This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6b104617-be96-4130-b1b4-dbe8facd0109.roa File: 6b104617-be96-4130-b1b4-dbe8facd0109.roa (raw, json) Hash identifier: zbYYCwnfkv3TlIh7ySl0nYlrkHZgwPJMbmCJG2eXNW8= Subject key identifier: 16:EB:CC:EA:67:A5:28:C2:75:CA:60:E2:28:9C:48:94:9E:7F:E3:D6 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 381853DF365308F5D917A0908EB5FA939B1756A5 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6b104617-be96-4130-b1b4-dbe8facd0109.roa Signing time: Tue 02 Dec 2025 01:40:08 +0000 ROA not before: Tue 02 Dec 2025 01:40:08 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:c000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:18:53:df:36:53:08:f5:d9:17:a0:90:8e:b5:fa:93:9b:17:56:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:08 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=8554a3024c562629e5b74ddf0d87fa16c3625ce6628152a8b7fd8ec35e8f46ed, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:a9:50:98:17:59:a5:85:62:79:dd:0b:c7:b6: 14:eb:31:26:86:98:29:41:a1:68:89:9c:4a:39:4a: fc:0c:d5:04:4e:3e:c3:87:44:ef:e3:5b:20:e7:0e: cb:73:ab:ad:41:f1:6c:fa:d0:6c:0a:3b:a0:b0:7c: 1c:11:35:2b:9a:b7:88:1e:dc:6e:f6:e5:9b:65:57: 56:f3:ea:f0:ae:82:94:de:12:23:7b:89:0a:ea:34: 71:2e:08:74:c6:75:81:3f:63:42:9d:2b:c0:c5:0c: 44:bb:33:38:61:8c:81:4c:3d:17:c9:e1:c6:8b:2d: 8b:9b:a5:8e:6c:7a:d5:95:70:21:65:10:b1:10:ce: df:1c:c1:aa:86:39:84:47:a5:76:46:fe:ae:dd:ed: 40:cc:53:cd:78:d3:91:60:7e:db:3a:93:61:41:3a: c6:9e:f5:c2:d6:d7:9d:8c:33:b0:f5:da:55:0e:39: 5f:e9:57:b9:12:b9:2b:08:5c:bf:86:3c:75:bb:06: 4e:81:cf:f4:6a:a8:82:2c:15:13:e0:31:95:59:c4: c3:6f:3d:7a:21:4f:ac:72:da:7b:54:38:71:ce:46: 59:86:1b:76:27:2a:15:be:3a:fc:39:89:ae:0c:6f: a4:d2:b5:6c:f7:d4:f6:8f:e6:bc:63:80:28:29:b8: b0:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:EB:CC:EA:67:A5:28:C2:75:CA:60:E2:28:9C:48:94:9E:7F:E3:D6 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6b104617-be96-4130-b1b4-dbe8facd0109.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:c000::/36 Signature Algorithm: sha256WithRSAEncryption 11:f4:34:10:04:7b:7e:23:1f:fa:59:6b:bc:8c:a1:f4:cb:a2: 53:35:8a:44:10:ee:93:4b:32:03:5a:c0:11:9f:79:33:72:5f: f8:e8:54:98:30:0c:bc:36:8e:6b:59:89:76:8e:57:11:19:19: 30:28:7a:10:93:60:6c:3a:fc:7f:80:e2:a5:82:5f:83:a6:f1: 10:bb:35:66:f9:16:cc:4c:a6:26:f1:94:40:26:cb:db:7f:93: 7f:e3:3a:e2:63:22:e0:96:22:36:4e:8d:47:84:37:af:b0:a2: 15:df:17:61:89:cc:de:e1:4a:55:0f:68:5c:fc:39:80:d5:09: b1:29:a1:30:12:b7:c3:e7:db:25:44:7b:5b:a0:a7:3e:14:24: 69:ae:ef:15:cc:cb:e8:d8:93:b6:bc:b8:d8:d3:df:19:d2:d0: bf:d8:ba:94:63:b0:ec:fa:88:1b:bb:87:86:4e:51:2f:4f:e6: 26:68:cb:f6:86:12:61:79:a7:62:f6:6d:74:1c:7e:ff:39:2a: 02:86:f5:6e:6d:f4:06:6e:fb:c1:9b:23:32:9c:4e:ee:0b:b1: 2a:44:4f:d4:ba:97:23:df:27:a3:f0:34:a7:da:7c:69:8c:97: c6:24:23:6b:da:ba:4b:99:44:8d:0a:fc:5b:c5:b3:39:d6:a1: fa:b5:b5:53 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOBhT3zZTCPXZF6CQjrX6k5sXVqUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMDhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDg1NTRhMzAyNGM1NjI2MjllNWI3NGRkZjBkODdmYTE2YzM2MjVjZTY2Mjgx NTJhOGI3ZmQ4ZWMzNWU4ZjQ2ZWQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJKpUJgXWaWFYnndC8e2FOsxJoaYKUGhaImcSjlK/AzVBE4+w4dE7+NbIOcO y3OrrUHxbPrQbAo7oLB8HBE1K5q3iB7cbvblm2VXVvPq8K6ClN4SI3uJCuo0cS4I dMZ1gT9jQp0rwMUMRLszOGGMgUw9F8nhxosti5uljmx61ZVwIWUQsRDO3xzBqoY5 hEeldkb+rt3tQMxTzXjTkWB+2zqTYUE6xp71wtbXnYwzsPXaVQ45X+lXuRK5Kwhc v4Y8dbsGToHP9GqogiwVE+AxlVnEw289eiFPrHLae1Q4cc5GWYYbdicqFb46/DmJ rgxvpNK1bPfU9o/mvGOAKCm4sJ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQW68zq Z6UownXKYOIonEiUnn/j1jAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NmIxMDQ2MTctYmU5Ni00MTMwLWIxYjQtZGJlOGZhY2QwMTA5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fA MA0GCSqGSIb3DQEBCwUAA4IBAQAR9DQQBHt+Ix/6WWu8jKH0y6JTNYpEEO6TSzID WsARn3kzcl/46FSYMAy8No5rWYl2jlcRGRkwKHoQk2BsOvx/gOKlgl+DpvEQuzVm +RbMTKYm8ZRAJsvbf5N/4zriYyLgliI2To1HhDevsKIV3xdhicze4UpVD2hc/DmA 1QmxKaEwErfD59slRHtboKc+FCRpru8VzMvo2JO2vLjY098Z0tC/2LqUY7Ds+ogb u4eGTlEvT+YmaMv2hhJheadi9m10HH7/OSoChvVubfQGbvvBmyMynE7uC7EqRE/U upcj3yej8DSn2nxpjJfGJCNr2rpLmUSNCvxbxbM51qH6tbVT -----END CERTIFICATE-----Generated at Sat Dec 6 11:45:53 2025 by rpki-client