This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/932067a7-3440-4f62-98a4-f23b9058ac95.roa File: 932067a7-3440-4f62-98a4-f23b9058ac95.roa (raw, json) Hash identifier: GW570gtwa09JR7sWcP3+t+K2gfSleRl9OBgKJ7CYKwI= Subject key identifier: 56:19:05:F9:BE:F6:8B:28:29:ED:F7:C1:80:67:BA:76:55:89:42:78 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 1EAFBA94BE1EEBD008FF8F42E1EA0B3CF44D4B0A Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/932067a7-3440-4f62-98a4-f23b9058ac95.roa Signing time: Tue 02 Dec 2025 01:40:05 +0000 ROA not before: Tue 02 Dec 2025 01:40:05 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:af:ba:94:be:1e:eb:d0:08:ff:8f:42:e1:ea:0b:3c:f4:4d:4b:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:05 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=045efeab811ad5061b6a4c53099a802d3c86daaae86ed509082931cadb832070, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:47:98:72:00:e6:7d:54:d4:68:b6:98:62:89: 95:54:0a:87:61:52:66:2b:8e:df:37:8c:4a:ad:79: f1:fc:d3:89:33:cc:c5:cb:e9:5e:a0:6f:b3:a7:4d: 03:f7:40:66:40:e8:5c:2f:26:ce:6b:e9:66:ee:7a: 6d:d4:c8:8b:7c:b3:ad:60:d9:47:96:32:93:40:aa: 95:26:25:61:64:c8:b6:b5:38:76:c5:e9:8d:43:3c: 44:b0:88:13:d7:94:39:d2:5b:3c:18:a6:a3:7e:bd: 6b:81:33:0b:cd:73:6f:87:fa:f9:84:93:df:f2:03: f8:1f:d1:a1:a1:0f:3b:75:b0:0e:bf:fa:c6:7d:84: 63:09:b5:42:f5:bf:7a:22:30:a1:95:91:7e:80:8b: 33:68:74:e6:c4:4f:bc:c2:95:bc:3c:bd:03:d7:21: 1b:8d:c0:25:5a:ad:01:2a:47:f1:13:6c:fb:a7:6d: 61:b2:f3:02:4c:24:53:f3:9c:78:0a:93:aa:93:69: 71:78:e0:01:26:20:53:94:bb:f2:37:58:35:26:48: a8:9a:c5:47:45:a7:e3:1f:40:8f:c8:f0:f7:65:47: 9f:15:6b:fe:b5:09:df:87:91:a4:01:b4:ce:e2:d7: 38:ed:2c:dc:10:b8:c8:fe:9f:f9:87:88:98:5e:d3: 24:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:19:05:F9:BE:F6:8B:28:29:ED:F7:C1:80:67:BA:76:55:89:42:78 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/932067a7-3440-4f62-98a4-f23b9058ac95.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6::/40 Signature Algorithm: sha256WithRSAEncryption c9:e0:7e:9c:22:e5:51:a9:d2:e0:9f:7c:42:28:93:ac:bf:40: 24:15:85:05:81:0d:6a:cb:b4:84:4c:bb:0f:71:8b:5f:9a:a9: 29:eb:cf:03:96:83:c8:22:78:68:70:5e:76:16:5e:51:ed:c3: 66:e7:9d:cf:5d:89:4a:ba:a3:0c:74:20:1e:88:24:a6:ca:03: bf:5a:d9:ad:c4:6c:ab:43:cc:64:24:30:d8:fc:f6:5a:a6:d5: d3:a1:23:11:63:96:47:03:cd:12:ba:c0:84:fa:4a:b7:ed:1e: 46:f8:d4:3d:58:7f:67:5e:4b:43:7e:24:a7:81:24:30:e5:43: ad:28:3a:75:77:e2:0c:60:95:a1:67:c9:71:77:a7:60:5d:1f: c7:28:c8:d2:c7:d3:a1:00:45:fe:3a:92:29:d1:78:ff:63:74: 11:07:0d:d6:9c:83:04:eb:2c:65:fe:5a:38:8e:9f:42:e2:2a: 6b:db:f7:cd:ae:84:4a:65:71:29:a6:e5:85:6b:9f:80:ec:6b: 05:3e:87:27:a7:53:0e:77:f1:e8:20:24:04:96:b6:02:57:52: b5:0a:a5:65:29:3b:82:89:ca:3e:4f:50:9b:98:e8:31:fe:56: 14:66:2f:78:60:00:20:df:e6:e9:96:c0:2f:b4:85:40:e6:eb: bf:25:16:50 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHq+6lL4e69AI/49C4eoLPPRNSwowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMDVaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDA0NWVmZWFiODExYWQ1MDYxYjZhNGM1MzA5OWE4MDJkM2M4NmRhYWFlODZl ZDUwOTA4MjkzMWNhZGI4MzIwNzAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZHmHIA5n1U1Gi2mGKJlVQKh2FSZiuO3zeMSq158fzTiTPMxcvpXqBvs6dN A/dAZkDoXC8mzmvpZu56bdTIi3yzrWDZR5Yyk0CqlSYlYWTItrU4dsXpjUM8RLCI E9eUOdJbPBimo369a4EzC81zb4f6+YST3/ID+B/RoaEPO3WwDr/6xn2EYwm1QvW/ eiIwoZWRfoCLM2h05sRPvMKVvDy9A9chG43AJVqtASpH8RNs+6dtYbLzAkwkU/Oc eAqTqpNpcXjgASYgU5S78jdYNSZIqJrFR0Wn4x9Aj8jw92VHnxVr/rUJ34eRpAG0 zuLXOO0s3BC4yP6f+YeImF7TJH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWGQX5 vvaLKCnt98GAZ7p2VYlCeDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OTMyMDY3YTctMzQ0MC00ZjYyLTk4YTQtZjIzYjkwNThhYzk1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8YA MA0GCSqGSIb3DQEBCwUAA4IBAQDJ4H6cIuVRqdLgn3xCKJOsv0AkFYUFgQ1qy7SE TLsPcYtfmqkp688DloPIInhocF52Fl5R7cNm553PXYlKuqMMdCAeiCSmygO/Wtmt xGyrQ8xkJDDY/PZaptXToSMRY5ZHA80SusCE+kq37R5G+NQ9WH9nXktDfiSngSQw 5UOtKDp1d+IMYJWhZ8lxd6dgXR/HKMjSx9OhAEX+OpIp0Xj/Y3QRBw3WnIME6yxl /lo4jp9C4ipr2/fNroRKZXEppuWFa5+A7GsFPocnp1MOd/HoICQElrYCV1K1CqVl KTuCico+T1CbmOgx/lYUZi94YAAg3+bplsAvtIVA5uu/JRZQ -----END CERTIFICATE-----Generated at Sat Dec 6 10:49:32 2025 by rpki-client