This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa File: 92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa (raw, json) Hash identifier: EpuynFv32KgRnOTw66RNEwIRTxsERbdieIqPyzChPFY= Subject key identifier: 3F:7C:58:90:3C:8A:3C:F8:FC:46:0A:41:22:53:D9:4B:43:62:A1:C0 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 588D0C3D817909BE1D7972CEF80EA80BB4AE58C0 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa Signing time: Tue 02 Dec 2025 01:40:19 +0000 ROA not before: Tue 02 Dec 2025 01:40:19 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:4000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:8d:0c:3d:81:79:09:be:1d:79:72:ce:f8:0e:a8:0b:b4:ae:58:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:19 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=a0ff8b9b4664d6cd05d44dce2fa1249d4a8292c5417b3e8e02d6fb0149ba9999, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:6f:93:b9:6a:7f:2c:c1:d2:d8:e8:5b:06:cc: ec:bf:f9:df:47:0a:59:9f:9d:90:0c:8f:bf:32:61: 37:1b:89:7e:45:4a:71:ff:dc:6f:ee:f4:37:43:5d: 91:76:a4:9e:ff:ac:c5:2a:8f:e7:eb:e5:ed:71:ab: 3a:3d:88:08:8d:b2:4d:54:87:07:b6:7d:2d:02:62: f3:2a:e9:e5:ae:22:f5:35:96:83:34:5e:9a:22:64: f0:e3:92:08:5a:87:88:95:57:aa:75:2a:b4:d5:07: 28:65:8f:0b:3b:73:43:95:b4:f8:ae:eb:44:64:01: 1a:4b:bf:3e:1f:97:e9:3e:47:20:a7:35:b4:5e:37: f3:da:67:89:79:73:ae:fc:6b:9f:92:cb:a5:e7:ff: 20:f6:c0:05:46:ae:67:c6:a0:4e:40:eb:54:ef:87: 84:5b:d9:2e:10:cd:a3:f4:3d:89:c8:f9:45:3e:02: 1b:73:04:31:62:b8:4c:19:60:13:45:83:d5:69:a5: ff:7d:33:79:92:cb:52:1f:c8:bd:7b:81:03:46:80: 41:56:56:54:86:c5:58:7b:25:2c:96:e0:00:a8:74: b4:1f:6c:b8:22:1e:e1:7e:97:40:34:73:28:fa:7f: 49:30:ce:25:a3:f6:71:5c:85:b3:83:bd:06:cd:17: 2a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:7C:58:90:3C:8A:3C:F8:FC:46:0A:41:22:53:D9:4B:43:62:A1:C0 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:4000::/36 Signature Algorithm: sha256WithRSAEncryption 71:0a:37:8f:ea:44:e4:fc:44:2d:53:b4:23:26:39:33:f4:75: cb:1f:d2:db:98:79:34:72:88:84:c6:28:2d:76:52:6c:5b:27: ba:56:12:a0:4e:9e:d3:7a:9a:b6:c6:49:9c:63:21:56:3f:0e: de:98:0f:06:8c:ed:66:e4:0d:ec:63:89:e8:ab:e5:ad:04:7a: e5:d4:9c:6f:b7:e4:64:3e:ed:07:5d:5e:21:31:8d:00:15:05: 4f:b7:2a:12:51:ba:9b:06:c1:9a:4f:a2:80:c1:82:ed:7a:18: c2:02:45:f2:d2:8f:8d:70:4c:dc:59:86:f6:c3:a2:34:8b:1f: 68:9c:10:7d:ca:1a:ee:29:20:27:5c:b1:bf:52:e5:02:60:e7: c3:5b:97:ff:67:c5:69:f4:31:e7:f6:62:2b:86:0d:a5:9f:f6: 55:32:47:d9:af:9c:68:4d:71:9d:56:3d:1b:94:db:85:76:ff: 57:ef:09:82:66:f9:43:17:a7:5d:09:ae:6b:79:70:33:5c:21: 9e:ab:60:38:0d:51:5c:cb:2a:02:e2:a9:d4:ea:0a:4e:2a:5d: 45:2c:bc:69:82:27:b7:9a:2c:b2:d2:74:92:54:07:de:79:24: 5f:7b:c0:e9:f1:b3:41:bc:75:e2:e7:97:82:f7:de:1b:54:16: f3:70:7a:64 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWI0MPYF5Cb4deXLO+A6oC7SuWMAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMTlaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGEwZmY4YjliNDY2NGQ2Y2QwNWQ0NGRjZTJmYTEyNDlkNGE4MjkyYzU0MTdi M2U4ZTAyZDZmYjAxNDliYTk5OTkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAORvk7lqfyzB0tjoWwbM7L/530cKWZ+dkAyPvzJhNxuJfkVKcf/cb+70N0Nd kXaknv+sxSqP5+vl7XGrOj2ICI2yTVSHB7Z9LQJi8yrp5a4i9TWWgzRemiJk8OOS CFqHiJVXqnUqtNUHKGWPCztzQ5W0+K7rRGQBGku/Ph+X6T5HIKc1tF4389pniXlz rvxrn5LLpef/IPbABUauZ8agTkDrVO+HhFvZLhDNo/Q9icj5RT4CG3MEMWK4TBlg E0WD1Wml/30zeZLLUh/IvXuBA0aAQVZWVIbFWHslLJbgAKh0tB9suCIe4X6XQDRz KPp/STDOJaP2cVyFs4O9Bs0XKhsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/fFiQ PIo8+PxGCkEiU9lLQ2KhwDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OTJiNTY2ZjQtOWM5MC00MDcwLWI1YmQtZjg5YzdkYTIzYzhhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA MA0GCSqGSIb3DQEBCwUAA4IBAQBxCjeP6kTk/EQtU7QjJjkz9HXLH9LbmHk0coiE xigtdlJsWye6VhKgTp7Tepq2xkmcYyFWPw7emA8GjO1m5A3sY4noq+WtBHrl1Jxv t+RkPu0HXV4hMY0AFQVPtyoSUbqbBsGaT6KAwYLtehjCAkXy0o+NcEzcWYb2w6I0 ix9onBB9yhruKSAnXLG/UuUCYOfDW5f/Z8Vp9DHn9mIrhg2ln/ZVMkfZr5xoTXGd Vj0blNuFdv9X7wmCZvlDF6ddCa5reXAzXCGeq2A4DVFcyyoC4qnU6gpOKl1FLLxp gie3miyy0nSSVAfeeSRfe8Dp8bNBvHXi55eC994bVBbzcHpk -----END CERTIFICATE-----Generated at Sat Dec 6 21:48:03 2025 by rpki-client