This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8141b7c7-3722-47fb-a87c-13473348f317.roa File: 8141b7c7-3722-47fb-a87c-13473348f317.roa (raw, json) Hash identifier: aIXHsEmQS3Wr5esLlOBgxaJbQNGv49OCO9pM3iDRYJc= Subject key identifier: 03:C2:73:66:7E:9B:18:7E:F6:F7:19:FC:AA:14:89:50:CD:22:A4:95 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 651FEE97500B924B5A61D3A381C822668E179710 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8141b7c7-3722-47fb-a87c-13473348f317.roa Signing time: Tue 02 Dec 2025 01:40:58 +0000 ROA not before: Tue 02 Dec 2025 01:40:58 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc1:8800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:1f:ee:97:50:0b:92:4b:5a:61:d3:a3:81:c8:22:66:8e:17:97:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:58 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=a079d81cda4203c95f4922b3abfabd273b55340e75bf9187bc7843f12a28f0a0, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:2f:c0:01:a3:a1:9f:4e:34:b4:3d:9e:b3:3c: a5:d3:32:1e:30:f4:64:24:c9:c7:3a:49:54:5f:0b: 60:cb:46:1a:da:7f:7e:27:5c:12:67:2d:32:92:16: a6:20:5f:27:7b:48:c9:f8:83:61:2a:ff:a5:5f:bd: b9:37:31:0b:ca:9a:16:8a:e9:28:ec:d5:63:8e:14: 46:58:66:d7:df:32:19:38:62:f7:f7:5b:f7:d1:2f: 4b:1d:53:4b:8a:3c:e9:83:94:83:ba:1f:d3:84:0a: 21:6c:99:d0:3d:c0:d7:91:0c:4b:8b:c5:bb:5f:cc: ac:77:91:f0:97:10:ec:a1:28:f2:9a:54:3e:be:04: 96:c0:2f:5a:c8:64:79:69:90:31:e5:8f:94:35:fb: cb:13:bb:d8:3c:c6:a2:8e:3f:e9:86:67:52:ab:8d: 3e:c1:dd:05:cc:76:93:f2:b6:aa:71:5a:9c:61:6a: d3:9f:c5:94:95:73:72:3d:42:82:d9:dd:99:61:83: 5f:61:37:2b:b6:93:66:15:0f:e7:22:5d:11:a6:6b: bd:77:0a:0e:42:d4:da:8c:3f:70:49:53:8b:a6:7f: 49:5f:a0:b4:7b:54:a6:cb:a6:4b:6b:0e:81:7a:1b: ed:32:18:9e:16:7d:d9:27:68:48:d8:0f:56:fa:92: 8c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:C2:73:66:7E:9B:18:7E:F6:F7:19:FC:AA:14:89:50:CD:22:A4:95 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8141b7c7-3722-47fb-a87c-13473348f317.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc1:8800::/38 Signature Algorithm: sha256WithRSAEncryption 1c:31:1b:a0:f0:de:39:8a:05:00:80:b7:70:e8:c4:15:e7:09: 44:3e:14:dd:c3:6a:7f:a3:30:f9:5e:61:41:db:43:3b:0d:b2: 2c:a8:94:20:7f:2b:08:92:c8:88:3f:e1:7b:67:fd:61:d1:d2: 9e:16:02:bd:15:9b:ba:78:85:ab:f1:f0:0d:c5:0b:80:49:ac: 1a:01:b9:fb:f9:c1:34:27:9d:53:b3:7f:33:3d:7d:53:ac:0e: d4:dd:0f:8b:bd:7f:6f:21:a5:7b:e0:c0:54:ac:0c:0c:e8:16: 96:47:78:b7:30:fb:37:dd:9c:63:51:c4:f7:06:40:d2:d9:ae: cd:27:14:22:2c:c6:93:06:ca:26:3d:9d:1c:b9:e0:16:f8:21: e9:e2:6a:41:87:35:57:82:1e:63:c1:d5:bb:dd:f9:69:88:c1: 9a:2c:14:cf:ca:93:ee:5c:c4:35:44:8f:75:fa:b3:d3:c8:3b: 5d:85:25:ee:c1:50:95:ed:28:c7:93:3a:b9:2d:dd:53:f3:b0: 61:b1:3b:b7:47:2b:d7:45:44:1a:b8:26:b2:72:dc:ff:65:88: f0:b1:5d:25:a2:dd:59:8e:68:89:ad:d6:6b:2d:d5:57:44:14: 2f:72:cd:2c:fd:10:81:c2:b4:e2:64:bc:26:6d:71:d5:29:be: 2b:40:ae:b1 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZR/ul1ALkktaYdOjgcgiZo4XlxAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNThaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGEwNzlkODFjZGE0MjAzYzk1ZjQ5MjJiM2FiZmFiZDI3M2I1NTM0MGU3NWJm OTE4N2JjNzg0M2YxMmEyOGYwYTAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJgvwAGjoZ9ONLQ9nrM8pdMyHjD0ZCTJxzpJVF8LYMtGGtp/fidcEmctMpIW piBfJ3tIyfiDYSr/pV+9uTcxC8qaForpKOzVY44URlhm198yGThi9/db99EvSx1T S4o86YOUg7of04QKIWyZ0D3A15EMS4vFu1/MrHeR8JcQ7KEo8ppUPr4ElsAvWshk eWmQMeWPlDX7yxO72DzGoo4/6YZnUquNPsHdBcx2k/K2qnFanGFq05/FlJVzcj1C gtndmWGDX2E3K7aTZhUP5yJdEaZrvXcKDkLU2ow/cElTi6Z/SV+gtHtUpsumS2sO gXob7TIYnhZ92SdoSNgPVvqSjCkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDwnNm fpsYfvb3GfyqFIlQzSKklTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ODE0MWI3YzctMzcyMi00N2ZiLWE4N2MtMTM0NzMzNDhmMzE3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GI MA0GCSqGSIb3DQEBCwUAA4IBAQAcMRug8N45igUAgLdw6MQV5wlEPhTdw2p/ozD5 XmFB20M7DbIsqJQgfysIksiIP+F7Z/1h0dKeFgK9FZu6eIWr8fANxQuASawaAbn7 +cE0J51Ts38zPX1TrA7U3Q+LvX9vIaV74MBUrAwM6BaWR3i3MPs33ZxjUcT3BkDS 2a7NJxQiLMaTBsomPZ0cueAW+CHp4mpBhzVXgh5jwdW73flpiMGaLBTPypPuXMQ1 RI91+rPTyDtdhSXuwVCV7SjHkzq5Ld1T87BhsTu3RyvXRUQauCayctz/ZYjwsV0l ot1ZjmiJrdZrLdVXRBQvcs0s/RCBwrTiZLwmbXHVKb4rQK6x -----END CERTIFICATE-----Generated at Sat Dec 6 21:46:57 2025 by rpki-client