This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/3a33d844-426b-41b8-aa8c-f4ab26a66ff2.roa File: 3a33d844-426b-41b8-aa8c-f4ab26a66ff2.roa (raw, json) Hash identifier: sINgE6JZxE62OAP+0MWZX6MdczgOcpnYsYKqrxcdcgY= Subject key identifier: F2:3E:55:4A:2F:46:ED:D1:4C:5B:99:43:9A:0E:A7:5A:FE:93:57:53 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 23BA118D76224CB6143003E3BC36E6D9EF637411 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/3a33d844-426b-41b8-aa8c-f4ab26a66ff2.roa Signing time: Tue 02 Dec 2025 01:40:34 +0000 ROA not before: Tue 02 Dec 2025 01:40:34 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc5:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:ba:11:8d:76:22:4c:b6:14:30:03:e3:bc:36:e6:d9:ef:63:74:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:34 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=bedec63b460fb49c1de21296576d15cf1c8900e69a0714d3af6b0cf09d8c664c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ff:f0:0c:13:a1:e5:c7:61:ae:d2:fb:f4:3d: f0:71:15:9c:0e:2b:83:a5:1e:e2:c6:6b:f7:76:38: e6:11:37:c9:ec:b8:73:c7:79:d2:dc:18:e0:3d:c7: d1:e3:43:73:ae:45:3a:38:ec:24:4a:14:20:e1:16: 37:f5:ba:61:a7:cb:1f:b3:90:6f:c4:51:a8:2b:7f: f7:ee:30:6f:1c:ef:56:02:70:8b:19:04:16:2d:db: 41:19:2f:a7:37:58:b6:43:70:14:53:a5:e1:66:77: 72:1f:cb:6b:2b:69:7b:fb:46:e9:00:ff:5e:dc:17: 77:84:7f:16:03:2a:ed:7f:cc:e3:ab:c3:00:ec:33: c2:2f:a6:f6:77:ee:fc:8d:67:a4:ca:65:25:c9:61: b2:f4:ed:90:db:7e:ae:93:aa:a0:ad:8b:66:82:62: 45:38:61:82:67:e8:34:ab:4a:ea:0d:b8:70:a9:bd: f3:a8:1b:61:74:2c:05:da:67:f5:dc:3d:c7:38:ba: 9c:57:1f:98:2f:19:d5:0b:a1:5a:52:41:3a:a9:de: 55:f4:1b:ab:96:ad:84:79:fa:61:37:fc:ab:b2:97: 00:54:16:9f:e7:63:0e:2e:56:44:c6:8d:d2:7c:09: 04:40:56:e2:5c:b8:d5:d5:37:fe:28:dd:e7:44:a9: c0:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:3E:55:4A:2F:46:ED:D1:4C:5B:99:43:9A:0E:A7:5A:FE:93:57:53 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/3a33d844-426b-41b8-aa8c-f4ab26a66ff2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc5:8000::/36 Signature Algorithm: sha256WithRSAEncryption 1f:9b:40:a5:3a:fe:86:b2:2d:f9:08:b4:dc:e1:23:48:cd:db: 0c:53:7d:11:88:9b:a9:83:20:c2:46:15:87:9b:0e:56:72:90: 3a:73:e8:f7:a1:b4:12:86:59:92:66:f9:af:8a:ad:a7:d6:c0: 8f:e7:6b:95:74:b9:8c:87:97:bd:bd:de:68:b4:e4:56:07:7a: e2:fd:6b:de:6d:d2:23:23:79:80:34:64:67:2a:a7:91:92:27: b1:a0:1d:82:55:4c:2d:58:a8:af:b9:23:74:f6:31:91:be:a4: 46:52:e7:b7:80:69:2e:13:61:19:f9:a5:f0:21:72:9e:28:91: 72:ac:00:a4:62:7e:bd:11:07:ba:ef:b4:ec:39:18:f2:f6:ef: 8c:fd:8c:2f:13:74:ba:73:f0:3a:08:4b:4e:76:87:2c:a0:72: 04:81:0b:82:43:13:18:37:29:45:b3:42:e2:eb:11:5a:ed:05: 28:7d:07:75:f9:dc:06:d0:15:2b:52:c7:08:73:8a:46:ab:0b: 11:2e:5a:ee:db:4b:2c:10:aa:48:d9:d4:66:d8:1c:1b:37:d7: dd:78:43:c8:92:66:91:e3:bb:fb:76:05:4f:e0:33:a4:62:1b: 7f:d2:dd:5a:4b:66:58:b5:4c:33:8d:f5:66:95:eb:5d:84:0e: 60:40:ac:da -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUI7oRjXYiTLYUMAPjvDbm2e9jdBEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzRaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGJlZGVjNjNiNDYwZmI0OWMxZGUyMTI5NjU3NmQxNWNmMWM4OTAwZTY5YTA3 MTRkM2FmNmIwY2YwOWQ4YzY2NGMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJn/8AwToeXHYa7S+/Q98HEVnA4rg6Ue4sZr93Y45hE3yey4c8d50twY4D3H 0eNDc65FOjjsJEoUIOEWN/W6YafLH7OQb8RRqCt/9+4wbxzvVgJwixkEFi3bQRkv pzdYtkNwFFOl4WZ3ch/Laytpe/tG6QD/XtwXd4R/FgMq7X/M46vDAOwzwi+m9nfu /I1npMplJclhsvTtkNt+rpOqoK2LZoJiRThhgmfoNKtK6g24cKm986gbYXQsBdpn 9dw9xzi6nFcfmC8Z1QuhWlJBOqneVfQbq5athHn6YTf8q7KXAFQWn+djDi5WRMaN 0nwJBEBW4ly41dU3/ijd50SpwEcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyPlVK L0bt0UxbmUOaDqda/pNXUzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv M2EzM2Q4NDQtNDI2Yi00MWI4LWFhOGMtZjRhYjI2YTY2ZmYyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA MA0GCSqGSIb3DQEBCwUAA4IBAQAfm0ClOv6Gsi35CLTc4SNIzdsMU30RiJupgyDC RhWHmw5WcpA6c+j3obQShlmSZvmviq2n1sCP52uVdLmMh5e9vd5otORWB3ri/Wve bdIjI3mANGRnKqeRkiexoB2CVUwtWKivuSN09jGRvqRGUue3gGkuE2EZ+aXwIXKe KJFyrACkYn69EQe677TsORjy9u+M/YwvE3S6c/A6CEtOdocsoHIEgQuCQxMYNylF s0Li6xFa7QUofQd1+dwG0BUrUscIc4pGqwsRLlru20ssEKpI2dRm2BwbN9fdeEPI kmaR47v7dgVP4DOkYht/0t1aS2ZYtUwzjfVmletdhA5gQKza -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:14 2025 by rpki-client