This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa File: cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa (raw, json) Hash identifier: R5hE0RyQaZOkG+WUUWHEr2GCEbmFz3cD6VSSc7KmiCE= Subject key identifier: CF:75:DE:16:28:5C:A1:7B:DD:B2:74:5B:1F:DA:73:3D:DA:8A:06:D0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 364C30FC391C4C8AF1D0F207EB68F1307953C973 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa Signing time: Sat 29 Nov 2025 03:00:13 +0000 ROA not before: Sat 29 Nov 2025 03:00:13 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:4c:30:fc:39:1c:4c:8a:f1:d0:f2:07:eb:68:f1:30:79:53:c9:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:13 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=2429aa72e0e6ed587a66e4aaaeb695de634238c7b4f7685ea0b291c23b2b155e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:50:e1:42:cf:ee:0e:58:a3:04:c4:94:45:c3: f1:00:14:52:61:8c:44:bc:bc:ae:11:4c:10:80:cb: 15:ae:7a:cd:b5:1c:e4:1b:a6:7b:0b:50:69:ad:e8: 97:26:24:21:86:a7:6f:9a:ca:a9:8e:17:80:a0:10: 37:7a:1d:88:69:a6:b1:b4:e4:c0:71:89:e0:b4:08: d4:06:2a:d6:8f:02:e0:1c:0d:1c:72:c5:5b:45:9b: b5:d5:5c:b5:80:cf:3b:db:6c:8d:0f:ae:43:7f:3f: af:57:d2:30:cd:68:27:19:69:87:1b:84:f2:c8:a2: ca:3e:08:b6:d4:8b:24:fd:04:a7:e7:8e:a7:fc:f8: 36:9c:39:b3:63:ee:9e:fc:2e:a3:55:2b:ae:05:73: b2:ac:53:92:d9:ce:ce:38:cc:c8:39:8e:a2:ef:24: 24:c1:4c:1e:b3:91:11:93:d3:26:36:f5:00:88:9e: da:8a:b5:fa:7d:d4:4f:17:26:c2:79:10:d3:8e:fb: 08:7b:ea:40:55:6a:54:98:65:1e:6c:6a:c9:2f:e5: c4:bb:66:57:ac:3d:3a:79:b8:ed:97:da:48:b5:0c: da:bf:94:f9:e5:1f:c8:53:f2:9c:0f:97:ba:6a:c5: 58:e5:fb:f4:ad:94:b8:65:77:95:82:c5:35:de:a8: 73:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:75:DE:16:28:5C:A1:7B:DD:B2:74:5B:1F:DA:73:3D:DA:8A:06:D0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:800::/40 Signature Algorithm: sha256WithRSAEncryption 99:b5:b5:b2:d7:c0:ed:0e:f1:f4:9e:53:e4:ea:91:d5:50:53: 1c:38:f4:55:01:c9:25:82:84:cb:64:2a:ea:d2:3b:25:2c:41: 50:89:4c:b8:8d:75:78:30:a2:64:4f:c9:59:7a:2f:ef:90:02: a4:e0:91:2c:47:f5:19:f2:91:4e:c3:6a:79:62:fd:f3:a9:b9: 25:ff:9c:11:f2:fc:1c:e3:65:b5:61:a9:01:6f:d0:d0:92:93: af:96:a9:06:01:7a:1f:0c:ae:2b:5d:f7:4f:be:a1:79:de:a3: 2d:ed:4c:11:f6:b0:58:8a:13:4c:6f:61:31:1b:ac:9a:4c:cc: 23:54:5a:d3:3b:70:49:a6:50:b4:34:97:34:22:4b:48:85:8c: 19:6c:53:43:47:52:e0:b3:be:61:54:66:c8:80:b8:83:0b:d0: c5:81:a5:77:5a:51:1f:2e:21:0e:62:45:03:e2:e4:4c:95:35: 1a:73:af:5f:fd:e2:a5:4a:bd:3e:b6:ec:1c:a3:6e:1b:32:05: 23:1b:aa:f4:c8:4f:92:54:7b:ad:9b:a0:b9:48:e5:f1:7c:53: b3:78:aa:75:f3:d5:a1:3a:4e:f0:8b:b8:c2:81:a4:ac:cf:ab: 82:ba:53:ee:b3:5d:cf:b4:49:f0:63:2e:7d:e6:ad:8b:3c:3a: 5b:cb:8e:84 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNkww/DkcTIrx0PIH62jxMHlTyXMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMTNaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDI0MjlhYTcyZTBlNmVkNTg3YTY2ZTRhYWFlYjY5NWRlNjM0MjM4YzdiNGY3 Njg1ZWEwYjI5MWMyM2IyYjE1NWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVQ4ULP7g5YowTElEXD8QAUUmGMRLy8rhFMEIDLFa56zbUc5BumewtQaa3o lyYkIYanb5rKqY4XgKAQN3odiGmmsbTkwHGJ4LQI1AYq1o8C4BwNHHLFW0WbtdVc tYDPO9tsjQ+uQ38/r1fSMM1oJxlphxuE8siiyj4IttSLJP0Ep+eOp/z4Npw5s2Pu nvwuo1UrrgVzsqxTktnOzjjMyDmOou8kJMFMHrOREZPTJjb1AIie2oq1+n3UTxcm wnkQ0477CHvqQFVqVJhlHmxqyS/lxLtmV6w9Onm47ZfaSLUM2r+U+eUfyFPynA+X umrFWOX79K2UuGV3lYLFNd6oc0UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPdd4W KFyhe92ydFsf2nM92ooG0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2JkMjFiOWUtNzYyNy00ZWJjLWExZjgtNjM4OTBiNWQ0MTQ0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI MA0GCSqGSIb3DQEBCwUAA4IBAQCZtbWy18DtDvH0nlPk6pHVUFMcOPRVAcklgoTL ZCrq0jslLEFQiUy4jXV4MKJkT8lZei/vkAKk4JEsR/UZ8pFOw2p5Yv3zqbkl/5wR 8vwc42W1YakBb9DQkpOvlqkGAXofDK4rXfdPvqF53qMt7UwR9rBYihNMb2ExG6ya TMwjVFrTO3BJplC0NJc0IktIhYwZbFNDR1Lgs75hVGbIgLiDC9DFgaV3WlEfLiEO YkUD4uRMlTUac69f/eKlSr0+tuwco24bMgUjG6r0yE+SVHutm6C5SOXxfFOzeKp1 89WhOk7wi7jCgaSsz6uCulPus13PtEnwYy595q2LPDpby46E -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:52 2025 by rpki-client