This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/698aa0c9-36c3-4a47-847c-0c241221ba32.roa File: 698aa0c9-36c3-4a47-847c-0c241221ba32.roa (raw, json) Hash identifier: dC8yeM30G4Rl9crs4BGidOg0TvyADJkNLGRME/FT8mc= Subject key identifier: 19:8E:67:6E:59:16:89:D5:86:B9:85:0B:B4:FA:D8:2F:CE:C8:3A:8B Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 1D1AE701939D393CA242FB62E32686709BB48798 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/698aa0c9-36c3-4a47-847c-0c241221ba32.roa Signing time: Fri 23 Jan 2026 19:08:13 +0000 ROA not before: Fri 23 Jan 2026 19:08:13 +0000 ROA not after: Thu 23 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:1a:e7:01:93:9d:39:3c:a2:42:fb:62:e3:26:86:70:9b:b4:87:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Jan 23 19:08:13 2026 GMT Not After : Apr 23 23:59:59 2026 GMT Subject: serialNumber=91d854178b30707d55bab7942db30724a563045a183d0a52376ca0b4b947f69b, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:49:1c:c7:f2:82:29:42:52:9d:d1:59:1c:64: 71:86:ef:6e:c9:82:f5:56:9e:f7:6e:e5:16:14:31: 30:81:d4:7b:4c:bd:90:12:da:62:8a:20:eb:f2:d5: bc:dd:1b:5a:2c:60:52:5d:ad:40:b6:d9:a7:ed:82: 6b:75:10:e1:b9:f0:13:df:90:bb:a6:d2:16:60:c5: 01:a5:62:79:20:b6:2c:3c:a9:b8:00:df:63:c6:d4: 96:6c:90:1e:cf:90:cd:ca:66:1f:f6:3a:05:d7:63: 14:32:ff:bd:18:cc:83:7f:59:cf:d5:a6:08:a5:ac: e9:dc:a5:44:2d:bb:2c:5d:2c:cf:c8:cb:01:d0:5c: 10:20:0a:1c:ae:c9:6a:df:a1:7f:1d:66:8d:36:cc: e1:6c:41:ec:36:8b:f4:46:fa:d5:7d:5b:a4:12:ee: f2:b3:70:25:a3:7b:56:50:fd:74:f9:56:9d:92:5b: d8:62:10:b1:c4:70:1b:8e:dc:a9:35:0e:ec:02:91: 81:8a:96:85:aa:87:f4:30:4f:18:89:97:fe:45:a4: f0:32:e8:69:1e:6c:00:9d:0d:58:f4:e5:d2:e0:d1: 24:68:76:92:a9:ae:f0:c0:62:76:01:fb:60:28:45: 6c:fa:e8:c5:1a:62:1a:b3:17:7f:1c:04:7e:ec:c2: fb:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:8E:67:6E:59:16:89:D5:86:B9:85:0B:B4:FA:D8:2F:CE:C8:3A:8B X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/698aa0c9-36c3-4a47-847c-0c241221ba32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6:1::/48 Signature Algorithm: sha256WithRSAEncryption 48:18:37:45:f4:1e:a8:70:13:ba:87:af:e8:fb:41:dc:27:c6: cb:27:62:b4:90:d1:8d:fe:bb:03:99:16:18:11:43:da:9a:c3: a8:29:5e:e7:19:d6:58:f0:7c:11:30:06:55:cd:51:56:7c:86: 91:65:25:33:6f:f5:81:39:2e:f6:73:5e:a8:9d:40:2c:7c:1a: d6:17:cf:40:ab:0f:71:92:d3:8f:0c:51:e3:5b:2a:70:66:1a: 2c:4b:9e:52:96:b7:09:80:43:17:84:5c:e1:f1:9b:38:60:81: 96:f1:b0:fb:1a:61:ec:cd:78:b1:86:eb:25:dd:f7:88:3f:03: ef:fd:98:2b:1c:6a:4d:d4:e1:b5:61:b3:97:99:b0:66:86:06: 54:a3:d3:61:91:38:3d:68:21:59:51:53:c9:4b:a7:0d:62:41: 2d:e4:34:58:51:60:9e:81:5e:ed:5b:b3:e6:e1:40:cb:bf:54: 7f:68:49:64:98:20:a5:5b:82:73:0e:b3:c8:85:cd:eb:9a:d5: dc:6d:0a:c1:d9:76:f7:b8:ba:a3:d2:3b:a0:07:00:23:e7:95: 77:8a:8e:0b:e0:cf:7f:b8:16:f8:af:8d:f8:77:9b:45:5d:44: d4:ed:1b:8d:7d:45:55:8a:09:8c:f5:60:a3:36:46:6f:d7:fd: 02:72:78:98 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUHRrnAZOdOTyiQvti4yaGcJu0h5gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNjAxMjMxOTA4MTNaFw0yNjA0MjMyMzU5NTlaMHoxSTBHBgNV BAUTQDkxZDg1NDE3OGIzMDcwN2Q1NWJhYjc5NDJkYjMwNzI0YTU2MzA0NWExODNk MGE1MjM3NmNhMGI0Yjk0N2Y2OWIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANdJHMfygilCUp3RWRxkcYbvbsmC9Vae927lFhQxMIHUe0y9kBLaYoog6/LV vN0bWixgUl2tQLbZp+2Ca3UQ4bnwE9+Qu6bSFmDFAaVieSC2LDypuADfY8bUlmyQ Hs+QzcpmH/Y6BddjFDL/vRjMg39Zz9WmCKWs6dylRC27LF0sz8jLAdBcECAKHK7J at+hfx1mjTbM4WxB7DaL9Eb61X1bpBLu8rNwJaN7VlD9dPlWnZJb2GIQscRwG47c qTUO7AKRgYqWhaqH9DBPGImX/kWk8DLoaR5sAJ0NWPTl0uDRJGh2kqmu8MBidgH7 YChFbProxRpiGrMXfxwEfuzC+7UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZjmdu WRaJ1Ya5hQu0+tgvzsg6izAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv Njk4YWEwYzktMzZjMy00YTQ3LTg0N2MtMGMyNDEyMjFiYTMyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YA ATANBgkqhkiG9w0BAQsFAAOCAQEASBg3RfQeqHATuoev6PtB3CfGyyditJDRjf67 A5kWGBFD2prDqCle5xnWWPB8ETAGVc1RVnyGkWUlM2/1gTku9nNeqJ1ALHwa1hfP QKsPcZLTjwxR41sqcGYaLEueUpa3CYBDF4Rc4fGbOGCBlvGw+xph7M14sYbrJd33 iD8D7/2YKxxqTdThtWGzl5mwZoYGVKPTYZE4PWghWVFTyUunDWJBLeQ0WFFgnoFe 7Vuz5uFAy79Uf2hJZJggpVuCcw6zyIXN65rV3G0Kwdl297i6o9I7oAcAI+eVd4qO C+DPf7gW+K+N+HebRV1E1O0bjX1FVYoJjPVgozZGb9f9AnJ4mA== -----END CERTIFICATE-----Generated at Sun Jan 25 04:16:30 2026 by rpki-client