This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4251c6ee-a4b0-4746-967f-94d2557ebf12.roa File: 4251c6ee-a4b0-4746-967f-94d2557ebf12.roa (raw, json) Hash identifier: KRaix1z6rpuiDgEBfyzTMz2eesJKNXK0P1myOMv8BnA= Subject key identifier: CC:B4:B3:26:57:28:81:04:71:25:48:FC:34:EC:04:D5:DC:29:48:84 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 201CF8C6F8FCF01C7BEE2090AE3D9DD4A39E79E5 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4251c6ee-a4b0-4746-967f-94d2557ebf12.roa Signing time: Tue 02 Dec 2025 01:30:13 +0000 ROA not before: Tue 02 Dec 2025 01:30:13 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc0:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:1c:f8:c6:f8:fc:f0:1c:7b:ee:20:90:ae:3d:9d:d4:a3:9e:79:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:13 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=89f2151c715f52481b30887f791ba506d10b0ca7ec4b8de19ed3a4f6b6b84913, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:01:cc:37:ca:e2:b9:43:9c:db:6e:58:5a:f6: c9:76:f8:69:cf:c9:5c:24:a2:bc:35:3c:76:1a:0c: 1c:cf:c4:c9:f1:fb:47:d0:56:56:5a:8e:00:d3:24: 17:28:13:5d:fd:8a:c2:8e:a1:6d:45:86:d6:63:97: 7f:12:5e:c2:2c:8f:4a:58:ad:69:a0:e5:6a:89:88: 7b:4b:d5:51:99:f9:f0:67:91:68:43:7f:95:3e:da: b9:c8:bc:83:37:05:ac:fb:48:ec:c1:34:25:fa:8e: c5:35:45:c0:30:b1:f7:a9:3a:53:3d:d1:88:9f:4f: e4:3b:71:d5:c7:c9:e0:1a:7e:37:66:cc:0a:69:d7: 48:2f:03:fc:38:cb:08:a6:19:03:24:68:2e:48:e0: 79:9c:7a:0b:ef:6a:c2:a9:f4:69:89:32:d2:f4:3e: 0d:95:2d:86:e4:e6:6e:e8:ff:88:3f:de:d0:3b:1a: 69:e1:c2:c9:51:d6:d4:df:7e:e1:f1:b0:83:21:63: cd:cf:66:22:5c:3b:f4:59:5a:05:e6:da:13:5c:e4: 97:d2:28:99:bb:c8:5d:e1:55:4e:5b:1b:db:b7:9d: 01:84:13:58:7c:55:84:44:6c:35:b6:38:ac:9d:5b: 67:d2:e3:49:90:3d:0d:a2:dc:25:74:60:e2:85:f7: aa:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B4:B3:26:57:28:81:04:71:25:48:FC:34:EC:04:D5:DC:29:48:84 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4251c6ee-a4b0-4746-967f-94d2557ebf12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc0:880::/48 Signature Algorithm: sha256WithRSAEncryption 9e:e7:7b:67:f4:22:94:f4:56:44:35:90:6e:e6:cb:44:29:bb: 6c:3d:30:0e:3b:d3:d0:4d:d7:b9:0a:32:65:9c:bd:7b:dc:79: ba:fb:c7:ff:c1:7b:99:32:fe:36:c8:a7:cf:51:67:80:08:2b: 68:fe:04:09:0f:ca:23:57:70:6d:1d:7f:b3:93:db:bb:e4:12: 79:08:d1:36:a6:62:7f:d1:39:a5:3d:15:0b:f2:d1:4e:c5:0e: 47:6e:29:00:0b:16:a5:0b:dd:cf:b9:b6:cf:19:9a:a1:68:17: b2:12:cf:a2:09:7c:5b:ee:41:7c:45:90:16:9c:73:30:81:5f: 62:cc:88:49:e6:9a:58:d7:c2:27:b9:6d:e1:10:2c:18:c3:b9: e5:08:17:60:26:da:5a:8f:13:d2:f1:d0:b0:d9:44:a3:10:4a: 34:37:68:f4:ce:58:98:be:10:49:9b:eb:1b:4e:a7:86:7f:ae: 3b:55:c6:f3:d9:9f:45:1e:3a:5d:4d:ed:d7:3b:29:e0:79:d0: 91:e4:a3:cd:60:65:ad:40:a2:3f:11:19:95:27:da:5b:13:24: 82:74:fc:9a:26:c7:7c:8a:03:19:f2:1c:b7:7c:53:8f:93:0b: ca:8d:a7:51:b1:e2:a5:57:86:d5:7e:6b:c8:2b:dd:45:fa:89: 30:c5:aa:88 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUIBz4xvj88Bx77iCQrj2d1KOeeeUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTNaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDg5ZjIxNTFjNzE1ZjUyNDgxYjMwODg3Zjc5MWJhNTA2ZDEwYjBjYTdlYzRi OGRlMTllZDNhNGY2YjZiODQ5MTMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMoBzDfK4rlDnNtuWFr2yXb4ac/JXCSivDU8dhoMHM/EyfH7R9BWVlqOANMk FygTXf2Kwo6hbUWG1mOXfxJewiyPSlitaaDlaomIe0vVUZn58GeRaEN/lT7auci8 gzcFrPtI7ME0JfqOxTVFwDCx96k6Uz3RiJ9P5Dtx1cfJ4Bp+N2bMCmnXSC8D/DjL CKYZAyRoLkjgeZx6C+9qwqn0aYky0vQ+DZUthuTmbuj/iD/e0DsaaeHCyVHW1N9+ 4fGwgyFjzc9mIlw79FlaBebaE1zkl9IombvIXeFVTlsb27edAYQTWHxVhERsNbY4 rJ1bZ9LjSZA9DaLcJXRg4oX3qvECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTMtLMm VyiBBHElSPw07ATV3ClIhDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NDI1MWM2ZWUtYTRiMC00NzQ2LTk2N2YtOTRkMjU1N2ViZjEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI gDANBgkqhkiG9w0BAQsFAAOCAQEAnud7Z/QilPRWRDWQbubLRCm7bD0wDjvT0E3X uQoyZZy9e9x5uvvH/8F7mTL+Nsinz1FngAgraP4ECQ/KI1dwbR1/s5Pbu+QSeQjR NqZif9E5pT0VC/LRTsUOR24pAAsWpQvdz7m2zxmaoWgXshLPogl8W+5BfEWQFpxz MIFfYsyISeaaWNfCJ7lt4RAsGMO55QgXYCbaWo8T0vHQsNlEoxBKNDdo9M5YmL4Q SZvrG06nhn+uO1XG89mfRR46XU3t1zsp4HnQkeSjzWBlrUCiPxEZlSfaWxMkgnT8 mibHfIoDGfIct3xTj5MLyo2nUbHipVeG1X5ryCvdRfqJMMWqiA== -----END CERTIFICATE-----Generated at Sun Dec 7 01:07:10 2025 by rpki-client