This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa File: 4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa (raw, json) Hash identifier: jHgwIghzqBhE+GpPy/3HGcDmbaqhbveUfOuHsxk7xVs= Subject key identifier: 69:34:17:CC:4C:9E:58:99:1D:D6:31:63:E6:21:B9:BA:F3:F0:15:9D Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 781AFE350F9E9E9988B086CDF967EFE0516432C4 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa Signing time: Tue 02 Dec 2025 01:40:54 +0000 ROA not before: Tue 02 Dec 2025 01:40:54 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:4000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:1a:fe:35:0f:9e:9e:99:88:b0:86:cd:f9:67:ef:e0:51:64:32:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:54 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=c78523bb24d6f580ac29ed71563d848baaf7427812422b75af0a38f7ebd212b6, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:15:ac:96:c0:81:ee:b0:eb:4a:d0:85:a3:cc: e5:7e:95:59:88:c5:c7:63:bd:5d:48:ba:50:0c:c4: 8f:d5:08:25:15:74:c3:b9:bc:95:28:b3:01:e1:ac: c4:c0:6f:13:1c:9b:30:f2:d9:ee:ba:d2:cb:6b:55: 97:92:5e:f5:3a:71:ba:13:e5:f9:5f:b7:a0:df:7f: 60:38:15:11:5d:83:94:20:0c:ea:6b:0c:0c:25:5f: 15:c1:3d:1d:e1:9a:b9:d9:69:8d:32:68:ac:f4:92: 78:c6:bf:0d:cb:aa:9f:2b:19:d8:42:42:73:a6:2c: 3e:10:41:61:20:38:8e:26:71:6b:95:cd:17:b7:47: 3f:7f:45:a0:36:f1:c8:07:56:1e:b9:ed:08:5f:5e: 13:ad:98:97:4c:1a:81:6e:38:74:26:0b:2a:4d:1e: 38:c3:89:12:1d:9b:a3:95:c8:69:af:64:b1:32:3c: 50:f3:c4:54:c0:ef:84:75:f3:a4:f2:d8:8c:3d:74: ab:ee:7b:5b:96:61:a1:2d:88:d3:ca:3a:09:39:81: b7:7d:82:e3:6b:c9:c3:e3:8b:0f:ff:83:98:da:c1: b2:f7:e8:89:79:7e:76:b0:6a:ae:c7:3c:e0:44:7e: dc:0a:ae:60:06:32:e5:7a:55:d0:41:3a:f8:ab:92: 76:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:34:17:CC:4C:9E:58:99:1D:D6:31:63:E6:21:B9:BA:F3:F0:15:9D X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:4000::/36 Signature Algorithm: sha256WithRSAEncryption 2f:81:4e:6c:37:f1:e6:1a:4f:6d:a6:77:55:ba:7e:ff:8e:0e: f6:0f:9e:92:a2:41:69:aa:ef:34:24:45:93:fd:1e:30:81:ac: 32:7e:c6:e1:6e:38:b4:0e:3c:52:6a:fa:07:5f:da:f1:c5:87: 98:43:8c:05:29:e3:d4:92:9e:bf:4b:84:91:8e:d5:66:90:52: fc:2c:ec:1c:c6:03:e2:32:f2:70:a5:8c:de:b8:88:c6:05:b2: 13:bb:44:73:d1:36:ec:da:9f:4e:e5:da:2f:71:12:29:68:0c: 65:64:e3:27:92:86:00:c9:29:54:fd:87:79:cc:50:5d:c6:67: 61:9c:7e:9a:34:31:29:10:7b:68:60:18:df:7b:16:cb:87:68: 2e:c9:d4:a6:ab:a2:25:d8:8c:da:80:bb:f0:cc:f8:28:ae:ae: 81:c6:2a:d5:18:37:0d:d3:ba:4f:ae:e8:8b:42:42:83:9a:40: 1d:11:9e:2f:22:5b:fb:7a:5a:d4:ff:9b:08:03:fc:1e:78:6c: 80:6a:1b:ce:1d:87:63:22:3c:fe:77:2c:c5:78:3c:a6:56:2c: 46:04:b6:f5:2c:df:66:75:69:b1:dc:be:14:91:f9:33:b0:01: ff:1d:df:0d:8a:9f:f4:18:c7:8c:9c:75:d1:75:ae:94:b7:c3: ac:20:8d:ef -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUeBr+NQ+enpmIsIbN+Wfv4FFkMsQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNTRaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGM3ODUyM2JiMjRkNmY1ODBhYzI5ZWQ3MTU2M2Q4NDhiYWFmNzQyNzgxMjQy MmI3NWFmMGEzOGY3ZWJkMjEyYjYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMEVrJbAge6w60rQhaPM5X6VWYjFx2O9XUi6UAzEj9UIJRV0w7m8lSizAeGs xMBvExybMPLZ7rrSy2tVl5Je9TpxuhPl+V+3oN9/YDgVEV2DlCAM6msMDCVfFcE9 HeGaudlpjTJorPSSeMa/DcuqnysZ2EJCc6YsPhBBYSA4jiZxa5XNF7dHP39FoDbx yAdWHrntCF9eE62Yl0wagW44dCYLKk0eOMOJEh2bo5XIaa9ksTI8UPPEVMDvhHXz pPLYjD10q+57W5ZhoS2I08o6CTmBt32C42vJw+OLD/+DmNrBsvfoiXl+drBqrsc8 4ER+3AquYAYy5XpV0EE6+KuSdmUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRpNBfM TJ5YmR3WMWPmIbm68/AVnTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NGY0NGU5ZDAtNzkyMS00MTQ1LWJkZjUtNGQwN2E0ZDA2ODhkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA MA0GCSqGSIb3DQEBCwUAA4IBAQAvgU5sN/HmGk9tpndVun7/jg72D56SokFpqu80 JEWT/R4wgawyfsbhbji0DjxSavoHX9rxxYeYQ4wFKePUkp6/S4SRjtVmkFL8LOwc xgPiMvJwpYzeuIjGBbITu0Rz0Tbs2p9O5dovcRIpaAxlZOMnkoYAySlU/Yd5zFBd xmdhnH6aNDEpEHtoYBjfexbLh2guydSmq6Il2IzagLvwzPgorq6BxirVGDcN07pP ruiLQkKDmkAdEZ4vIlv7elrU/5sIA/weeGyAahvOHYdjIjz+dyzFeDymVixGBLb1 LN9mdWmx3L4UkfkzsAH/Hd8Nip/0GMeMnHXRda6Ut8OsII3v -----END CERTIFICATE-----Generated at Sat Dec 6 11:44:41 2025 by rpki-client