9:15:b1:c7:13: 74:f8:6c:dc:15:6d:1e:00:87:a6:29:04:12:98:b0:df:49:f9: 1c:99:6a:98 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUXaLAwqmDMVQJwBXuc9ZQXdu1BCcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDRiNTE3ZTUyNDYyNTJhMzMxZjE1YTI3ZmQ5M2I1MDFlMzExZWY0OTRjODcy N2Q2Y2U3ZTQzMTI5NTQwZWRkYTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALDL4rpMLJrw5pgCRDUXjzTgJvHg8wjYpgeEcok0/Vgx/0zdUYqg7UAgH2RB 03GIwjVd7XSYrSxc5a9mMXZks4inA/cedS2dEYHBEICBm9kYAsspheeftdcu+wKY 0xYpuXpsifhWgtuRcEq+OslhvkweF4sGmJ3pPtGelOetKk5Ga/YINGuXNBLVl7dx URJvy4hlugDgSlYWueHsYpOq8SqT4RNY7cFKbK66fiyd9fs1hkpOLUMc3Dd6FbTu z1mzoMpz6z8iITQXRl4n7d4n1fN7ZHdLugnpWNkaeQQYmKiecHGevEIbzXN6DS4l 4jW93Al574WQVrsq1kDbpLHdlOkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBReru52 A9XqvcKk8RyBnQ6YC+X86DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2ZlMzE1ZTYtYzYzMC00OGJkLThkZTUtMjNlZWUwYWQ0MGNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA IDANBgkqhkiG9w0BAQsFAAOCAQEAWTe/HFMS6LSqCtDT7VYcJX/eb6y26WsxFHpV FMcDVf4hZjMQ0NMf4YQvuBp6YzlBnMKM9dF/o4Wh3sMya7t/bT+UZiLx8GWIv2pv 1pRkkrXjTFpacs+vM8YNUkiy8bvgX1kPIOgMkRxPRHaIy/2oqsrcn4UkThfoYFIm 41ZN/lZ4nsj0Yl6zrqMrNneqgqPRxLRCS0JZnfkGbNr/9WUfwvjtezNwTXPP1vxQ EBMS98s8F4/WX66CQSbYtT3W8UixVz3HXioBNDcGMmoQcebysXpLhVozCz2XdZPa PK3kL3KXF+39EekVsccTdPhs3BVtHgCHpikEEpiw30n5HJlqmA== -----END CERTIFICATE-----Generated at Fri Jan 2 11:04:18 2026 by rpki-client