This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa File: 0cadec3e-a35e-4321-b172-825de7a521d7.roa (raw, json) Hash identifier: /nj9jA7y7b+iZoHisAc8++JGH7rTeZ4P+KcmaeXn+IU= Subject key identifier: C2:6C:A4:65:3D:D2:04:FF:EF:79:8F:46:E4:96:6C:5A:05:95:22:84 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6F88D81E1CA2EF8EEE26EFF49857E7E9E41EB48D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa Signing time: Sat 15 Nov 2025 05:40:05 +0000 ROA not before: Sat 15 Nov 2025 05:40:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:88:d8:1e:1c:a2:ef:8e:ee:26:ef:f4:98:57:e7:e9:e4:1e:b4:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=2db0c9ee822c65d8d8cc4917fc3b79a9128db65ecb6d11c25d6b81452d711ab0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:9b:2c:7b:e0:09:e2:9f:27:da:ec:5e:93:1e: 7f:93:7a:9a:a5:65:ce:3f:e6:3d:84:a4:51:ea:4e: b2:1d:0c:e3:5e:30:47:be:fc:60:eb:fc:56:68:ec: c2:a2:bc:27:01:c2:e9:fe:64:fb:8b:f3:ad:88:d7: 7f:a7:e6:a8:b7:77:cf:e5:1a:18:ca:80:7e:b5:6f: eb:dc:24:f6:bd:6c:20:f4:82:1f:7b:26:84:90:9d: f7:ca:1a:38:d6:4c:d6:c4:16:91:13:60:47:eb:a6: 5f:48:d5:0a:05:c2:9c:fc:24:79:52:d7:9c:f7:bf: 61:d9:09:c2:25:f3:aa:09:e8:ed:c0:48:6d:cc:c6: e1:2d:49:b4:8d:57:72:24:ab:e4:14:05:1b:48:a0: 9b:89:28:22:8e:7c:32:45:0c:14:8b:97:ab:01:b8: ac:0b:be:7f:60:0e:7b:47:7c:c5:14:d2:8d:ee:a8: 7c:98:79:9e:71:ab:4c:4e:bc:74:7b:15:5b:1e:c9: 57:5d:0f:03:91:13:cd:82:5f:e4:33:9a:6e:aa:2e: 10:6e:c8:d3:94:d8:f1:2f:62:45:1f:90:af:1d:1f: 3d:06:c6:c6:41:ed:82:ff:5c:6a:13:44:8c:6c:51: 61:77:9c:0e:31:27:54:57:db:0f:00:27:df:fc:2c: 27:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:6C:A4:65:3D:D2:04:FF:EF:79:8F:46:E4:96:6C:5A:05:95:22:84 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cadec3e-a35e-4321-b172-825de7a521d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:90c0::/48 Signature Algorithm: sha256WithRSAEncryption a4:d9:62:68:97:b9:c6:f3:96:5c:04:5d:e9:61:e1:f4:ea:0a: bb:12:1f:c9:76:f0:c6:e5:72:fb:89:f6:0c:85:4b:0e:e7:01: 08:b4:7d:5d:6c:bf:fa:eb:15:29:94:1f:bf:43:7d:2b:d2:cd: 0d:e4:0b:ec:18:0e:02:4b:96:d6:9d:2a:ce:0c:6b:d6:1e:e4: 3e:24:3b:80:d3:ad:47:f5:8a:88:e7:52:e9:5e:ab:cf:33:ac: f6:69:4b:45:90:ce:68:f2:26:41:ab:41:cb:3c:da:46:b8:c1: 61:1d:88:aa:29:1c:ee:60:bf:5d:10:40:bd:46:9a:90:b1:a0: 37:7f:c1:7f:2b:7b:e7:cb:b0:ad:d7:59:35:1a:d5:98:ef:6c: 02:51:a1:66:e4:ea:b9:1b:52:cc:98:69:29:f9:f3:98:23:43: 0d:10:3f:91:1f:3e:b1:ee:10:45:01:b1:c8:c4:a9:22:94:e0: 70:f7:a7:20:63:0e:5b:b6:0d:2f:52:77:12:bc:a8:64:4a:5a: f5:a2:6b:e2:ca:7a:92:0c:1e:fb:b0:71:4a:1d:02:77:e9:19: 74:5c:e8:c1:13:e9:e4:1a:8b:f2:6d:68:88:43:46:d6:0c:79: e4:c5:bd:cd:7b:81:8a:ec:66:81:ba:97:38:47:ed:5a:93:43: 72:cc:d2:26 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUb4jYHhyi747uJu/0mFfn6eQetI0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDJkYjBjOWVlODIyYzY1ZDhkOGNjNDkxN2ZjM2I3OWE5MTI4ZGI2NWVjYjZk MTFjMjVkNmI4MTQ1MmQ3MTFhYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANebLHvgCeKfJ9rsXpMef5N6mqVlzj/mPYSkUepOsh0M414wR778YOv8Vmjs wqK8JwHC6f5k+4vzrYjXf6fmqLd3z+UaGMqAfrVv69wk9r1sIPSCH3smhJCd98oa ONZM1sQWkRNgR+umX0jVCgXCnPwkeVLXnPe/YdkJwiXzqgno7cBIbczG4S1JtI1X ciSr5BQFG0igm4koIo58MkUMFIuXqwG4rAu+f2AOe0d8xRTSje6ofJh5nnGrTE68 dHsVWx7JV10PA5ETzYJf5DOabqouEG7I05TY8S9iRR+Qrx0fPQbGxkHtgv9cahNE jGxRYXecDjEnVFfbDwAn3/wsJ08CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTCbKRl PdIE/+95j0bklmxaBZUihDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGNhZGVjM2UtYTM1ZS00MzIxLWIxNzItODI1ZGU3YTUyMWQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ wDANBgkqhkiG9w0BAQsFAAOCAQEApNliaJe5xvOWXARd6WHh9OoKuxIfyXbwxuVy +4n2DIVLDucBCLR9XWy/+usVKZQfv0N9K9LNDeQL7BgOAkuW1p0qzgxr1h7kPiQ7 gNOtR/WKiOdS6V6rzzOs9mlLRZDOaPImQatByzzaRrjBYR2Iqikc7mC/XRBAvUaa kLGgN3/Bfyt758uwrddZNRrVmO9sAlGhZuTquRtSzJhpKfnzmCNDDRA/kR8+se4Q RQGxyMSpIpTgcPenIGMOW7YNL1J3EryoZEpa9aJr4sp6kgwe+7BxSh0Cd+kZdFzo wRPp5BqL8m1oiENG1gx55MW9zXuBiuxmgbqXOEftWpNDcszSJg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:08 2025 by rpki-client