This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json) Hash identifier: V7nQNdd3JVgs6QjTIos8otkj/755igLKB8PYM/lBFoY= Subject key identifier: 00:EA:86:17:80:7D:C3:CB:73:65:3A:F6:0B:9E:C9:E3:B5:19:62:6F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3777858CC062FD5CA8CBA9B4D846B6E06EBA8E30 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa Signing time: Sat 15 Nov 2025 06:20:57 +0000 ROA not before: Sat 15 Nov 2025 06:20:57 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:77:85:8c:c0:62:fd:5c:a8:cb:a9:b4:d8:46:b6:e0:6e:ba:8e:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:57 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=efa88be015d75cbade45921493c6d173b03779cca7699a7e5840f9d61facd588, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:e8:2c:df:25:d4:3b:d8:80:05:e3:82:8a:9f: 84:55:dd:ac:08:48:73:82:43:8a:e7:81:56:a5:5b: 77:7f:c1:58:b4:aa:ab:4a:cf:2a:ea:5f:cd:02:3d: 4c:8c:56:9b:76:1d:ed:49:86:61:0e:2f:4e:d7:fe: f0:f5:5e:7a:bf:2c:a0:47:6d:16:da:fb:41:2a:4c: b2:37:91:22:66:75:ab:dc:0c:84:6f:9e:c5:1e:50: 85:ee:f6:88:6c:5a:8a:7f:e9:1a:8c:cf:58:96:95: 73:69:c3:b2:19:ae:08:4c:c9:c4:df:49:63:05:81: 0d:2c:97:fb:37:5b:4f:0e:26:a5:f7:d4:85:17:2c: 3d:0a:11:67:69:15:89:81:53:28:1c:3f:df:2f:e6: 3b:d5:80:0d:17:06:b5:7c:09:7e:cf:56:f7:f9:4e: 56:3b:17:55:6b:ca:b8:17:45:3a:3a:bd:39:e0:52: f3:e4:86:42:ee:cd:2d:f2:f9:be:0b:8e:b3:b3:02: 0c:e7:83:97:64:03:40:81:c5:ac:8d:93:e0:67:d2: bc:b9:49:3d:07:b0:ef:a3:23:15:8a:ed:90:f0:48: 27:6f:78:91:b1:5a:14:ba:75:8c:58:90:df:27:5b: e7:d8:12:3a:32:5a:57:f3:4c:32:da:b9:19:cd:4e: 34:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:EA:86:17:80:7D:C3:CB:73:65:3A:F6:0B:9E:C9:E3:B5:19:62:6F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 3c:50:ae:85:b4:36:ed:39:04:d5:65:46:b0:10:f9:e5:2a:67: a9:a9:a1:b4:45:36:06:8b:f9:9c:06:36:52:ce:5b:ed:72:57: e3:2a:43:e3:1e:10:78:9b:0f:5b:d9:43:e1:57:5c:da:8e:05: 96:93:45:3e:49:bd:d8:81:2d:65:69:14:42:1a:b9:2d:80:3b: 93:11:a0:d5:06:b9:47:c0:c8:9a:09:56:d8:86:d2:65:00:b2: 43:72:1f:3d:0f:20:ad:fe:1a:98:d7:27:66:42:10:cb:cd:43: 49:0e:80:23:eb:56:f6:f7:05:bc:de:4f:b1:ce:4e:b3:c5:e6: 9a:dd:79:35:20:43:45:fa:01:29:c5:43:db:15:93:ca:6e:22: 9a:93:73:f2:72:5d:a9:f2:c2:32:65:f4:dc:5a:80:2e:fd:46: 7a:5c:f1:a3:1b:3c:d4:a8:70:07:f3:d1:f4:ce:41:0c:d1:b4: 67:06:64:ff:9d:35:fb:24:83:12:19:60:1e:cc:d5:b3:b6:f9: 9d:26:4e:ac:21:ab:3d:2e:50:74:ff:9c:a7:43:a9:5a:84:6e: 65:6b:d7:c5:00:15:7f:dc:e6:dd:6a:72:29:df:b8:36:ea:cf: e3:3f:67:47:13:9c:2c:ce:8e:d7:df:d1:81:4f:23:57:2c:2e: 10:ca:93:4b -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUN3eFjMBi/Vyoy6m02Ea24G66jjAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwNTdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGVmYTg4YmUwMTVkNzVjYmFkZTQ1OTIxNDkzYzZkMTczYjAzNzc5Y2NhNzY5 OWE3ZTU4NDBmOWQ2MWZhY2Q1ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3oLN8l1DvYgAXjgoqfhFXdrAhIc4JDiueBVqVbd3/BWLSqq0rPKupfzQI9 TIxWm3Yd7UmGYQ4vTtf+8PVeer8soEdtFtr7QSpMsjeRImZ1q9wMhG+exR5Qhe72 iGxain/pGozPWJaVc2nDshmuCEzJxN9JYwWBDSyX+zdbTw4mpffUhRcsPQoRZ2kV iYFTKBw/3y/mO9WADRcGtXwJfs9W9/lOVjsXVWvKuBdFOjq9OeBS8+SGQu7NLfL5 vguOs7MCDOeDl2QDQIHFrI2T4GfSvLlJPQew76MjFYrtkPBIJ294kbFaFLp1jFiQ 3ydb59gSOjJaV/NMMtq5Gc1ONKcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQA6oYX gH3Dy3NlOvYLnsnjtRlibzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg wDANBgkqhkiG9w0BAQsFAAOCAQEAPFCuhbQ27TkE1WVGsBD55SpnqamhtEU2Bov5 nAY2Us5b7XJX4ypD4x4QeJsPW9lD4Vdc2o4FlpNFPkm92IEtZWkUQhq5LYA7kxGg 1Qa5R8DImglW2IbSZQCyQ3IfPQ8grf4amNcnZkIQy81DSQ6AI+tW9vcFvN5Psc5O s8Xmmt15NSBDRfoBKcVD2xWTym4impNz8nJdqfLCMmX03FqALv1Gelzxoxs81Khw B/PR9M5BDNG0ZwZk/501+ySDEhlgHszVs7b5nSZOrCGrPS5QdP+cp0OpWoRuZWvX xQAVf9zm3WpyKd+4NurP4z9nRxOcLM6O19/RgU8jVywuEMqTSw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:37 2025 by rpki-client