This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json) Hash identifier: ie0uo2xWy2x8QeVQG7n3yqAFuc6nJsdUMa2Wa3l0AcU= Subject key identifier: 2C:DE:4F:6A:3F:48:26:35:00:91:AE:18:02:DA:65:43:D5:0C:5D:7C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0BD7D24E07CA2981E431ECAB91506FD49AB1C021 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa Signing time: Sat 15 Nov 2025 06:40:08 +0000 ROA not before: Sat 15 Nov 2025 06:40:08 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:d7:d2:4e:07:ca:29:81:e4:31:ec:ab:91:50:6f:d4:9a:b1:c0:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:40:08 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5795dcfdfe0425dfc90890cfc7b703a5c9e58a655a61050c790dfaa07875fd90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a2:e5:85:fa:a8:6b:ad:13:cd:f0:f5:55:31: 37:e2:c6:85:35:e0:24:5f:1f:e6:3b:2a:c2:a1:cd: fc:f0:ae:cf:e0:9c:58:ef:a5:9f:18:99:b7:c3:e2: 88:20:dc:6b:80:78:38:cd:ef:17:00:d7:ff:85:98: c5:d2:8a:7e:a8:e1:95:ee:67:81:ac:e8:96:5a:c9: ad:e2:58:18:b9:00:e1:7f:ce:2a:1a:c6:26:12:d5: 56:89:f7:75:16:04:63:55:d3:e2:97:0a:f7:b7:06: 8e:f8:c3:a9:f8:2f:94:38:d5:84:8e:60:5e:69:5c: 89:cd:f0:2b:8a:5d:45:49:a8:b1:91:75:7c:77:12: 49:59:78:bd:39:55:0b:cd:9f:9a:44:82:60:43:2c: 2d:72:03:8b:a4:fc:a7:55:ac:3b:6d:8c:6e:e0:8a: 42:ca:82:b0:1a:48:39:e7:8c:34:4e:15:ba:3c:3b: 1b:d3:73:d3:57:03:cc:3d:64:36:52:78:4e:42:79: 60:6c:86:a5:75:2d:ce:41:1a:0d:57:db:4b:45:aa: 38:92:3a:02:93:a1:2e:6a:7e:50:b7:09:70:61:6a: 49:0a:16:40:1b:18:99:37:43:f9:bf:f4:b8:18:b6: a5:98:c3:6f:51:4c:1f:2e:e0:a3:7a:f9:21:67:ca: 2c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:DE:4F:6A:3F:48:26:35:00:91:AE:18:02:DA:65:43:D5:0C:5D:7C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:1040::/48 Signature Algorithm: sha256WithRSAEncryption 14:61:88:f7:47:f6:76:67:c4:59:45:22:76:d7:02:8f:b4:46: 82:23:91:4d:1e:d1:bc:31:0e:29:35:f2:ef:3f:99:12:9a:4f: e9:89:25:1b:d6:07:4e:d9:5c:fa:97:3e:81:e6:c8:d4:df:c1: 3f:43:a8:1d:0f:70:72:74:57:11:c7:6f:eb:db:fb:b0:6c:0b: a1:56:95:b5:fe:7c:e5:e3:f3:1a:fb:c6:b7:46:83:cb:e2:af: 56:e9:43:4e:86:47:9d:e2:71:9f:f3:e8:26:bf:ee:03:77:f4: 83:c0:40:e1:87:ee:b1:7f:bb:dc:8d:3e:9a:7d:a9:c3:67:33: d3:f9:9f:d5:78:5b:81:34:df:53:6d:ff:15:6e:a5:87:e3:54: c8:c3:52:5d:84:ae:42:c4:5c:b2:1c:fd:86:ef:39:f5:c7:42: cf:2d:b2:ec:18:d0:51:26:9b:b9:14:79:c1:c3:29:c4:c5:00: 34:b3:cc:9c:e1:20:1e:01:04:32:43:6c:2e:56:f3:80:47:52: c2:3f:f1:5c:a1:95:e1:bf:29:6e:21:23:0f:ac:7a:ed:7f:e3: 1e:27:9b:95:d3:b2:96:92:b0:6e:92:2a:74:0c:d2:6b:72:65: 51:05:c8:e2:de:21:31:3d:77:96:a3:82:bc:66:ad:3e:b8:71: fd:0b:2e:c1 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUC9fSTgfKKYHkMeyrkVBv1JqxwCEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjQwMDhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDU3OTVkY2ZkZmUwNDI1ZGZjOTA4OTBjZmM3YjcwM2E1YzllNThhNjU1YTYx MDUwYzc5MGRmYWEwNzg3NWZkOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANii5YX6qGutE83w9VUxN+LGhTXgJF8f5jsqwqHN/PCuz+CcWO+lnxiZt8Pi iCDca4B4OM3vFwDX/4WYxdKKfqjhle5ngazollrJreJYGLkA4X/OKhrGJhLVVon3 dRYEY1XT4pcK97cGjvjDqfgvlDjVhI5gXmlcic3wK4pdRUmosZF1fHcSSVl4vTlV C82fmkSCYEMsLXIDi6T8p1WsO22MbuCKQsqCsBpIOeeMNE4Vujw7G9Nz01cDzD1k NlJ4TkJ5YGyGpXUtzkEaDVfbS0WqOJI6ApOhLmp+ULcJcGFqSQoWQBsYmTdD+b/0 uBi2pZjDb1FMHy7go3r5IWfKLLECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQs3k9q P0gmNQCRrhgC2mVD1QxdfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ QDANBgkqhkiG9w0BAQsFAAOCAQEAFGGI90f2dmfEWUUidtcCj7RGgiORTR7RvDEO KTXy7z+ZEppP6YklG9YHTtlc+pc+gebI1N/BP0OoHQ9wcnRXEcdv69v7sGwLoVaV tf585ePzGvvGt0aDy+KvVulDToZHneJxn/PoJr/uA3f0g8BA4YfusX+73I0+mn2p w2cz0/mf1XhbgTTfU23/FW6lh+NUyMNSXYSuQsRcshz9hu859cdCzy2y7BjQUSab uRR5wcMpxMUANLPMnOEgHgEEMkNsLlbzgEdSwj/xXKGV4b8pbiEjD6x67X/jHieb ldOylpKwbpIqdAzSa3JlUQXI4t4hMT13lqOCvGatPrhx/QsuwQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:10 2025 by rpki-client