This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4a0ca7a1-00ab-48be-a825-9123b34b7077.roa File: 4a0ca7a1-00ab-48be-a825-9123b34b7077.roa (raw, json) Hash identifier: WCt4lwpMKis4mrUckP9lTdlCHPDZLOAEyfRQUBRoScY= Subject key identifier: BA:95:8E:B7:AB:22:30:93:28:F8:99:D9:82:A4:0F:A0:ED:78:B1:97 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 5D7FFC00905F48BB3EDD2183B0B4F0F1489426F0 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4a0ca7a1-00ab-48be-a825-9123b34b7077.roa Signing time: Tue 02 Dec 2025 01:40:41 +0000 ROA not before: Tue 02 Dec 2025 01:40:41 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:f880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:7f:fc:00:90:5f:48:bb:3e:dd:21:83:b0:b4:f0:f1:48:94:26:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:41 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=ef35498b1e74451682320ede3e2d96ddbbb5b4c94ba80416100b1939b50bbd6a, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ed:b2:eb:cd:a6:1a:40:c9:0b:f4:c4:52:ca: b6:67:60:80:17:da:32:e7:a0:8a:51:77:2c:a6:c5: 19:16:64:48:3b:91:43:1c:18:06:f9:8a:04:e6:b3: 61:c8:4e:70:fe:93:6e:03:8a:a3:57:f7:7f:64:ef: e5:76:52:0e:bb:73:de:31:3c:9c:81:bc:32:fa:47: 10:ca:62:e9:41:8f:3e:41:e7:d9:7c:ca:67:54:69: b4:4c:81:9b:96:3e:19:a6:93:d2:cd:51:c0:83:a1: db:12:f3:7d:9c:d6:2a:23:59:93:7a:e9:54:6e:2e: b0:52:0e:a6:20:c1:2d:88:45:29:0c:5a:be:30:0e: aa:7e:10:e2:47:6b:02:c8:c4:01:ed:24:4b:86:89: 98:14:8a:a0:de:99:d3:2e:42:4c:56:e0:b4:61:6b: 55:28:c8:30:d2:da:9b:9d:26:9b:0d:45:c4:08:99: 61:85:e0:bd:bb:38:1f:59:7a:7b:13:bc:30:11:00: 62:09:c0:7f:fa:f6:5d:9a:80:da:a9:b2:86:5f:d0: a3:45:07:59:3d:3b:c1:66:e6:ef:93:d7:6f:67:27: b0:ef:8e:c6:1c:f7:56:c9:cb:0c:2d:98:f5:5f:b2: 80:2a:67:82:b2:83:8d:9e:96:4d:14:b1:94:a6:c2: 02:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:95:8E:B7:AB:22:30:93:28:F8:99:D9:82:A4:0F:A0:ED:78:B1:97 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4a0ca7a1-00ab-48be-a825-9123b34b7077.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:f880::/48 Signature Algorithm: sha256WithRSAEncryption ab:96:e0:db:65:85:a6:25:a6:58:83:18:ff:07:2a:ca:8c:81: 38:07:f1:a2:03:e0:8b:f5:56:fe:e5:08:53:07:bc:c0:d9:55: 24:68:c9:a3:2e:6b:61:ac:ec:ce:74:32:e7:e5:59:9f:02:08: 99:a9:ef:56:c7:f0:47:7d:0b:ed:06:e9:46:f6:70:1f:23:d4: 9d:e5:4d:8a:67:ff:76:f3:37:74:78:ea:e5:ba:69:ac:d6:04: 29:2f:9f:c2:e3:4d:5b:12:61:90:65:ad:6e:f8:f0:7c:a8:3c: fd:1e:bf:bc:b1:ae:fa:29:85:8c:de:3a:17:c5:3e:3b:88:91: 75:9f:a3:60:08:70:5f:1e:00:2e:d9:89:c2:1a:09:07:20:53: d6:e3:19:43:f5:15:bb:0a:ed:de:76:36:c2:07:a6:ac:8e:80: 3a:3a:af:93:3f:b4:1b:99:ce:94:73:3b:4c:59:7b:d4:3b:42: 13:a9:01:ce:e5:f2:d9:d9:14:3c:f3:f4:ac:2b:db:df:87:37: 71:a3:aa:dc:5b:67:fd:74:52:68:89:89:04:36:dc:b2:fb:96: bd:51:09:74:b0:8f:a2:a0:e8:11:4e:87:d1:40:9c:66:a0:38: fb:63:2a:9e:7e:ea:77:41:ff:50:5e:db:06:8b:19:2b:75:af: be:a5:1e:8a -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUXX/8AJBfSLs+3SGDsLTw8UiUJvAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNDFaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGVmMzU0OThiMWU3NDQ1MTY4MjMyMGVkZTNlMmQ5NmRkYmJiNWI0Yzk0YmE4 MDQxNjEwMGIxOTM5YjUwYmJkNmExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKvtsuvNphpAyQv0xFLKtmdggBfaMuegilF3LKbFGRZkSDuRQxwYBvmKBOaz YchOcP6TbgOKo1f3f2Tv5XZSDrtz3jE8nIG8MvpHEMpi6UGPPkHn2XzKZ1RptEyB m5Y+GaaT0s1RwIOh2xLzfZzWKiNZk3rpVG4usFIOpiDBLYhFKQxavjAOqn4Q4kdr AsjEAe0kS4aJmBSKoN6Z0y5CTFbgtGFrVSjIMNLam50mmw1FxAiZYYXgvbs4H1l6 exO8MBEAYgnAf/r2XZqA2qmyhl/Qo0UHWT07wWbm75PXb2cnsO+Oxhz3VsnLDC2Y 9V+ygCpngrKDjZ6WTRSxlKbCAqUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6lY63 qyIwkyj4mdmCpA+g7XixlzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NGEwY2E3YTEtMDBhYi00OGJlLWE4MjUtOTEyM2IzNGI3MDc3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4 gDANBgkqhkiG9w0BAQsFAAOCAQEAq5bg22WFpiWmWIMY/wcqyoyBOAfxogPgi/VW /uUIUwe8wNlVJGjJoy5rYazsznQy5+VZnwIImanvVsfwR30L7QbpRvZwHyPUneVN imf/dvM3dHjq5bpprNYEKS+fwuNNWxJhkGWtbvjwfKg8/R6/vLGu+imFjN46F8U+ O4iRdZ+jYAhwXx4ALtmJwhoJByBT1uMZQ/UVuwrt3nY2wgemrI6AOjqvkz+0G5nO lHM7TFl71DtCE6kBzuXy2dkUPPP0rCvb34c3caOq3Ftn/XRSaImJBDbcsvuWvVEJ dLCPoqDoEU6H0UCcZqA4+2Mqnn7qd0H/UF7bBosZK3WvvqUeig== -----END CERTIFICATE-----Generated at Sat Dec 6 11:44:23 2025 by rpki-client