This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa File: 81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa (raw, json) Hash identifier: dPhXQik+7m0Nus5sS3Sk+Po0p3Xcr+FFQfdlv8SfSyU= Subject key identifier: 1A:59:C8:5B:B4:79:81:5F:E7:0A:35:F7:32:A6:77:C7:F1:AD:57:5D Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 171AB73FEA85236E3FCBD0EAFAA64C9D8522EF17 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa Signing time: Tue 02 Dec 2025 01:40:58 +0000 ROA not before: Tue 02 Dec 2025 01:40:58 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:1a:b7:3f:ea:85:23:6e:3f:cb:d0:ea:fa:a6:4c:9d:85:22:ef:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:58 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=31a7956b48dca58f9e8ce7e533cabb486eb90cbf7ec0e3822767987b67782704, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:f6:97:3f:21:df:5d:d0:ec:99:14:8f:87:65: b5:6d:43:3a:4a:ec:f5:fb:75:48:09:12:d6:3e:01: 57:4c:b8:85:89:b7:16:a3:28:cb:17:76:1c:1c:99: 5d:57:1c:ce:00:75:29:9b:04:40:51:07:b7:c9:69: 58:90:9a:18:c7:b8:34:6b:36:f4:fd:88:42:63:a9: 8b:f7:b0:0f:9a:b4:fb:ab:9b:1c:ee:98:c3:c3:ee: 39:81:27:c5:9c:92:ae:ee:46:1b:38:c1:0b:62:5d: 5e:83:f4:cd:9f:e5:95:e3:56:84:f5:c1:2c:8b:6d: 1a:35:5a:f5:21:38:65:11:54:50:1c:58:4a:bf:f1: c4:83:ff:a6:1b:dc:66:e1:5f:0b:23:10:e1:30:c6: e3:68:1a:fb:da:60:4e:be:7b:f2:1d:dc:61:3b:4d: ac:a6:25:2c:9e:4e:cb:cf:ed:82:da:a6:c4:19:72: 4d:76:ab:2f:b4:91:48:0c:78:c4:15:61:78:5f:c5: a4:5c:f2:60:90:5c:08:1a:69:12:c4:17:16:07:41: f0:ea:04:99:b0:3d:43:33:6d:1b:5a:b5:93:8e:6c: 33:b6:35:be:a8:13:10:c7:8f:30:2c:b0:4c:87:a1: 69:b0:ba:fc:82:36:6f:a1:db:84:ef:49:77:35:fe: 4e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:59:C8:5B:B4:79:81:5F:E7:0A:35:F7:32:A6:77:C7:F1:AD:57:5D X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:2000::/36 Signature Algorithm: sha256WithRSAEncryption 65:e6:41:c7:53:a6:dc:b4:8d:5d:f8:8f:4b:d3:6d:32:da:25: 99:fd:59:8f:7b:df:bd:89:5c:5f:f4:91:45:82:81:dd:be:3b: 49:bf:90:b4:b1:19:e0:3c:10:70:3e:6a:ff:a2:78:59:67:a2: 8d:34:0e:57:e2:68:cc:fa:9f:bc:10:80:ec:b9:68:3b:bc:dd: 62:a5:7e:e0:26:56:ca:3e:01:3f:0a:eb:48:02:2d:63:c0:97: e7:47:a5:fa:50:20:35:f4:8a:69:74:43:0a:41:6f:40:c8:c5: f7:26:b0:e4:48:9b:8b:36:ff:c4:d3:d8:e6:52:fb:e5:38:99: 31:b0:4b:5c:3c:8e:ef:3b:cb:9e:86:4f:ae:fc:96:33:d5:f9: f0:78:ee:9b:ab:4c:dd:ed:94:a8:72:bf:4b:3d:dd:9c:88:a4: ef:2d:ff:c1:ae:1e:42:84:86:e3:a9:61:2b:39:94:c8:e1:16: 9e:e2:53:3c:46:c8:3b:b7:cc:fd:c1:50:0d:35:53:4f:d9:6b: 4b:6e:33:b0:6f:c3:d6:b8:9c:7d:33:a6:be:97:9c:b1:b9:6d: da:8a:af:cb:32:e0:42:5a:4d:dc:4e:68:86:9b:b1:65:c5:a9: 88:58:dd:2d:cb:ab:12:74:55:72:ab:c6:14:c6:a8:6d:1c:24: 95:48:a3:79 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFxq3P+qFI24/y9Dq+qZMnYUi7xcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNThaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDMxYTc5NTZiNDhkY2E1OGY5ZThjZTdlNTMzY2FiYjQ4NmViOTBjYmY3ZWMw ZTM4MjI3Njc5ODdiNjc3ODI3MDQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJP2lz8h313Q7JkUj4dltW1DOkrs9ft1SAkS1j4BV0y4hYm3FqMoyxd2HByZ XVcczgB1KZsEQFEHt8lpWJCaGMe4NGs29P2IQmOpi/ewD5q0+6ubHO6Yw8PuOYEn xZySru5GGzjBC2JdXoP0zZ/lleNWhPXBLIttGjVa9SE4ZRFUUBxYSr/xxIP/phvc ZuFfCyMQ4TDG42ga+9pgTr578h3cYTtNrKYlLJ5Oy8/tgtqmxBlyTXarL7SRSAx4 xBVheF/FpFzyYJBcCBppEsQXFgdB8OoEmbA9QzNtG1q1k45sM7Y1vqgTEMePMCyw TIehabC6/II2b6HbhO9JdzX+TnECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQaWchb tHmBX+cKNfcypnfH8a1XXTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ODFjMGUwOGYtNWRmOC00ZDBkLWEwNzAtNzBjYTQ4NGZiZjE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg MA0GCSqGSIb3DQEBCwUAA4IBAQBl5kHHU6bctI1d+I9L020y2iWZ/VmPe9+9iVxf 9JFFgoHdvjtJv5C0sRngPBBwPmr/onhZZ6KNNA5X4mjM+p+8EIDsuWg7vN1ipX7g JlbKPgE/CutIAi1jwJfnR6X6UCA19IppdEMKQW9AyMX3JrDkSJuLNv/E09jmUvvl OJkxsEtcPI7vO8uehk+u/JYz1fnweO6bq0zd7ZSocr9LPd2ciKTvLf/Brh5ChIbj qWErOZTI4Rae4lM8Rsg7t8z9wVANNVNP2WtLbjOwb8PWuJx9M6a+l5yxuW3aiq/L MuBCWk3cTmiGm7FlxamIWN0ty6sSdFVyq8YUxqhtHCSVSKN5 -----END CERTIFICATE-----Generated at Sun Dec 7 01:07:16 2025 by rpki-client