This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa File: 751d5a0a-c925-4787-ac94-98c23675f1ba.roa (raw, json) Hash identifier: ZGc+hnjjm7Qf5JeX1IfmmhWkhpzXP8UihwYA69kyBMI= Subject key identifier: F1:D3:80:BF:A6:91:9E:20:13:C5:8B:0B:29:26:8F:65:48:45:D1:46 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 7FC312A7B301998A4DF759CA610ABEEF01D3D176 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa Signing time: Tue 02 Dec 2025 01:40:56 +0000 ROA not before: Tue 02 Dec 2025 01:40:56 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:f840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:c3:12:a7:b3:01:99:8a:4d:f7:59:ca:61:0a:be:ef:01:d3:d1:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:56 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=ae9b7dd6fb5029f39c56acf9baa27e3716d82b823ed96cf862bc6dded5a16cff, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:7d:60:40:22:8d:9a:36:fc:ce:0c:ea:ac:fd: 0e:5e:e5:03:88:b8:a3:6f:cf:c6:6e:f5:fe:c2:78: bf:92:6c:77:79:a8:42:95:d3:a7:73:08:85:4c:37: 0a:42:f8:0c:0c:8b:05:bf:ec:c1:a3:db:d0:b8:34: 7c:06:1d:4f:b1:43:d5:0b:57:bd:d9:f3:d5:99:6d: 6c:9e:8f:45:21:55:42:55:33:e6:b5:65:53:05:56: 94:63:ea:84:ab:fe:98:4a:ab:c3:53:8c:50:f2:bc: 40:8a:21:37:c6:0e:aa:83:1b:5c:35:2a:3c:ea:9b: 77:d5:0f:c9:76:76:26:b8:67:fa:75:4c:d9:bf:0e: 21:7f:da:c1:9f:59:fe:ee:ea:2f:9f:cc:fa:16:73: c4:40:c5:f2:4e:1b:14:6e:cf:e9:a1:e2:88:29:5b: 5f:36:62:73:08:55:fb:be:37:5a:cf:da:3e:22:b0: 23:2e:9f:36:f8:15:e4:82:17:9e:b0:f1:05:5e:54: 71:45:58:fb:20:3b:e5:10:48:61:f3:dc:ea:27:ce: 40:85:c5:53:23:1e:06:b0:36:09:f0:6c:04:71:dc: dc:80:a7:f9:d1:17:25:5e:f7:dc:68:ea:c7:bc:78: 41:b7:5e:50:30:0d:a6:d4:cc:15:fc:f2:52:5f:7b: e7:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:D3:80:BF:A6:91:9E:20:13:C5:8B:0B:29:26:8F:65:48:45:D1:46 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:f840::/48 Signature Algorithm: sha256WithRSAEncryption 0b:46:20:4e:d9:d5:33:68:80:91:63:ac:01:20:ea:5f:df:c3: 82:a8:7b:b7:4e:86:66:db:bf:c4:40:5e:5a:0f:36:6e:d1:7f: ae:e7:90:40:6e:05:e9:ff:87:6f:cf:69:07:f4:bf:20:7b:8b: 20:81:3e:cd:6b:cd:60:4e:4f:a2:2d:a9:d2:98:66:6c:86:dc: 93:36:c5:5d:0a:7d:22:dc:b3:57:85:b1:a5:d4:bc:9f:d6:3c: ee:8b:98:fb:ac:74:9b:64:c0:77:2e:f0:a9:c4:e1:89:1b:d0: 7b:8f:a3:b5:0c:8a:51:39:ec:d8:18:27:a6:42:86:0d:0b:60: ad:ba:f0:a0:51:70:36:b4:94:c1:ea:5c:b8:3c:de:47:47:dd: 62:c1:80:92:62:9d:97:c8:a2:0d:6c:17:70:92:fc:b6:ee:9f: a1:ed:42:be:aa:d4:94:17:30:3d:d1:1e:f2:19:49:2f:32:8c: 2a:a2:e1:17:b4:86:75:b9:bf:e8:b1:d7:57:38:8a:df:fb:67: 55:c8:1c:ae:3a:c9:6e:ab:10:3a:51:fb:6e:68:f9:6d:a2:6f: ef:8b:3c:ae:53:64:4b:3d:b9:c1:72:d9:5b:a4:0f:94:cf:d7: 6e:df:81:82:3e:a3:79:2a:f4:76:f4:f6:68:a7:17:4f:d0:2b: 62:3c:1c:63 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUf8MSp7MBmYpN91nKYQq+7wHT0XYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNTZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGFlOWI3ZGQ2ZmI1MDI5ZjM5YzU2YWNmOWJhYTI3ZTM3MTZkODJiODIzZWQ5 NmNmODYyYmM2ZGRlZDVhMTZjZmYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ59YEAijZo2/M4M6qz9Dl7lA4i4o2/Pxm71/sJ4v5Jsd3moQpXTp3MIhUw3 CkL4DAyLBb/swaPb0Lg0fAYdT7FD1QtXvdnz1ZltbJ6PRSFVQlUz5rVlUwVWlGPq hKv+mEqrw1OMUPK8QIohN8YOqoMbXDUqPOqbd9UPyXZ2Jrhn+nVM2b8OIX/awZ9Z /u7qL5/M+hZzxEDF8k4bFG7P6aHiiClbXzZicwhV+743Ws/aPiKwIy6fNvgV5IIX nrDxBV5UcUVY+yA75RBIYfPc6ifOQIXFUyMeBrA2CfBsBHHc3ICn+dEXJV733Gjq x7x4QbdeUDANptTMFfzyUl975+8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTx04C/ ppGeIBPFiwspJo9lSEXRRjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NzUxZDVhMGEtYzkyNS00Nzg3LWFjOTQtOThjMjM2NzVmMWJhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4 QDANBgkqhkiG9w0BAQsFAAOCAQEAC0YgTtnVM2iAkWOsASDqX9/Dgqh7t06GZtu/ xEBeWg82btF/rueQQG4F6f+Hb89pB/S/IHuLIIE+zWvNYE5Poi2p0phmbIbckzbF XQp9ItyzV4WxpdS8n9Y87ouY+6x0m2TAdy7wqcThiRvQe4+jtQyKUTns2BgnpkKG DQtgrbrwoFFwNrSUwepcuDzeR0fdYsGAkmKdl8iiDWwXcJL8tu6foe1CvqrUlBcw PdEe8hlJLzKMKqLhF7SGdbm/6LHXVziK3/tnVcgcrjrJbqsQOlH7bmj5baJv74s8 rlNkSz25wXLZW6QPlM/Xbt+Bgj6jeSr0dvT2aKcXT9ArYjwcYw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:44:01 2025 by rpki-client