This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9387863c-57eb-495e-863a-5f309d45c90f.roa File: 9387863c-57eb-495e-863a-5f309d45c90f.roa (raw, json) Hash identifier: k4gyvFzDop+MTmmK8foQmQSJyayBh/vsbe/Qsetw0K8= Subject key identifier: 68:1B:25:3D:63:74:B5:A9:F3:CD:D4:9E:33:71:FA:CB:2E:F9:3E:C7 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 300EE83C211C9BD2ACFE5DDAE5921EF4E0B27A18 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9387863c-57eb-495e-863a-5f309d45c90f.roa Signing time: Tue 02 Dec 2025 01:40:36 +0000 ROA not before: Tue 02 Dec 2025 01:40:36 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:6800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:0e:e8:3c:21:1c:9b:d2:ac:fe:5d:da:e5:92:1e:f4:e0:b2:7a:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:36 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=45d856cf7569ab48a50262857c521c58dba7c9b681904aa08c8802ceb00a8fa1, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b1:fa:c9:bf:9d:7d:8a:3f:cb:52:e1:d0:99: 25:32:b5:f4:d3:9e:8c:a9:b3:11:4e:13:ec:21:fc: 07:a7:1f:3f:f8:b4:ea:9a:67:b8:e2:37:55:57:9b: f3:74:ea:c1:86:2b:72:f4:9c:42:1d:6d:cc:84:34: d9:fa:9d:54:62:d3:c7:86:9a:a2:81:7a:ca:ac:0d: 50:5d:6c:7b:fd:5d:ba:9d:56:5c:f7:0b:5c:1b:0f: 1a:d8:69:1e:ad:b3:a2:98:ce:40:4c:10:2f:b2:85: f7:52:5a:23:5e:83:53:77:48:7a:65:1c:2f:64:6f: 76:d1:b1:45:ce:14:00:d1:f4:bb:3a:32:14:c4:db: 4e:f4:29:19:7c:8a:fe:19:48:eb:d3:f3:d7:ed:8a: 01:4a:7f:b1:0e:4f:9d:6a:99:54:2f:39:ae:c6:87: b6:07:62:95:d4:0b:b4:be:39:e0:3b:96:b5:c5:5b: 6c:5e:e2:16:ee:2b:c8:22:6b:7b:67:7c:10:4d:c7: d5:64:f4:ba:a9:84:db:18:f5:f3:4c:c8:89:7f:ec: 53:ad:cf:d3:e0:db:ae:7b:ab:26:9d:25:4d:dd:09: ba:3a:b1:e9:3f:13:e7:60:5b:fb:2c:d7:ca:b3:37: cb:97:74:a8:8c:7a:1b:31:90:ce:9a:d6:40:15:b7: e2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:1B:25:3D:63:74:B5:A9:F3:CD:D4:9E:33:71:FA:CB:2E:F9:3E:C7 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9387863c-57eb-495e-863a-5f309d45c90f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:6800::/40 Signature Algorithm: sha256WithRSAEncryption 0a:af:a5:31:95:9c:00:6a:e7:17:b2:d3:ae:55:12:2c:c6:05: 4b:ac:30:6e:b0:88:b4:36:f4:a5:81:d9:1c:3a:37:3b:eb:a2: 2d:f0:85:1a:6f:55:01:e6:d8:45:01:85:8b:b2:60:42:46:57: 72:fd:40:0d:e0:20:ab:3b:eb:14:a3:b4:71:1f:25:fc:21:5f: 5a:c0:de:b4:d0:b5:0c:cd:9e:dc:c4:cb:28:f3:a2:1d:28:e8: 8f:89:e0:1a:34:24:3d:fe:80:21:18:ea:8e:53:06:9f:14:a0: 0a:63:40:f9:c3:92:00:aa:4a:9a:ae:32:13:7f:af:8f:88:3e: 02:46:95:8f:69:b9:bd:79:09:8a:28:b7:92:e8:c0:ff:83:d3: ba:2b:21:75:fc:91:59:9d:ec:bb:16:9d:3b:6c:e5:30:9e:8d: c4:14:60:ae:e2:69:26:d0:5d:5f:d4:f1:fb:10:55:6b:f0:53: e4:09:15:61:84:80:69:38:aa:b8:82:9f:58:dd:7f:9b:37:c4: bc:66:24:14:ba:13:a5:05:ec:33:45:d0:58:eb:cf:88:5b:ae: 53:82:76:b7:a8:67:83:f2:28:8b:05:9e:22:11:3b:b1:8b:51: 6d:05:1c:5a:f3:80:e7:33:99:fb:b2:2e:fc:ff:2c:e7:b1:56: 98:f7:bd:c6 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMA7oPCEcm9Ks/l3a5ZIe9OCyehgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDQ1ZDg1NmNmNzU2OWFiNDhhNTAyNjI4NTdjNTIxYzU4ZGJhN2M5YjY4MTkw NGFhMDhjODgwMmNlYjAwYThmYTExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKyx+sm/nX2KP8tS4dCZJTK19NOejKmzEU4T7CH8B6cfP/i06ppnuOI3VVeb 83TqwYYrcvScQh1tzIQ02fqdVGLTx4aaooF6yqwNUF1se/1dup1WXPcLXBsPGthp Hq2zopjOQEwQL7KF91JaI16DU3dIemUcL2RvdtGxRc4UANH0uzoyFMTbTvQpGXyK /hlI69Pz1+2KAUp/sQ5PnWqZVC85rsaHtgdildQLtL454DuWtcVbbF7iFu4ryCJr e2d8EE3H1WT0uqmE2xj180zIiX/sU63P0+DbrnurJp0lTd0Jujqx6T8T52Bb+yzX yrM3y5d0qIx6GzGQzprWQBW34r0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRoGyU9 Y3S1qfPN1J4zcfrLLvk+xzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OTM4Nzg2M2MtNTdlYi00OTVlLTg2M2EtNWYzMDlkNDVjOTBmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do MA0GCSqGSIb3DQEBCwUAA4IBAQAKr6UxlZwAaucXstOuVRIsxgVLrDBusIi0NvSl gdkcOjc766It8IUab1UB5thFAYWLsmBCRldy/UAN4CCrO+sUo7RxHyX8IV9awN60 0LUMzZ7cxMso86IdKOiPieAaNCQ9/oAhGOqOUwafFKAKY0D5w5IAqkqarjITf6+P iD4CRpWPabm9eQmKKLeS6MD/g9O6KyF1/JFZney7Fp07bOUwno3EFGCu4mkm0F1f 1PH7EFVr8FPkCRVhhIBpOKq4gp9Y3X+bN8S8ZiQUuhOlBewzRdBY68+IW65Tgna3 qGeD8iiLBZ4iETuxi1FtBRxa84DnM5n7si78/yznsVaY973G -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:59 2025 by rpki-client