This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa File: 63b5c934-2f43-477b-85d8-563b35f97cf3.roa (raw, json) Hash identifier: wTovhppA9vNK83pzEPkqTG+Z85Bu9UGbl8KtT/JDAgY= Subject key identifier: 1F:AB:86:09:F6:04:18:DA:9B:43:A1:CF:27:49:01:6F:28:B9:E1:EE Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 51EAC25DFD477422D2D51D3AAB1568396D089106 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa Signing time: Tue 02 Dec 2025 01:30:17 +0000 ROA not before: Tue 02 Dec 2025 01:30:17 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 8987 IP address blocks: 2001:3fc4::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:ea:c2:5d:fd:47:74:22:d2:d5:1d:3a:ab:15:68:39:6d:08:91:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:17 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=cb3e5f4b303f1a09b68db9be7f535fd37a0e0e486d347c570056a4b8f0964644, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:87:c6:d7:cd:c3:b5:34:53:15:41:2f:50:8d: bc:c8:6a:9b:15:5b:10:ea:02:84:5c:1b:8f:5c:9c: 52:8e:69:74:92:b8:af:48:72:24:e8:53:0c:8b:d1: e5:28:0b:8c:53:45:36:53:f9:ad:d0:01:4f:a0:6c: 30:02:7a:8f:83:b5:aa:40:40:83:80:a1:c1:02:43: 58:60:aa:02:67:f8:a3:cc:1a:e4:af:d9:be:45:f3: e2:e2:ec:f9:b8:fd:74:46:a3:26:ec:3c:a5:01:e7: c2:48:17:7c:23:ec:7e:f4:49:2d:2f:97:0c:97:47: 28:dc:6b:ce:1b:db:0a:f2:32:33:60:dd:f4:f9:77: 9d:18:3f:b5:ab:ac:95:3b:61:64:cb:ef:83:00:1b: 72:17:0c:c6:f5:3a:64:58:7c:b0:20:2b:82:33:98: 22:a3:0b:bd:ca:dd:95:54:b2:43:8f:02:e5:4f:ba: 59:24:13:62:bf:a3:6c:77:94:7a:e5:4d:ad:2d:c1: f4:e6:58:5c:b3:74:03:07:97:4f:7c:2c:8d:cf:1a: 9e:22:0d:ad:66:bd:05:9c:09:91:01:26:c6:b0:41: 02:8b:fa:9d:fb:ed:5d:9c:80:ec:76:95:98:77:9a: 60:9e:e5:3b:18:4b:4a:8c:94:09:6c:69:70:84:37: b4:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:AB:86:09:F6:04:18:DA:9B:43:A1:CF:27:49:01:6F:28:B9:E1:EE X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc4::/36 Signature Algorithm: sha256WithRSAEncryption 11:68:23:f3:39:3d:a4:4b:57:c2:ae:36:a6:38:1b:20:51:67: f3:d1:bd:b0:8c:a0:82:50:17:52:8d:11:5f:14:02:fa:ed:2b: 24:39:f2:d0:3c:20:87:27:89:f5:dc:a7:c6:26:df:88:d9:53: bf:68:89:a9:47:32:e5:3d:46:f2:88:c4:33:94:b4:dc:c0:e8: 21:03:47:ea:5e:3c:30:02:4a:27:7d:f3:91:5e:45:d0:e2:c0: dc:c9:f5:e1:bd:92:10:48:a1:c5:70:e3:cc:83:9a:db:1d:5a: 58:55:01:ad:b4:2d:bb:6c:6d:c1:e3:57:09:21:4d:25:f9:0f: 36:31:3b:40:50:00:16:44:a6:d5:60:9b:34:43:82:f0:d3:02: b3:65:69:77:9c:17:83:54:e7:df:2d:e3:a6:46:29:df:ee:f7: c8:4c:0e:4a:52:99:3a:53:6b:9c:fa:eb:6a:1f:d0:53:60:47: 45:d4:54:c0:d4:64:68:9a:5a:83:ad:71:a4:5d:ca:77:35:42: 54:32:59:fd:fd:7c:95:e3:1a:95:4a:f0:29:cf:3d:c7:f9:c5: bc:dd:af:c2:66:5a:86:c0:d1:df:ec:6b:96:02:a2:7c:4e:b8: cf:26:b3:65:64:f2:4c:d0:fd:22:2b:92:3e:d3:5c:25:ec:fb: fe:37:54:61 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUUerCXf1HdCLS1R06qxVoOW0IkQYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTdaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGNiM2U1ZjRiMzAzZjFhMDliNjhkYjliZTdmNTM1ZmQzN2EwZTBlNDg2ZDM0 N2M1NzAwNTZhNGI4ZjA5NjQ2NDQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKmHxtfNw7U0UxVBL1CNvMhqmxVbEOoChFwbj1ycUo5pdJK4r0hyJOhTDIvR 5SgLjFNFNlP5rdABT6BsMAJ6j4O1qkBAg4ChwQJDWGCqAmf4o8wa5K/ZvkXz4uLs +bj9dEajJuw8pQHnwkgXfCPsfvRJLS+XDJdHKNxrzhvbCvIyM2Dd9Pl3nRg/taus lTthZMvvgwAbchcMxvU6ZFh8sCArgjOYIqMLvcrdlVSyQ48C5U+6WSQTYr+jbHeU euVNrS3B9OZYXLN0AweXT3wsjc8aniINrWa9BZwJkQEmxrBBAov6nfvtXZyA7HaV mHeaYJ7lOxhLSoyUCWxpcIQ3tCECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfq4YJ 9gQY2ptDoc8nSQFvKLnh7jAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NjNiNWM5MzQtMmY0My00NzdiLTg1ZDgtNTYzYjM1Zjk3Y2YzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA MA0GCSqGSIb3DQEBCwUAA4IBAQARaCPzOT2kS1fCrjamOBsgUWfz0b2wjKCCUBdS jRFfFAL67SskOfLQPCCHJ4n13KfGJt+I2VO/aImpRzLlPUbyiMQzlLTcwOghA0fq XjwwAkonffORXkXQ4sDcyfXhvZIQSKHFcOPMg5rbHVpYVQGttC27bG3B41cJIU0l +Q82MTtAUAAWRKbVYJs0Q4Lw0wKzZWl3nBeDVOffLeOmRinf7vfITA5KUpk6U2uc +utqH9BTYEdF1FTA1GRomlqDrXGkXcp3NUJUMln9/XyV4xqVSvApzz3H+cW83a/C ZlqGwNHf7GuWAqJ8TrjPJrNlZPJM0P0iK5I+01wl7Pv+N1Rh -----END CERTIFICATE-----Generated at Sat Dec 6 11:45:22 2025 by rpki-client