This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json) Hash identifier: doJs8OCtjTyhyCOEYR99ce0oBNr5BBv9w4ORhiomCEY= Subject key identifier: 2E:AF:E1:61:7C:22:6E:35:1C:F8:2C:AE:70:7F:C0:30:5C:28:CE:2E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 56334D74FB8572C28F654CAFE8410DA910166097 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa Signing time: Sat 15 Nov 2025 06:01:12 +0000 ROA not before: Sat 15 Nov 2025 06:01:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:e040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:33:4d:74:fb:85:72:c2:8f:65:4c:af:e8:41:0d:a9:10:16:60:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:01:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f310471f1ccde1998859cf18086de23811132470be8cdec4ab018e2e9448dbaf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8b:a9:cc:8e:44:a3:bd:7f:57:9a:79:45:09: 9e:23:56:7e:11:59:50:dd:fb:01:e4:14:3e:97:dc: 1e:48:a0:73:5f:2c:1d:f8:76:25:1e:37:c2:c8:ba: e6:25:d3:04:d4:14:80:58:82:71:04:d4:74:48:99: 32:e7:10:c3:2b:be:e9:28:eb:cd:66:74:0e:a7:52: 80:9f:7d:55:d8:63:6b:d6:46:b3:31:a2:81:0f:f0: 4a:43:c3:21:58:95:e1:67:54:02:e7:34:32:d9:5c: 50:88:7e:02:7d:c1:f4:69:d3:40:cc:15:ba:58:5d: f7:00:f9:83:63:10:f9:08:0f:9c:b5:c5:0c:64:cf: 3f:ce:e1:be:87:9d:4e:5f:32:5c:b7:5d:08:fd:56: d4:31:4a:c9:ff:f1:8b:de:62:cb:cd:0e:9f:5b:1d: 63:3f:e2:ff:a9:d7:79:ad:86:65:b3:ba:93:9d:1f: 9b:56:49:13:b7:01:c9:de:3d:8e:00:d9:45:73:a8: 79:2d:5a:3b:0f:57:28:f5:e8:5d:42:bb:d2:27:fa: 41:10:03:dc:ad:f4:6d:a1:20:72:ee:b7:0e:14:73: ba:af:93:41:e3:3c:06:19:7e:d1:eb:e3:71:b6:48: 56:0f:f8:46:23:c4:b1:28:9b:d4:d7:7a:18:30:20: e4:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:AF:E1:61:7C:22:6E:35:1C:F8:2C:AE:70:7F:C0:30:5C:28:CE:2E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:e040::/48 Signature Algorithm: sha256WithRSAEncryption 40:62:23:30:24:8a:9e:a4:c2:34:77:0d:fb:e5:b1:ca:67:9b: 92:cd:66:76:88:ad:17:83:2b:3d:e6:17:ae:37:37:a8:bc:4e: a9:b8:93:21:ef:de:5f:27:b6:2f:01:f4:b2:34:ba:bb:12:bc: b5:7f:ee:69:19:f7:cd:60:01:ef:52:6a:9a:2e:3d:6b:ad:63: 88:94:69:61:52:28:1f:0d:e0:39:f1:0b:1e:0a:e6:34:2d:b2: c3:80:c2:5d:a8:91:a5:9f:db:0b:d6:6c:1e:2b:48:2b:a2:b1: a7:4d:90:a4:62:9c:a7:e7:0d:00:92:32:63:e3:f9:b3:49:0f: cc:5e:73:31:b4:c3:19:b5:ab:bd:13:c8:4a:a7:ad:69:0f:c3: a3:4b:ed:a8:a8:25:80:67:b0:21:4f:6b:2b:9f:5c:32:20:96: c7:53:dc:47:40:ca:c1:b4:7d:71:64:fe:85:38:1f:a4:8f:e0: 42:11:3f:f3:37:a0:e0:8f:a5:fe:d5:0d:82:14:9d:e2:33:4f: 38:94:9f:25:4a:03:11:c1:88:8c:99:33:1a:f9:7a:00:96:a5: 9d:64:de:c1:fb:40:18:50:ec:a6:72:91:a5:d5:f6:8f:fa:2a: 8d:26:86:c1:9d:7c:46:bd:c5:69:7a:b6:73:d4:85:45:3a:5d: 92:96:24:a6 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUVjNNdPuFcsKPZUyv6EENqRAWYJcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAxMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGYzMTA0NzFmMWNjZGUxOTk4ODU5Y2YxODA4NmRlMjM4MTExMzI0NzBiZThj ZGVjNGFiMDE4ZTJlOTQ0OGRiYWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKLqcyORKO9f1eaeUUJniNWfhFZUN37AeQUPpfcHkigc18sHfh2JR43wsi6 5iXTBNQUgFiCcQTUdEiZMucQwyu+6SjrzWZ0DqdSgJ99Vdhja9ZGszGigQ/wSkPD IViV4WdUAuc0MtlcUIh+An3B9GnTQMwVulhd9wD5g2MQ+QgPnLXFDGTPP87hvoed Tl8yXLddCP1W1DFKyf/xi95iy80On1sdYz/i/6nXea2GZbO6k50fm1ZJE7cByd49 jgDZRXOoeS1aOw9XKPXoXUK70if6QRAD3K30baEgcu63DhRzuq+TQeM8Bhl+0evj cbZIVg/4RiPEsSib1Nd6GDAg5PcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQur+Fh fCJuNRz4LK5wf8AwXCjOLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g QDANBgkqhkiG9w0BAQsFAAOCAQEAQGIjMCSKnqTCNHcN++Wxymebks1mdoitF4Mr PeYXrjc3qLxOqbiTIe/eXye2LwH0sjS6uxK8tX/uaRn3zWAB71Jqmi49a61jiJRp YVIoHw3gOfELHgrmNC2yw4DCXaiRpZ/bC9ZsHitIK6Kxp02QpGKcp+cNAJIyY+P5 s0kPzF5zMbTDGbWrvRPISqetaQ/Do0vtqKglgGewIU9rK59cMiCWx1PcR0DKwbR9 cWT+hTgfpI/gQhE/8zeg4I+l/tUNghSd4jNPOJSfJUoDEcGIjJkzGvl6AJalnWTe wftAGFDspnKRpdX2j/oqjSaGwZ18Rr3FaXq2c9SFRTpdkpYkpg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:51 2025 by rpki-client