This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa File: 03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa (raw, json) Hash identifier: YPh2HpIvRZvORrPOGcBABLHI89bhG80MVfa4pSJ8cYQ= Subject key identifier: 3A:BA:CD:C4:C8:21:F5:01:79:7C:E2:F8:4A:ED:47:CA:D4:20:AB:D2 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 236958004E376B8298A603F5DB0E66E00E5EE84E Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa Signing time: Tue 02 Dec 2025 01:30:16 +0000 ROA not before: Tue 02 Dec 2025 01:30:16 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc5:9800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:69:58:00:4e:37:6b:82:98:a6:03:f5:db:0e:66:e0:0e:5e:e8:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:16 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=fbd18073138f177f0427f25f1e288b258bc42552f52dc5f826fc5a928e0189b4, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:31:fe:26:27:ba:a5:4b:c1:31:ea:cf:4e:bd: f0:0b:95:7a:14:b7:6a:cd:80:9a:44:54:40:8c:bd: 97:31:63:df:5d:35:c6:ca:7a:57:40:b1:cb:34:f8: 95:31:c8:3c:0d:db:a3:ba:d2:ea:47:48:e6:7d:0f: 5f:36:3a:8a:69:6a:1f:ff:28:e3:f4:90:8e:c1:a4: 15:ca:ed:87:0f:51:b5:8c:44:25:66:3e:5b:5e:03: 63:58:b6:a9:fc:17:22:34:da:c4:3b:61:28:61:ee: 64:d5:04:88:b8:96:84:e6:2c:bd:3d:7b:84:00:c4: 16:62:bc:1b:d1:af:6e:09:fc:99:1d:74:1f:dc:8c: 1a:c4:02:7c:0e:1f:f0:5d:01:31:ad:be:50:68:66: 0a:7f:1e:86:1e:c6:f9:bb:78:20:2d:bf:b3:4c:d5: 51:fd:28:ca:ae:4b:ef:c4:11:11:2d:73:b1:05:01: e3:43:42:a5:04:37:14:21:52:52:b4:b6:0c:7d:cc: 0a:31:da:a5:fd:0c:3e:fc:9f:56:00:88:b6:e8:21: 26:22:6e:07:54:d0:e3:23:1b:37:d6:81:94:76:60: fe:bd:f9:f5:23:98:cb:d6:52:76:c5:3e:3d:4a:49: bb:c1:ed:db:85:a1:64:ea:3f:4e:de:ac:98:d9:73: 78:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:BA:CD:C4:C8:21:F5:01:79:7C:E2:F8:4A:ED:47:CA:D4:20:AB:D2 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc5:9800::/40 Signature Algorithm: sha256WithRSAEncryption 3b:8a:a4:fb:9a:03:15:59:5b:e3:fc:f0:d8:0c:43:70:bc:29: ee:d2:33:0f:27:9e:9e:48:4e:5d:e2:7f:22:0d:03:bd:68:35: bf:99:ff:58:76:03:db:d5:f8:79:fd:6e:60:63:28:ac:04:e9: c4:af:d6:43:0b:c2:1c:86:e9:59:c2:c7:46:fa:4c:c6:33:bf: 7b:1b:30:28:18:b4:f0:93:c9:65:00:6f:d0:f9:a9:50:1b:10: 19:61:ac:19:e3:28:2b:98:2f:87:8b:42:1e:54:0b:1a:f2:93: ab:c6:d6:8b:82:56:84:37:26:a6:2c:09:d0:73:6f:86:a7:57: f9:4e:71:37:d7:1d:b3:87:a1:67:24:b6:9a:60:bf:2d:9a:85: 8b:8f:f4:16:f8:c7:b5:1f:1c:84:f5:85:f4:7f:c7:e0:73:cd: 85:2b:05:68:55:82:7e:31:1f:c7:18:f8:b5:87:01:a9:f5:e6: 3c:9b:eb:be:bb:7a:aa:51:d5:56:81:66:47:ef:ea:1a:d5:e2: e0:dd:f4:30:2b:c8:41:9a:f6:4f:01:31:c1:d3:f3:5e:79:6d: 7a:13:61:a6:5e:c8:35:c2:db:5e:d1:e3:65:9c:65:d4:25:71: 76:eb:ba:03:dc:b1:82:40:f0:b5:37:2e:da:84:43:b6:bc:e1: 14:58:95:47 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUI2lYAE43a4KYpgP12w5m4A5e6E4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGZiZDE4MDczMTM4ZjE3N2YwNDI3ZjI1ZjFlMjg4YjI1OGJjNDI1NTJmNTJk YzVmODI2ZmM1YTkyOGUwMTg5YjQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgx/iYnuqVLwTHqz0698AuVehS3as2AmkRUQIy9lzFj3101xsp6V0CxyzT4 lTHIPA3bo7rS6kdI5n0PXzY6imlqH/8o4/SQjsGkFcrthw9RtYxEJWY+W14DY1i2 qfwXIjTaxDthKGHuZNUEiLiWhOYsvT17hADEFmK8G9Gvbgn8mR10H9yMGsQCfA4f 8F0BMa2+UGhmCn8ehh7G+bt4IC2/s0zVUf0oyq5L78QRES1zsQUB40NCpQQ3FCFS UrS2DH3MCjHapf0MPvyfVgCItughJiJuB1TQ4yMbN9aBlHZg/r359SOYy9ZSdsU+ PUpJu8Ht24WhZOo/Tt6smNlzeJ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6us3E yCH1AXl84vhK7UfK1CCr0jAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MDNkNjY0ZWYtMDBjYi00MzlhLTljMzAtZThlZWRjYTNlN2ZiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WY MA0GCSqGSIb3DQEBCwUAA4IBAQA7iqT7mgMVWVvj/PDYDENwvCnu0jMPJ56eSE5d 4n8iDQO9aDW/mf9YdgPb1fh5/W5gYyisBOnEr9ZDC8IchulZwsdG+kzGM797GzAo GLTwk8llAG/Q+alQGxAZYawZ4ygrmC+Hi0IeVAsa8pOrxtaLglaENyamLAnQc2+G p1f5TnE31x2zh6FnJLaaYL8tmoWLj/QW+Me1HxyE9YX0f8fgc82FKwVoVYJ+MR/H GPi1hwGp9eY8m+u+u3qqUdVWgWZH7+oa1eLg3fQwK8hBmvZPATHB0/NeeW16E2Gm Xsg1wtte0eNlnGXUJXF267oD3LGCQPC1Ny7ahEO2vOEUWJVH -----END CERTIFICATE-----Generated at Sun Dec 7 00:16:33 2025 by rpki-client