This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa File: 0582d0d5-4d6b-43e7-869e-df722bf70a81.roa (raw, json) Hash identifier: IQcFiR0075zAlQCCrRzgbjA54pouGbe4DyKrWp9FxEI= Subject key identifier: 2D:DE:EC:FB:C2:72:F4:EF:26:B1:6B:7A:39:7C:DC:26:F6:5A:85:95 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 2E4E50BF9740F375A65858FFCC680BB9BADB2D65 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa Signing time: Tue 02 Dec 2025 01:40:37 +0000 ROA not before: Tue 02 Dec 2025 01:40:37 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:4e:50:bf:97:40:f3:75:a6:58:58:ff:cc:68:0b:b9:ba:db:2d:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:37 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=9caf56db9f4f0e1d90f39f4f27c0fb136a3fc740a126847152a8afaa8ebc3504, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ca:44:df:e5:ee:71:a2:8f:01:97:e0:69:80: 04:4a:af:dd:b8:76:74:3e:93:ce:28:94:fa:50:dd: 8d:20:a1:52:9e:ad:35:51:6e:77:32:ae:d1:c1:a6: f6:8a:3a:7e:b1:73:5a:09:4d:6b:0b:96:c6:53:64: 3a:f4:2b:1e:99:55:b2:cb:25:6f:d3:19:09:ef:2b: 87:22:53:80:fe:89:44:6f:e0:10:33:a4:0a:ca:13: 77:e3:b2:d2:2b:0f:8e:b3:a2:24:8f:01:31:e9:74: 2d:1e:dc:bb:5f:bd:0c:a7:75:63:82:09:6b:81:35: a4:0a:15:83:64:b5:7b:68:2f:0f:f6:77:11:0e:5c: 02:8b:55:af:5c:37:55:57:16:76:09:df:36:3e:d9: 30:b6:fa:0b:f5:40:c3:93:89:57:26:bc:85:ab:26: 4e:81:0f:fa:88:46:09:0d:87:64:ba:b4:2b:89:67: 69:97:42:d2:be:01:4e:e5:cd:43:e7:e4:40:76:83: 25:2f:a2:bf:d3:0d:14:a1:3c:5a:8b:ec:69:16:8e: dd:71:39:62:a8:4e:a2:21:1f:76:11:7d:90:d0:cb: af:fa:f5:fa:94:da:a4:9b:e8:e2:6c:61:10:67:2d: 9c:b4:ac:6c:81:78:51:4a:65:7a:60:a4:f0:72:36: 2d:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:DE:EC:FB:C2:72:F4:EF:26:B1:6B:7A:39:7C:DC:26:F6:5A:85:95 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:2880::/48 Signature Algorithm: sha256WithRSAEncryption 6a:9a:2c:ae:f4:f2:84:d6:5b:61:67:91:89:89:bb:4d:b2:6e: 6f:00:46:05:43:96:0f:f0:e2:83:9c:1a:4e:b5:79:de:30:f4: d8:d4:ea:17:6d:c0:83:a9:b5:b5:65:09:78:78:eb:59:02:98: 34:90:2f:95:df:21:00:f4:80:37:0b:55:6e:a7:49:a4:77:2c: 55:0c:63:89:84:00:7e:96:81:77:fd:db:a4:8c:cf:d1:91:51: ba:b0:ba:ea:69:49:b1:9b:ad:1f:41:89:e9:c1:f0:ab:14:dd: 98:42:0b:df:29:6a:30:ef:92:3f:8e:23:dc:8e:c5:78:f6:ff: b5:72:4f:e3:d2:eb:94:fd:eb:b9:ea:c3:14:16:cb:09:47:d7: 48:81:3c:6e:f6:06:b4:6d:0b:b8:74:5f:7e:b9:2b:bc:8d:25: bd:2e:12:1d:ee:6e:dc:52:e4:9a:8d:d0:13:c9:f0:c9:0c:81: 0b:8a:90:ba:7d:b1:95:34:eb:0d:db:25:b3:f8:61:57:ec:04: 33:76:0c:f0:e1:08:cf:da:b9:60:ed:3e:0b:ee:62:94:ae:51: a3:5e:72:af:ff:bc:5b:3c:68:04:a5:21:83:38:32:dd:01:61: 71:bb:22:f6:69:13:9e:9b:37:83:aa:33:63:b9:57:c0:d6:7d: 49:b5:c3:67 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIULk5Qv5dA83WmWFj/zGgLubrbLWUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzdaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDljYWY1NmRiOWY0ZjBlMWQ5MGYzOWY0ZjI3YzBmYjEzNmEzZmM3NDBhMTI2 ODQ3MTUyYThhZmFhOGViYzM1MDQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfKRN/l7nGijwGX4GmABEqv3bh2dD6TziiU+lDdjSChUp6tNVFudzKu0cGm 9oo6frFzWglNawuWxlNkOvQrHplVssslb9MZCe8rhyJTgP6JRG/gEDOkCsoTd+Oy 0isPjrOiJI8BMel0LR7cu1+9DKd1Y4IJa4E1pAoVg2S1e2gvD/Z3EQ5cAotVr1w3 VVcWdgnfNj7ZMLb6C/VAw5OJVya8hasmToEP+ohGCQ2HZLq0K4lnaZdC0r4BTuXN Q+fkQHaDJS+iv9MNFKE8WovsaRaO3XE5YqhOoiEfdhF9kNDLr/r1+pTapJvo4mxh EGctnLSsbIF4UUplemCk8HI2LY0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQt3uz7 wnL07yaxa3o5fNwm9lqFlTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MDU4MmQwZDUtNGQ2Yi00M2U3LTg2OWUtZGY3MjJiZjcwYTgxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co gDANBgkqhkiG9w0BAQsFAAOCAQEAaposrvTyhNZbYWeRiYm7TbJubwBGBUOWD/Di g5waTrV53jD02NTqF23Ag6m1tWUJeHjrWQKYNJAvld8hAPSANwtVbqdJpHcsVQxj iYQAfpaBd/3bpIzP0ZFRurC66mlJsZutH0GJ6cHwqxTdmEIL3ylqMO+SP44j3I7F ePb/tXJP49LrlP3ruerDFBbLCUfXSIE8bvYGtG0LuHRffrkrvI0lvS4SHe5u3FLk mo3QE8nwyQyBC4qQun2xlTTrDdsls/hhV+wEM3YM8OEIz9q5YO0+C+5ilK5Ro15y r/+8WzxoBKUhgzgy3QFhcbsi9mkTnps3g6ozY7lXwNZ9SbXDZw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:05 2025 by rpki-client