This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/713a22fc-9451-4d48-9d05-5cdf9c1aa161.roa File: 713a22fc-9451-4d48-9d05-5cdf9c1aa161.roa (raw, json) Hash identifier: Qo6QWTCUzpIFSlv3hGKBco3YjZy4Ygg6JoTcLJtN4Pg= Subject key identifier: 14:2E:20:60:45:9E:CD:DA:29:0A:BC:A4:43:68:01:8F:49:09:5A:19 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 0C2EDADBA84269694CFCEBE2E3676AA7ADA21AC2 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/713a22fc-9451-4d48-9d05-5cdf9c1aa161.roa Signing time: Tue 02 Dec 2025 01:30:10 +0000 ROA not before: Tue 02 Dec 2025 01:30:10 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:2e:da:db:a8:42:69:69:4c:fc:eb:e2:e3:67:6a:a7:ad:a2:1a:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:10 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=5a2af3a137d707d08f932587ff4a4140099d84e7ae6965f60ada64f11ef0a4c8, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f6:ff:54:ae:2e:5e:f7:8a:eb:18:4e:af:da: 59:b2:45:34:8f:cb:85:1d:b0:74:c8:51:48:7f:56: e9:b9:6a:ea:6f:c7:a8:12:cd:d2:f9:49:69:79:b4: 2d:48:f1:64:f1:58:47:8f:59:12:63:58:d0:3e:b1: b2:57:ed:7f:f0:93:0d:8d:da:98:b5:11:ac:3a:a1: cc:dd:bb:59:b5:f4:e3:e3:d4:07:0b:8d:1b:99:6c: a2:54:2c:6d:35:18:34:60:82:df:59:f5:18:d1:73: 2d:24:d2:d8:bc:d9:f4:5f:d4:27:d1:e2:1a:f7:d4: 48:1b:cb:ef:f1:a4:9b:b0:f1:6b:84:3b:f5:c3:ff: 82:e2:8d:8a:47:77:09:23:1a:50:f2:26:80:7e:77: 02:57:da:85:db:17:20:96:e1:1c:22:ca:9d:4a:cd: 55:28:f6:ab:7c:a7:4e:c7:e7:22:bd:4a:b1:ca:56: 89:7e:8d:45:0b:66:cb:46:e4:fc:6c:71:7f:dc:e0: 0e:a1:16:44:7c:0a:70:d5:1b:2c:10:fc:ec:e0:e1: 46:2b:1e:b1:06:78:5d:9f:0c:85:4e:52:de:2d:b4: 44:9a:19:ab:28:e9:25:5f:f8:87:02:77:7e:be:27: 46:55:fe:f6:10:f0:08:13:ce:92:22:ba:84:2f:85: ff:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:2E:20:60:45:9E:CD:DA:29:0A:BC:A4:43:68:01:8F:49:09:5A:19 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/713a22fc-9451-4d48-9d05-5cdf9c1aa161.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:8000::/36 Signature Algorithm: sha256WithRSAEncryption 58:ff:f9:fa:92:7e:7e:4b:be:a2:f4:a9:af:f7:4f:d1:b7:55: d2:d2:6d:41:07:39:1d:3d:72:ef:17:4b:8a:d0:db:1c:3f:aa: 17:86:1f:c4:b0:e2:bb:ee:80:f9:99:65:22:5a:90:f0:74:99: a6:a1:83:40:15:18:03:e7:03:a1:43:52:ed:d3:d6:dc:c7:7d: dc:1f:ae:72:5d:49:50:ed:e2:25:df:24:e2:72:2f:6d:55:ea: 55:02:1e:64:ed:13:8e:19:16:d4:c3:84:8c:07:c5:2b:2e:2a: 22:00:36:36:8d:a7:e6:bd:ce:66:d4:2b:45:62:1b:a3:da:ff: 5f:36:5c:68:5d:94:25:e0:6e:96:35:b0:02:20:66:9e:62:87: 93:ef:f2:8d:b5:93:ca:12:24:df:8f:45:b9:c7:4d:08:e9:96: 31:9c:55:29:fe:64:fd:0c:13:8d:fa:97:f0:34:19:53:f2:8f: c4:b4:c6:6d:db:21:5f:05:4c:51:36:61:00:24:c3:fe:3e:fc: 8f:8c:f6:d5:58:4b:93:d2:bd:77:a3:b4:cc:c4:69:f1:9c:c6: ef:04:cc:04:45:5f:c6:cb:15:a9:fb:ba:64:ac:b0:95:0e:4f: f1:c1:c2:ba:a8:6f:dc:3e:12:e2:af:f4:4a:77:f3:de:49:06: a8:c0:67:e0 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUDC7a26hCaWlM/Ovi42dqp62iGsIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTBaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDVhMmFmM2ExMzdkNzA3ZDA4ZjkzMjU4N2ZmNGE0MTQwMDk5ZDg0ZTdhZTY5 NjVmNjBhZGE2NGYxMWVmMGE0YzgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAML2/1SuLl73iusYTq/aWbJFNI/LhR2wdMhRSH9W6blq6m/HqBLN0vlJaXm0 LUjxZPFYR49ZEmNY0D6xslftf/CTDY3amLURrDqhzN27WbX04+PUBwuNG5lsolQs bTUYNGCC31n1GNFzLSTS2LzZ9F/UJ9HiGvfUSBvL7/Gkm7Dxa4Q79cP/guKNikd3 CSMaUPImgH53AlfahdsXIJbhHCLKnUrNVSj2q3ynTsfnIr1KscpWiX6NRQtmy0bk /Gxxf9zgDqEWRHwKcNUbLBD87ODhRisesQZ4XZ8MhU5S3i20RJoZqyjpJV/4hwJ3 fr4nRlX+9hDwCBPOkiK6hC+F/30CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQULiBg RZ7N2ikKvKRDaAGPSQlaGTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NzEzYTIyZmMtOTQ1MS00ZDQ4LTlkMDUtNWNkZjljMWFhMTYxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA MA0GCSqGSIb3DQEBCwUAA4IBAQBY//n6kn5+S76i9Kmv90/Rt1XS0m1BBzkdPXLv F0uK0NscP6oXhh/EsOK77oD5mWUiWpDwdJmmoYNAFRgD5wOhQ1Lt09bcx33cH65y XUlQ7eIl3yTici9tVepVAh5k7ROOGRbUw4SMB8UrLioiADY2jafmvc5m1CtFYhuj 2v9fNlxoXZQl4G6WNbACIGaeYoeT7/KNtZPKEiTfj0W5x00I6ZYxnFUp/mT9DBON +pfwNBlT8o/EtMZt2yFfBUxRNmEAJMP+PvyPjPbVWEuT0r13o7TMxGnxnMbvBMwE RV/GyxWp+7pkrLCVDk/xwcK6qG/cPhLir/RKd/PeSQaowGfg -----END CERTIFICATE-----Generated at Sun Dec 7 01:07:10 2025 by rpki-client