This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/346959dd-64e1-47f4-a247-4a19fe4282cf.roa File: 346959dd-64e1-47f4-a247-4a19fe4282cf.roa (raw, json) Hash identifier: n8a5b3ZLMb9ZlwjqJsHVvASgUYA/+9xyqbYJqwl9PHY= Subject key identifier: 9A:0C:22:F4:50:8A:00:AB:9E:8F:2C:9A:F8:E7:D0:8A:46:4B:14:43 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 0E7ABF64D744959CCBEC3CD0E8DFE096DB380152 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/346959dd-64e1-47f4-a247-4a19fe4282cf.roa Signing time: Tue 02 Dec 2025 01:40:22 +0000 ROA not before: Tue 02 Dec 2025 01:40:22 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:7a:bf:64:d7:44:95:9c:cb:ec:3c:d0:e8:df:e0:96:db:38:01:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:22 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=b6dae823963c79bb76e274233f7f8c4ed0627e1b6a769699c80cf5e7769fbec4, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7e:e1:11:b8:ba:42:59:be:b5:f9:4b:1e:d4: e5:be:9e:1e:e1:82:e5:1c:6e:e9:77:5b:f8:d7:f7: cb:f6:62:54:61:b2:07:55:e2:0f:ec:1d:bd:7d:8c: 2f:a5:c5:0c:33:3a:7b:88:7a:7b:15:e6:19:92:7e: 81:fd:63:7a:95:68:8e:7e:f0:cd:55:8b:2f:70:df: 04:ce:c1:cd:57:3c:e9:a5:86:36:c1:aa:99:ad:19: e0:77:80:2f:cb:ac:1f:5d:2a:4e:cc:ec:ef:34:5d: 3b:eb:36:94:f2:2d:71:5f:2f:20:9a:de:bc:a4:c3: 0d:81:eb:86:44:1f:07:0d:be:4e:a3:59:51:68:71: 8f:28:bb:32:06:3b:43:7c:12:4b:d1:17:57:fa:c7: 77:3f:c1:11:d8:df:9e:2b:d0:71:8c:0c:21:b7:73: 19:d2:d4:07:41:d6:d2:ec:3f:95:80:71:40:18:ad: 4a:91:2b:67:33:d8:7d:e4:58:42:c3:83:ad:1d:b0: 9b:a6:0b:9d:83:47:ab:25:01:ee:44:e7:27:77:01: 2c:98:5a:35:8e:f9:bf:db:ae:9a:dc:e7:a5:8c:62: 03:d7:72:e5:60:16:cf:45:d4:ba:ab:70:fa:b6:4f: 16:e4:26:ad:3e:c8:b5:2d:f8:3a:96:e0:11:c6:ca: 71:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:0C:22:F4:50:8A:00:AB:9E:8F:2C:9A:F8:E7:D0:8A:46:4B:14:43 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/346959dd-64e1-47f4-a247-4a19fe4282cf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc1::/32 Signature Algorithm: sha256WithRSAEncryption 88:43:13:8b:d1:36:75:f5:4c:25:d0:20:f9:82:af:a3:67:d5: 0d:64:56:d3:ef:a6:7f:0c:45:dc:00:d6:3e:86:1c:73:16:4b: 67:34:e1:4c:ee:02:bd:1b:69:36:3e:68:17:72:0d:dd:a4:1f: b9:26:08:8a:76:e8:0d:9d:47:63:b0:d1:6b:06:94:64:e0:56: b1:e5:2c:79:b9:35:56:9c:03:0e:24:fc:7c:c2:27:54:c8:4d: e6:05:fc:22:d0:61:9b:04:1b:23:5c:c9:31:fc:5d:fa:df:47: 1f:f2:b0:1f:a4:f6:f9:34:ee:9e:88:02:b2:b0:0c:59:cb:36: 52:12:68:aa:01:b9:f0:0c:b6:e8:db:57:78:72:79:4b:9a:1f: e3:85:21:c8:b2:34:3d:a7:a4:77:d4:80:71:76:94:0f:9a:ad: e8:3c:07:a7:1a:a2:d4:c8:b8:78:c4:8a:e2:73:3e:a7:01:18: ca:30:07:c1:b7:5f:35:59:25:d5:de:2b:2e:a3:89:49:89:16: f0:d1:94:ce:cc:35:9b:23:43:f6:2b:3f:7e:62:59:f6:ef:3e: 85:cc:77:20:20:a1:b3:0a:44:87:31:95:3f:11:bb:03:32:c5: ec:76:1d:b7:09:ff:70:a6:14:81:77:2e:a5:dc:8d:58:96:72: a9:31:bc:81 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUDnq/ZNdElZzL7DzQ6N/glts4AVIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjJaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGI2ZGFlODIzOTYzYzc5YmI3NmUyNzQyMzNmN2Y4YzRlZDA2MjdlMWI2YTc2 OTY5OWM4MGNmNWU3NzY5ZmJlYzQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9+4RG4ukJZvrX5Sx7U5b6eHuGC5Rxu6Xdb+Nf3y/ZiVGGyB1XiD+wdvX2M L6XFDDM6e4h6exXmGZJ+gf1jepVojn7wzVWLL3DfBM7BzVc86aWGNsGqma0Z4HeA L8usH10qTszs7zRdO+s2lPItcV8vIJrevKTDDYHrhkQfBw2+TqNZUWhxjyi7MgY7 Q3wSS9EXV/rHdz/BEdjfnivQcYwMIbdzGdLUB0HW0uw/lYBxQBitSpErZzPYfeRY QsODrR2wm6YLnYNHqyUB7kTnJ3cBLJhaNY75v9uumtznpYxiA9dy5WAWz0XUuqtw +rZPFuQmrT7ItS34OpbgEcbKcTsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSaDCL0 UIoAq56PLJr459CKRksUQzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MzQ2OTU5ZGQtNjRlMS00N2Y0LWEyNDctNGExOWZlNDI4MmNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Ew DQYJKoZIhvcNAQELBQADggEBAIhDE4vRNnX1TCXQIPmCr6Nn1Q1kVtPvpn8MRdwA 1j6GHHMWS2c04UzuAr0baTY+aBdyDd2kH7kmCIp26A2dR2Ow0WsGlGTgVrHlLHm5 NVacAw4k/HzCJ1TITeYF/CLQYZsEGyNcyTH8XfrfRx/ysB+k9vk07p6IArKwDFnL NlISaKoBufAMtujbV3hyeUuaH+OFIciyND2npHfUgHF2lA+areg8B6caotTIuHjE iuJzPqcBGMowB8G3XzVZJdXeKy6jiUmJFvDRlM7MNZsjQ/YrP35iWfbvPoXMdyAg obMKRIcxlT8RuwMyxex2HbcJ/3CmFIF3LqXcjViWcqkxvIE= -----END CERTIFICATE-----Generated at Sat Dec 6 20:52:06 2025 by rpki-client