This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa File: 19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa (raw, json) Hash identifier: kcqC1xE+bCLJau96odOxVTip42WbymjK9ME0LYNrFdQ= Subject key identifier: C3:E8:52:19:09:6F:F3:FC:D6:4D:FC:A1:9C:88:B8:3A:11:71:98:69 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 615C58940FC4B7A3180FB32A80137788592A6337 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa Signing time: Tue 02 Dec 2025 01:30:15 +0000 ROA not before: Tue 02 Dec 2025 01:30:15 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:5c:58:94:0f:c4:b7:a3:18:0f:b3:2a:80:13:77:88:59:2a:63:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:15 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=cf99e78239a6e5f68bff37f8a8e2728170a1183667014e73d7b7704e824222c6, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:fc:7c:40:4c:61:dd:cb:74:af:67:99:74:88: 45:65:19:25:13:56:3a:4e:ac:34:be:a8:de:e4:2b: 0b:cc:1c:1d:38:10:30:42:2f:a2:4c:f8:56:14:e0: 75:bc:c5:9c:ad:2e:16:88:0b:0c:ac:2a:66:fe:8c: 5f:28:bb:dc:a4:d5:bf:0a:b3:84:42:9e:47:5a:00: 51:71:2e:e1:db:33:4d:6c:53:68:45:84:62:ea:a3: d5:9c:71:20:d4:3e:63:84:f9:85:cc:b0:3a:53:b1: 98:a1:ec:d8:a9:db:fd:67:5d:d7:46:98:f6:0a:09: e5:2a:b7:c3:9c:d3:8e:4f:9d:c7:96:2f:84:f2:79: f5:7f:51:18:7f:b5:83:04:99:54:0a:f3:52:3c:26: 14:af:f9:e1:00:ab:58:35:37:96:62:2c:ae:1b:a7: 30:08:ba:f0:f3:ed:94:0a:d0:da:46:69:e4:0c:71: 1c:ee:47:09:14:34:7c:3d:9f:56:37:b7:36:b2:1c: 7e:f9:9c:d8:42:f7:93:18:78:a0:b4:1b:37:37:d0: 37:2f:3b:b0:80:b3:1c:d2:f4:d6:37:21:59:13:81: 8f:80:d4:e1:27:d9:70:31:af:dc:e6:0e:8b:42:97: 55:d2:c6:84:67:50:87:d0:37:5e:6a:28:a0:05:06: 42:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:E8:52:19:09:6F:F3:FC:D6:4D:FC:A1:9C:88:B8:3A:11:71:98:69 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:2800::/40 Signature Algorithm: sha256WithRSAEncryption 7f:32:bf:ad:2c:df:19:ce:80:8b:ff:01:61:45:69:78:4a:a2: 6c:a9:1d:64:1c:c1:30:c6:27:43:d9:10:8c:a2:49:de:ac:91: da:f6:27:e1:40:6b:62:ba:06:0a:45:58:78:70:ad:5c:f6:5c: 2e:4e:dd:63:91:46:07:95:d0:49:d9:59:35:08:dd:66:af:c3: 5a:6d:ad:ad:d0:18:f7:e3:74:88:21:f1:1e:09:53:b4:41:01: 51:4e:1e:1e:79:98:95:e1:b2:3e:ec:1d:b1:09:f6:37:74:e4: 8a:7e:dc:fe:91:28:01:b2:a7:e2:52:63:cd:c9:53:73:d7:3c: 63:f6:35:ee:e9:ff:53:67:45:98:6a:a3:e1:ab:33:22:1f:42: 62:8a:9b:52:17:31:e2:37:8f:5d:21:f9:bf:bf:4b:ea:aa:7d: 13:7a:34:34:d1:d2:cd:36:d7:17:c9:ac:88:b6:26:ce:76:3a: 23:10:2f:bc:71:9e:50:39:f2:4a:32:17:ed:f4:b0:cc:d8:d5: e5:20:d3:0a:4c:59:a5:bb:6d:3c:68:f8:43:f3:be:1c:44:a9: 84:2b:ae:02:79:1a:4c:ec:b5:93:25:64:c9:5b:fe:28:01:16: 86:f3:bb:ad:5b:66:a7:bf:ce:70:1f:2a:d9:24:82:70:7e:36: cd:71:c0:b5 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYVxYlA/Et6MYD7MqgBN3iFkqYzcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTVaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGNmOTllNzgyMzlhNmU1ZjY4YmZmMzdmOGE4ZTI3MjgxNzBhMTE4MzY2NzAx NGU3M2Q3Yjc3MDRlODI0MjIyYzYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKz8fEBMYd3LdK9nmXSIRWUZJRNWOk6sNL6o3uQrC8wcHTgQMEIvokz4VhTg dbzFnK0uFogLDKwqZv6MXyi73KTVvwqzhEKeR1oAUXEu4dszTWxTaEWEYuqj1Zxx INQ+Y4T5hcywOlOxmKHs2Knb/Wdd10aY9goJ5Sq3w5zTjk+dx5YvhPJ59X9RGH+1 gwSZVArzUjwmFK/54QCrWDU3lmIsrhunMAi68PPtlArQ2kZp5AxxHO5HCRQ0fD2f Vje3NrIcfvmc2EL3kxh4oLQbNzfQNy87sICzHNL01jchWROBj4DU4SfZcDGv3OYO i0KXVdLGhGdQh9A3XmoooAUGQmkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTD6FIZ CW/z/NZN/KGciLg6EXGYaTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MTllNmQ1OWItNzk4ZC00ODhhLTlmZGItOTRiYjBkMTRjZWI2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co MA0GCSqGSIb3DQEBCwUAA4IBAQB/Mr+tLN8ZzoCL/wFhRWl4SqJsqR1kHMEwxidD 2RCMoknerJHa9ifhQGtiugYKRVh4cK1c9lwuTt1jkUYHldBJ2Vk1CN1mr8Naba2t 0Bj343SIIfEeCVO0QQFRTh4eeZiV4bI+7B2xCfY3dOSKftz+kSgBsqfiUmPNyVNz 1zxj9jXu6f9TZ0WYaqPhqzMiH0JiiptSFzHiN49dIfm/v0vqqn0TejQ00dLNNtcX yayItibOdjojEC+8cZ5QOfJKMhft9LDM2NXlINMKTFmlu208aPhD874cRKmEK64C eRpM7LWTJWTJW/4oARaG87utW2anv85wHyrZJIJwfjbNccC1 -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:05 2025 by rpki-client