This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa File: 8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa (raw, json) Hash identifier: 2vNY7ekRK+UXU3ypyjYP+0nu+1cMQQ6E/fAfscctaes= Subject key identifier: DC:BE:41:A6:4D:E0:EB:4C:11:3B:7F:C9:F2:62:D7:A1:7A:16:1F:A2 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 6BBA3E5D119EAD908CC3EB96D5D580271B3B9381 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa Signing time: Tue 02 Dec 2025 01:30:10 +0000 ROA not before: Tue 02 Dec 2025 01:30:10 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:b000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:ba:3e:5d:11:9e:ad:90:8c:c3:eb:96:d5:d5:80:27:1b:3b:93:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:10 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=e71bbeaafdd650b215e1131981c25da1e0d2edc245749c353959bf4fc03f81eb, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f1:64:95:f6:75:47:5b:34:aa:84:03:aa:9d: 02:70:b1:d1:76:ae:bd:bd:d9:6a:d9:da:0b:2a:9b: 2e:f7:c7:6c:da:38:aa:21:73:96:6e:de:51:d0:86: 20:3c:ce:d9:de:6d:57:b7:04:99:09:e7:48:f8:cf: b0:bb:54:0a:fa:ef:e6:a0:e6:4c:13:00:63:49:58: 06:4d:7c:47:7c:36:30:63:5d:fd:53:1a:8f:3f:62: c6:b1:25:35:1c:e1:cd:68:ec:7c:7d:9f:e2:a7:7f: 2a:39:25:df:02:12:f9:95:b4:1d:2e:f3:63:c1:d2: 8f:08:49:da:08:90:c5:81:d3:04:4b:1f:e9:85:3c: 0b:d8:92:53:86:cc:22:c2:2c:51:69:d3:97:28:fe: 28:65:f5:37:b3:e8:27:f8:67:14:83:61:53:7e:6b: 20:17:b2:7d:a8:77:b2:cb:b9:98:14:2e:a2:99:9a: 0e:1b:90:4c:64:76:c2:f2:75:e0:9b:64:a8:a9:ee: 6a:aa:d0:3f:bf:7e:ed:cd:01:73:ca:ee:bf:82:b5: 2a:8d:90:d9:02:04:5e:cd:08:25:7c:1b:a6:cb:78: e9:6b:22:a2:e9:ac:d7:e1:9f:04:d5:05:3e:f9:64: b1:b1:f6:02:f0:a9:0b:c2:bf:bc:75:77:39:f7:1d: 35:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:BE:41:A6:4D:E0:EB:4C:11:3B:7F:C9:F2:62:D7:A1:7A:16:1F:A2 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:b000::/36 Signature Algorithm: sha256WithRSAEncryption 04:b5:9c:36:e5:16:2b:6f:0e:65:62:e2:4d:a2:d4:4b:43:e6: f3:dc:9e:2f:6a:37:48:cb:9c:c3:62:de:f1:b8:5b:5d:c8:a9: 0a:39:50:f6:89:4f:53:80:26:3f:dc:2c:39:34:77:1c:02:d4: bc:2b:39:3e:87:3a:b7:05:0d:31:4e:b4:be:cb:40:2f:9b:f3: 9e:a9:23:18:39:36:44:0c:a1:ba:c4:33:04:c5:ab:5b:63:db: 39:47:5a:12:db:76:b8:f6:33:d6:61:f7:14:1f:1f:35:b4:68: 42:3e:0a:66:c2:33:c3:27:33:e2:1d:f9:00:67:b8:64:c8:fa: 2c:c8:23:c0:3d:e3:5e:f7:ca:89:7c:f6:a6:72:1a:bc:31:78: 02:64:64:83:d0:39:ba:32:b2:dd:f6:8c:a2:41:22:31:eb:8c: b8:5d:7b:59:5b:30:22:7e:b5:e8:6c:3a:46:ef:cd:22:8a:c9: 19:25:1f:54:a0:cc:77:4d:1c:35:fe:a8:ee:76:95:19:55:20: ab:75:71:94:7c:99:fd:80:10:59:4d:9e:15:6e:37:d9:e1:b9: 15:42:4e:c8:02:a5:96:b1:db:fa:d1:b8:7c:f4:39:5a:08:0a: 51:59:21:16:65:c3:e5:d3:6b:d0:c4:e2:73:0b:0d:93:7d:58: 31:c7:bd:e9 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUa7o+XRGerZCMw+uW1dWAJxs7k4EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTBaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGU3MWJiZWFhZmRkNjUwYjIxNWUxMTMxOTgxYzI1ZGExZTBkMmVkYzI0NTc0 OWMzNTM5NTliZjRmYzAzZjgxZWIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANrxZJX2dUdbNKqEA6qdAnCx0Xauvb3ZatnaCyqbLvfHbNo4qiFzlm7eUdCG IDzO2d5tV7cEmQnnSPjPsLtUCvrv5qDmTBMAY0lYBk18R3w2MGNd/VMajz9ixrEl NRzhzWjsfH2f4qd/Kjkl3wIS+ZW0HS7zY8HSjwhJ2giQxYHTBEsf6YU8C9iSU4bM IsIsUWnTlyj+KGX1N7PoJ/hnFINhU35rIBeyfah3ssu5mBQuopmaDhuQTGR2wvJ1 4JtkqKnuaqrQP79+7c0Bc8ruv4K1Ko2Q2QIEXs0IJXwbpst46Wsioums1+GfBNUF PvlksbH2AvCpC8K/vHV3OfcdNfkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcvkGm TeDrTBE7f8nyYtehehYfojAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OGQ2NjFhYWItZTZiNS00Y2EwLTgxMDktZjBlN2Y0ZDI0YzRmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8ew MA0GCSqGSIb3DQEBCwUAA4IBAQAEtZw25RYrbw5lYuJNotRLQ+bz3J4vajdIy5zD Yt7xuFtdyKkKOVD2iU9TgCY/3Cw5NHccAtS8Kzk+hzq3BQ0xTrS+y0Avm/OeqSMY OTZEDKG6xDMExatbY9s5R1oS23a49jPWYfcUHx81tGhCPgpmwjPDJzPiHfkAZ7hk yPosyCPAPeNe98qJfPamchq8MXgCZGSD0Dm6MrLd9oyiQSIx64y4XXtZWzAifrXo bDpG780iiskZJR9UoMx3TRw1/qjudpUZVSCrdXGUfJn9gBBZTZ4VbjfZ4bkVQk7I AqWWsdv60bh89DlaCApRWSEWZcPl02vQxOJzCw2TfVgxx73p -----END CERTIFICATE-----Generated at Sun Dec 7 00:16:23 2025 by rpki-client