This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa File: cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa (raw, json) Hash identifier: qd1un98q/43aE9CazuCdZYRZ7ZNPmVP3XeBIBJs/7VQ= Subject key identifier: CC:DD:AB:AC:7D:23:8C:13:DC:91:6F:F0:28:CA:34:31:AE:C4:AC:D6 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2F58556370A6D65D7C66EE28E4385EA7082F7B65 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa Signing time: Wed 10 Dec 2025 06:11:32 +0000 ROA not before: Wed 10 Dec 2025 06:11:32 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d03a:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:58:55:63:70:a6:d6:5d:7c:66:ee:28:e4:38:5e:a7:08:2f:7b:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:11:32 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=af1d4f1083d5f11485e44a4aa4e09527811ba9f19ca04b1718adc984bb0d3788, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:38:c9:52:87:9a:c2:d0:1f:b1:e0:cc:f0:76: 99:91:50:55:33:1d:d6:ce:8e:59:33:82:63:9b:c9: 3f:86:6d:cb:db:78:f2:f4:d3:f8:7b:a5:eb:09:f8: 7a:31:c1:17:ae:82:64:bd:7c:5f:e4:28:9a:b4:6a: c6:7c:c0:29:ba:eb:60:09:85:00:86:aa:0a:40:a2: a4:7c:00:4d:d7:ee:ad:22:88:78:30:c6:06:34:36: 7a:36:e9:43:c5:b4:b6:23:59:4d:4f:07:d4:01:31: 0b:d5:a9:e1:70:3b:72:c0:6c:b6:1b:c0:5a:ad:fe: 11:de:87:63:a3:30:72:53:70:71:a7:44:92:f0:09: 67:f6:65:d5:b4:ca:18:ee:b3:5c:ea:54:19:21:41: 52:59:f4:b3:42:81:91:7c:ae:29:71:9a:08:5f:ae: 61:54:15:08:10:bb:48:58:30:1f:2e:7f:b3:b1:3e: 92:dc:b4:a2:de:d9:e0:3e:d2:1c:52:67:cb:24:18: e7:6c:f0:0f:2b:28:a0:d8:b8:db:4a:3d:82:b3:70: ea:73:4f:92:35:bd:57:bc:4d:48:16:85:b7:ac:1d: 39:65:3a:d5:3c:e1:ea:0e:34:14:b1:8d:97:08:9e: 5c:03:86:49:79:f1:4d:45:6d:e6:5e:f7:fc:40:b0: b9:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:DD:AB:AC:7D:23:8C:13:DC:91:6F:F0:28:CA:34:31:AE:C4:AC:D6 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d03a:c000::/40 Signature Algorithm: sha256WithRSAEncryption 03:01:95:3f:85:52:71:c7:0b:c9:aa:0d:8a:70:e3:e1:7a:a5: 91:84:04:77:11:31:93:e2:77:67:e6:52:cb:c4:fe:3d:dc:e8: b7:b3:ee:31:0e:80:b5:4e:df:e6:ce:31:7f:1f:17:dd:dc:af: f9:d3:f0:41:eb:bb:3a:dd:45:90:a1:0b:86:47:90:06:68:87: bb:06:5d:66:5a:89:23:59:69:da:3d:3c:58:27:f2:14:05:6b: dd:e4:77:55:bc:b5:88:21:47:96:5d:8e:e8:f2:70:3f:8b:ae: 29:41:1e:1d:9f:23:98:81:46:24:c7:a4:b2:f4:06:cc:0c:7f: a0:8f:b1:8b:0c:f3:fc:26:62:ae:36:54:4a:6f:c9:9a:fb:7b: 22:03:7f:65:56:8b:7c:00:f8:19:fa:1b:31:95:8c:d8:7f:4d: 9e:2b:b4:60:a7:5a:f9:86:3b:0d:f6:c2:98:33:f9:fc:1b:3b: ef:2d:35:62:ed:f9:44:46:36:c8:b7:5f:18:1d:ff:6e:b6:1d: df:7b:3a:d1:b2:25:b2:50:bc:1f:b0:33:85:e6:8d:ab:b2:64: 7c:1e:af:9c:32:25:f1:90:18:0b:66:06:9a:52:96:ef:65:0a: 1c:17:27:71:d3:e8:83:0c:87:e3:49:c1:d1:13:cb:fa:a6:f6: bb:c4:d7:7f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUL1hVY3Cm1l18Zu4o5Dhepwgve2UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjExMzJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGFmMWQ0ZjEwODNkNWYxMTQ4NWU0NGE0YWE0ZTA5NTI3ODExYmE5ZjE5Y2Ew NGIxNzE4YWRjOTg0YmIwZDM3ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALU4yVKHmsLQH7HgzPB2mZFQVTMd1s6OWTOCY5vJP4Zty9t48vTT+Hul6wn4 ejHBF66CZL18X+QomrRqxnzAKbrrYAmFAIaqCkCipHwATdfurSKIeDDGBjQ2ejbp Q8W0tiNZTU8H1AExC9Wp4XA7csBsthvAWq3+Ed6HY6MwclNwcadEkvAJZ/Zl1bTK GO6zXOpUGSFBUln0s0KBkXyuKXGaCF+uYVQVCBC7SFgwHy5/s7E+kty0ot7Z4D7S HFJnyyQY52zwDysooNi420o9grNw6nNPkjW9V7xNSBaFt6wdOWU61Tzh6g40FLGN lwieXAOGSXnxTUVt5l73/ECwuSMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTM3aus fSOME9yRb/AoyjQxrsSs1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2I4ZjRmMzctZmVjZC00YmM2LThlZGMtODBiZTlmMmZiZWRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DrA MA0GCSqGSIb3DQEBCwUAA4IBAQADAZU/hVJxxwvJqg2KcOPheqWRhAR3ETGT4ndn 5lLLxP493Oi3s+4xDoC1Tt/mzjF/Hxfd3K/50/BB67s63UWQoQuGR5AGaIe7Bl1m WokjWWnaPTxYJ/IUBWvd5HdVvLWIIUeWXY7o8nA/i64pQR4dnyOYgUYkx6Sy9AbM DH+gj7GLDPP8JmKuNlRKb8ma+3siA39lVot8APgZ+hsxlYzYf02eK7Rgp1r5hjsN 9sKYM/n8GzvvLTVi7flERjbIt18YHf9uth3fezrRsiWyULwfsDOF5o2rsmR8Hq+c MiXxkBgLZgaaUpbvZQocFydx0+iDDIfjScHRE8v6pva7xNd/ -----END CERTIFICATE-----Generated at Tue Dec 16 04:35:10 2025 by rpki-client