This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa File: 6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa (raw, json) Hash identifier: TK76zWdkZWUmpx3k7MrfndwMfA73nOyiqutbbj2CSCo= Subject key identifier: DF:D0:E2:EE:49:B9:8C:B7:88:F0:AA:5F:1D:A2:39:22:B8:73:1D:6E Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 091B224895AAA0128CFAA5F0BA788AA3EC14B87F Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa Signing time: Tue 02 Dec 2025 01:40:23 +0000 ROA not before: Tue 02 Dec 2025 01:40:23 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc0:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:1b:22:48:95:aa:a0:12:8c:fa:a5:f0:ba:78:8a:a3:ec:14:b8:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:23 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=4efa801db43d8adadee8f3379704d26ee1bdf1c942f1c8aac744802857eaa026, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:e0:30:33:3c:77:fc:c7:a9:c6:fa:9b:30:c0: 19:52:a3:96:05:dc:46:63:bb:05:4e:eb:27:78:22: 52:84:8d:8a:43:6f:7f:ba:8e:14:d7:36:f7:e2:8f: 97:70:df:db:3b:cd:d6:43:4b:c3:c2:18:48:40:4e: a0:58:dd:48:f6:d1:7e:55:9a:ab:1f:6b:fa:e9:d1: e1:af:2c:45:8e:d1:b5:ad:06:bc:d4:9f:61:24:8e: cd:65:1f:92:d7:68:c9:c4:0b:9a:3a:df:32:f6:79: 88:dc:4a:f4:6f:36:6d:69:48:31:a2:7b:56:52:9f: ee:b1:d1:7a:34:ff:1d:7f:11:2c:c9:bc:e4:a1:5d: 3c:24:ed:d6:03:24:fb:ee:6b:cd:0c:1d:58:70:19: 1a:53:35:51:8d:a8:ce:d4:f9:11:34:85:70:9c:3e: f1:f6:77:20:28:59:d0:44:d7:d0:b1:d0:ed:2a:ce: 0f:64:e2:e2:7d:1e:d7:21:e5:dc:9c:53:54:70:75: dd:f6:25:f3:15:53:da:21:e8:11:f6:a2:3b:4a:1d: 08:d6:1f:55:0f:3a:e0:6e:e6:39:37:61:a6:fe:aa: 4d:90:15:32:88:f6:a5:09:03:5f:29:22:e9:77:1b: e1:5a:c6:50:cb:b7:3d:d2:b4:5e:27:4a:f7:c4:03: c1:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:D0:E2:EE:49:B9:8C:B7:88:F0:AA:5F:1D:A2:39:22:B8:73:1D:6E X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc0:8c0::/48 Signature Algorithm: sha256WithRSAEncryption 76:b5:7d:f9:30:53:f5:21:00:e1:ec:35:4c:56:f3:a5:eb:80: 48:df:b8:9b:56:47:08:77:2c:90:5f:b5:25:c8:de:ff:d0:09: 94:58:29:b6:cc:b3:a4:63:91:75:d0:d4:7f:aa:c9:18:5b:ff: 2c:73:a6:32:3d:a7:bb:3a:d4:46:16:29:81:85:11:82:61:26: d7:6c:ad:09:03:a5:6d:ec:87:a4:e6:21:1e:df:20:0c:d7:cd: b8:de:96:e5:97:fe:e2:c4:f8:bb:cd:de:d4:9f:04:ec:0c:60: 9b:f0:93:6e:64:5e:ed:a2:fd:5c:a4:d7:c5:87:89:bb:12:e5: fc:5b:b4:69:b0:8b:64:f1:d5:2c:1f:82:ef:73:be:37:24:ad: 49:e0:b0:1c:5c:e9:e4:e7:8e:d9:fa:5e:b7:46:84:c4:ea:71: 5d:8e:d2:47:da:67:72:f4:e0:87:40:d1:8e:f8:07:0d:98:1d: 86:06:ce:73:25:5e:c4:3f:03:14:e6:61:48:ef:3e:ff:bf:6c: ac:04:c1:6e:94:4c:ad:54:fa:4c:4d:d0:91:ba:42:c1:61:33: 9d:59:d2:4b:5c:ea:34:6b:d5:9d:e0:ff:ea:b2:c7:16:01:8e: 86:ee:2c:be:00:8b:cc:8f:a7:52:9f:fe:32:c1:9d:af:90:b0: 24:14:cf:42 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUCRsiSJWqoBKM+qXwuniKo+wUuH8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjNaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDRlZmE4MDFkYjQzZDhhZGFkZWU4ZjMzNzk3MDRkMjZlZTFiZGYxYzk0MmYx YzhhYWM3NDQ4MDI4NTdlYWEwMjYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJbgMDM8d/zHqcb6mzDAGVKjlgXcRmO7BU7rJ3giUoSNikNvf7qOFNc29+KP l3Df2zvN1kNLw8IYSEBOoFjdSPbRflWaqx9r+unR4a8sRY7Rta0GvNSfYSSOzWUf ktdoycQLmjrfMvZ5iNxK9G82bWlIMaJ7VlKf7rHRejT/HX8RLMm85KFdPCTt1gMk ++5rzQwdWHAZGlM1UY2oztT5ETSFcJw+8fZ3IChZ0ETX0LHQ7SrOD2Ti4n0e1yHl 3JxTVHB13fYl8xVT2iHoEfaiO0odCNYfVQ864G7mOTdhpv6qTZAVMoj2pQkDXyki 6Xcb4VrGUMu3PdK0XidK98QDwbcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTf0OLu SbmMt4jwql8dojkiuHMdbjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NmQzZTAyZWQtMjg0OC00ZGMyLWE4NWYtMDBmZjZhMGZlZDg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI wDANBgkqhkiG9w0BAQsFAAOCAQEAdrV9+TBT9SEA4ew1TFbzpeuASN+4m1ZHCHcs kF+1Jcje/9AJlFgptsyzpGORddDUf6rJGFv/LHOmMj2nuzrURhYpgYURgmEm12yt CQOlbeyHpOYhHt8gDNfNuN6W5Zf+4sT4u83e1J8E7Axgm/CTbmRe7aL9XKTXxYeJ uxLl/Fu0abCLZPHVLB+C73O+NyStSeCwHFzp5OeO2fpet0aExOpxXY7SR9pncvTg h0DRjvgHDZgdhgbOcyVexD8DFOZhSO8+/79srATBbpRMrVT6TE3QkbpCwWEznVnS S1zqNGvVneD/6rLHFgGOhu4svgCLzI+nUp/+MsGdr5CwJBTPQg== -----END CERTIFICATE-----Generated at Sun Dec 7 01:06:52 2025 by rpki-client