This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/541ffd81-df5c-4971-9769-a37d113c922b.roa File: 541ffd81-df5c-4971-9769-a37d113c922b.roa (raw, json) Hash identifier: 9zQmmswecdgudC9KJuS9gkbWNJIfQ+NCBi3EuECsvmQ= Subject key identifier: 7F:65:E5:38:38:7A:9D:07:06:26:B7:1B:07:3B:4F:6F:5D:AF:42:6A Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 220680B9013379DA42933BE860B11234672DDF5E Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/541ffd81-df5c-4971-9769-a37d113c922b.roa Signing time: Tue 02 Dec 2025 01:40:10 +0000 ROA not before: Tue 02 Dec 2025 01:40:10 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6:e::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:06:80:b9:01:33:79:da:42:93:3b:e8:60:b1:12:34:67:2d:df:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:10 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=b8aee9d8144df6eca85cd7ea2f03c206248de57dd365f86370ffe64b2ecf9caf, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2c:f1:d0:41:cd:5e:1c:4d:18:96:63:af:ee: 64:a2:8b:24:fb:4f:7d:cd:ae:85:8e:2e:35:69:13: fc:6c:48:ee:f3:dc:bd:a4:8f:5a:9d:03:0d:e5:f3: d4:69:56:29:77:d7:6c:fa:29:7a:9d:63:9a:19:69: 2d:79:15:0c:3f:f5:a9:1b:39:70:65:fc:37:e8:c8: e8:d5:c1:2b:1c:ce:8d:12:38:43:96:0f:4c:6a:35: 36:68:a0:46:22:62:e2:8b:d8:06:48:5d:4c:d7:73: 4c:2f:41:6a:f6:64:ac:b8:12:f0:8f:e8:df:cd:b4: f3:95:be:e5:dc:aa:ab:f3:d4:ae:78:f5:c1:0c:da: d1:8d:50:07:23:71:c9:62:2c:78:02:d0:a5:fb:49: ba:80:e0:11:a9:58:e7:e8:e9:47:f6:ae:04:9a:98: 0e:68:19:56:2f:71:a2:e3:2c:aa:db:4e:88:28:9d: 7e:a0:c5:c5:b8:75:ff:d1:75:0e:aa:b9:a7:a6:e5: a5:b7:e4:64:d3:25:63:94:27:f9:e3:a8:02:8d:cc: d6:64:b2:73:b7:51:bc:50:eb:80:e5:bf:58:27:69: 27:52:89:4b:17:fe:fe:96:26:0a:d7:52:1f:c1:9a: 88:72:34:69:78:10:a9:c1:4a:4b:6b:09:38:ab:ab: da:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:65:E5:38:38:7A:9D:07:06:26:B7:1B:07:3B:4F:6F:5D:AF:42:6A X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/541ffd81-df5c-4971-9769-a37d113c922b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6:e::/47 Signature Algorithm: sha256WithRSAEncryption ca:3e:b6:f3:7f:64:d3:b9:7d:50:01:45:05:10:59:3d:68:a8: 4f:6e:d0:ec:50:a4:fa:99:c9:3d:7f:5a:8d:1f:fb:30:58:2c: d1:9c:65:5b:7b:01:52:a4:3d:13:c9:34:c5:24:a8:95:13:c9: ec:50:9c:3c:2d:12:e4:a1:8c:d6:d0:63:96:36:74:5c:68:bd: 6e:7b:d7:24:5e:d1:fe:e0:57:cd:58:fc:d7:8d:5f:8b:76:02: c4:f2:5c:60:1a:b5:27:46:92:da:94:7e:f4:a7:16:6c:c5:55: 82:a5:ef:17:d8:19:d3:f4:48:5d:cf:d6:69:cc:3a:eb:27:fb: c7:ca:e5:97:95:3f:84:72:e2:3a:07:a5:7c:c5:8a:9a:d4:95: e3:ba:c2:a5:0a:eb:1f:a0:fd:e0:5c:25:3f:ec:be:d1:2d:12: 61:a3:22:7f:ea:43:d2:ee:cb:88:d8:d5:ff:52:3c:1f:9f:ac: c0:9b:a6:96:b6:5b:17:8d:02:de:ab:8d:e3:a0:4a:43:50:6f: fa:ae:f6:28:2e:b0:18:10:18:aa:49:87:97:36:1c:9d:b7:ec: d1:64:4c:91:1c:bc:c4:0a:a6:52:7c:89:56:14:ea:00:77:d0: ea:7c:c5:80:f3:30:1e:2b:a7:2b:aa:91:4e:48:b9:ef:22:c5: fe:58:5c:e3 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUIgaAuQEzedpCkzvoYLESNGct314wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMTBaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGI4YWVlOWQ4MTQ0ZGY2ZWNhODVjZDdlYTJmMDNjMjA2MjQ4ZGU1N2RkMzY1 Zjg2MzcwZmZlNjRiMmVjZjljYWYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMUs8dBBzV4cTRiWY6/uZKKLJPtPfc2uhY4uNWkT/GxI7vPcvaSPWp0DDeXz 1GlWKXfXbPopep1jmhlpLXkVDD/1qRs5cGX8N+jI6NXBKxzOjRI4Q5YPTGo1Nmig RiJi4ovYBkhdTNdzTC9BavZkrLgS8I/o382085W+5dyqq/PUrnj1wQza0Y1QByNx yWIseALQpftJuoDgEalY5+jpR/auBJqYDmgZVi9xouMsqttOiCidfqDFxbh1/9F1 Dqq5p6blpbfkZNMlY5Qn+eOoAo3M1mSyc7dRvFDrgOW/WCdpJ1KJSxf+/pYmCtdS H8GaiHI0aXgQqcFKS2sJOKur2vUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/ZeU4 OHqdBwYmtxsHO09vXa9CajAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NTQxZmZkODEtZGY1Yy00OTcxLTk3NjktYTM3ZDExM2M5MjJiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA DjANBgkqhkiG9w0BAQsFAAOCAQEAyj62839k07l9UAFFBRBZPWioT27Q7FCk+pnJ PX9ajR/7MFgs0ZxlW3sBUqQ9E8k0xSSolRPJ7FCcPC0S5KGM1tBjljZ0XGi9bnvX JF7R/uBXzVj8141fi3YCxPJcYBq1J0aS2pR+9KcWbMVVgqXvF9gZ0/RIXc/Wacw6 6yf7x8rll5U/hHLiOgelfMWKmtSV47rCpQrrH6D94FwlP+y+0S0SYaMif+pD0u7L iNjV/1I8H5+swJumlrZbF40C3quN46BKQ1Bv+q72KC6wGBAYqkmHlzYcnbfs0WRM kRy8xAqmUnyJVhTqAHfQ6nzFgPMwHiunK6qRTki57yLF/lhc4w== -----END CERTIFICATE-----Generated at Sat Dec 6 20:51:30 2025 by rpki-client