This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/71ecb785-83f2-49e3-899e-5a6d8098f651.roa File: 71ecb785-83f2-49e3-899e-5a6d8098f651.roa (raw, json) Hash identifier: YxZKBcckN2KhlZqT8NVXKLKKjmEl+1hBKQmlCWBsETM= Subject key identifier: F9:24:2C:09:53:49:BE:96:47:66:AC:52:1F:0E:DB:B2:32:2E:DA:57 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 5265967437248049A06B29B18AEFAC30257F5C12 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/71ecb785-83f2-49e3-899e-5a6d8098f651.roa Signing time: Tue 02 Dec 2025 01:40:22 +0000 ROA not before: Tue 02 Dec 2025 01:40:22 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:5000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:65:96:74:37:24:80:49:a0:6b:29:b1:8a:ef:ac:30:25:7f:5c:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:22 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=2b6276d1919f0bcc9c728b413bdc9c0e2df508631e47cac4972378f49a3d6545, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1c:31:1c:02:7c:de:ae:d9:18:67:38:4b:79: e0:e1:b6:33:0b:2a:95:2b:a5:53:32:da:40:f3:43: 50:43:d8:26:59:66:44:80:52:35:75:09:87:07:4a: 1b:9e:64:9b:40:a6:3a:9f:bb:f0:f3:48:02:63:96: 24:03:d9:81:ff:ed:53:16:6d:80:01:7a:a7:00:15: be:b6:17:05:10:57:59:47:59:5c:81:b1:fe:52:49: d0:2a:a9:ec:dc:e1:46:9d:04:d4:4b:41:38:42:f7: 78:80:ed:e8:8a:4d:26:31:6f:1c:2c:b5:61:c7:2a: 82:69:81:6a:be:1e:89:c9:b3:11:33:43:43:1b:89: 51:0f:85:f5:ce:58:1e:af:91:76:4c:ce:9f:37:01: a9:6a:c7:08:53:85:6c:57:65:00:cb:ec:05:42:e5: 31:99:b1:bf:62:13:6d:a6:16:76:cf:bb:25:28:0c: 90:f9:9f:61:c5:9b:c0:a6:63:dd:79:b1:91:b0:d2: 8c:cd:bc:33:be:be:d7:14:2d:b5:fb:b8:67:63:92: 1b:46:27:ea:d4:2e:1d:68:3e:dc:56:4a:5f:e8:8b: c9:e0:50:a3:e6:48:ff:b0:2d:8d:b5:3e:be:c8:a8: b5:2f:4d:62:cb:5d:24:2f:98:1d:8c:46:f5:5e:df: 3a:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:24:2C:09:53:49:BE:96:47:66:AC:52:1F:0E:DB:B2:32:2E:DA:57 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/71ecb785-83f2-49e3-899e-5a6d8098f651.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:5000::/36 Signature Algorithm: sha256WithRSAEncryption 38:e7:ff:26:6c:55:c9:5b:96:d9:4f:d1:71:ad:05:a7:20:53: 36:cf:84:e8:f2:28:f3:73:50:3d:7b:0e:29:3e:cd:af:53:b3: 9b:b9:c5:ba:b1:33:fe:0a:b3:37:b7:6f:36:84:af:11:5e:df: ca:eb:47:1b:30:9f:5b:af:c8:fe:db:08:49:85:fd:01:2d:a3: c1:57:03:81:95:59:15:82:45:99:f5:33:8e:e6:c0:d1:9d:e6: e4:da:47:9d:7d:0c:da:ed:3d:2d:a5:b5:fd:6b:02:10:f5:5b: 3a:83:e1:6b:48:0e:33:13:34:6b:ad:5d:f3:1e:5a:53:e2:d5: b5:a6:8f:a9:86:02:7d:fd:97:02:42:f7:29:37:25:8d:9f:07: df:02:5e:41:90:04:3c:2e:75:43:d6:82:6e:ac:26:da:07:08: 6d:1e:28:53:28:4f:93:36:cc:3e:6d:3a:00:e4:26:19:c7:12: 78:63:1e:98:74:9f:91:e5:e8:3d:1d:c5:09:66:7e:c8:b6:f2: b7:4a:81:35:f6:7c:be:b0:7f:2b:d6:06:d4:d1:79:0c:a4:da: 3a:e3:f6:bf:9d:bb:51:76:85:0e:94:0c:a8:08:9c:ce:e8:42: 00:1e:78:0b:84:dd:dc:72:67:71:08:ee:5d:aa:06:61:c8:91: 2f:ed:11:a8 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUUmWWdDckgEmgaymxiu+sMCV/XBIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjJaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDJiNjI3NmQxOTE5ZjBiY2M5YzcyOGI0MTNiZGM5YzBlMmRmNTA4NjMxZTQ3 Y2FjNDk3MjM3OGY0OWEzZDY1NDUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQcMRwCfN6u2RhnOEt54OG2MwsqlSulUzLaQPNDUEPYJllmRIBSNXUJhwdK G55km0CmOp+78PNIAmOWJAPZgf/tUxZtgAF6pwAVvrYXBRBXWUdZXIGx/lJJ0Cqp 7NzhRp0E1EtBOEL3eIDt6IpNJjFvHCy1YccqgmmBar4eicmzETNDQxuJUQ+F9c5Y Hq+RdkzOnzcBqWrHCFOFbFdlAMvsBULlMZmxv2ITbaYWds+7JSgMkPmfYcWbwKZj 3XmxkbDSjM28M76+1xQttfu4Z2OSG0Yn6tQuHWg+3FZKX+iLyeBQo+ZI/7AtjbU+ vsiotS9NYstdJC+YHYxG9V7fOn0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5JCwJ U0m+lkdmrFIfDtuyMi7aVzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NzFlY2I3ODUtODNmMi00OWUzLTg5OWUtNWE2ZDgwOThmNjUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NQ MA0GCSqGSIb3DQEBCwUAA4IBAQA45/8mbFXJW5bZT9FxrQWnIFM2z4To8ijzc1A9 ew4pPs2vU7ObucW6sTP+CrM3t282hK8RXt/K60cbMJ9br8j+2whJhf0BLaPBVwOB lVkVgkWZ9TOO5sDRnebk2kedfQza7T0tpbX9awIQ9Vs6g+FrSA4zEzRrrV3zHlpT 4tW1po+phgJ9/ZcCQvcpNyWNnwffAl5BkAQ8LnVD1oJurCbaBwhtHihTKE+TNsw+ bToA5CYZxxJ4Yx6YdJ+R5eg9HcUJZn7ItvK3SoE19ny+sH8r1gbU0XkMpNo64/a/ nbtRdoUOlAyoCJzO6EIAHngLhN3ccmdxCO5dqgZhyJEv7RGo -----END CERTIFICATE-----Generated at Sat Dec 6 15:35:39 2025 by rpki-client