This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa File: 9a1e6435-6342-4b18-94d7-27beb2ce0519.roa (raw, json) Hash identifier: KpqgMvnOWB+0oyFJ1lnS7nXliYdmo+ZaF2N6b4mV7yM= Subject key identifier: DA:8D:D6:E2:9D:47:8F:9C:AA:51:C2:CD:D6:17:B1:62:58:76:25:0C Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 4A5D941B6B26A59A378E8CBAABAC49AF0422009C Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa Signing time: Tue 02 Dec 2025 01:40:11 +0000 ROA not before: Tue 02 Dec 2025 01:40:11 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:a000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:5d:94:1b:6b:26:a5:9a:37:8e:8c:ba:ab:ac:49:af:04:22:00:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:11 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=dc144047ebdebb59c1b259dc8c421b0877be76ec8a4a409b16ccc43310bf8f8b, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e4:1f:93:3b:39:0c:fe:da:c7:99:52:a1:93: b4:af:2e:be:52:ad:18:19:9d:60:4d:5a:8e:b4:1f: 98:43:c6:7e:02:72:14:b9:88:46:d4:f2:98:3a:3e: 03:f3:96:df:4d:02:75:81:3a:cc:5e:18:0b:5d:72: c6:d4:fe:dd:fa:70:e6:92:17:b4:51:a9:98:8c:dc: f5:b4:66:9a:14:d1:42:17:28:a3:6a:aa:b9:7c:7b: 14:8d:b1:0f:d1:82:93:5c:62:fe:f5:ee:e3:eb:0b: 74:37:78:0d:17:19:31:03:e8:28:cc:53:09:f4:b5: b9:86:13:b7:cf:e5:9a:9f:ac:8f:aa:55:5f:dc:10: 63:ec:ed:69:89:35:e4:af:0f:cc:55:62:e1:b4:00: eb:53:21:29:fb:ed:eb:96:9f:cb:cb:5d:e9:a4:e3: d5:36:27:09:cd:e1:18:9d:d8:74:d8:99:97:ef:c0: e4:9b:4e:da:35:0f:00:a9:fe:48:84:6e:ac:c4:67: e1:89:0b:a4:92:d6:f8:15:e6:fa:cc:4a:10:fe:7b: 66:51:21:29:92:cd:86:ea:3f:30:9b:c6:4b:8d:07: 1f:e7:a8:cc:8e:a3:d4:4a:3f:8e:0b:42:11:6c:92: c8:49:df:55:a8:d2:9f:69:ab:96:9f:da:3a:41:38: 5e:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:8D:D6:E2:9D:47:8F:9C:AA:51:C2:CD:D6:17:B1:62:58:76:25:0C X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:a000::/36 Signature Algorithm: sha256WithRSAEncryption 36:43:0a:8f:b7:c6:d2:8e:19:33:8f:8f:f7:63:27:58:24:61: 67:d7:03:9a:ed:a5:ee:2d:3c:08:69:1c:e4:96:45:0b:59:0f: ec:63:b6:06:08:d6:6e:78:5d:f7:dd:8b:d1:f7:70:0d:6e:4d: 3e:c4:f7:28:39:1a:06:30:94:64:f1:c7:51:5f:8f:36:48:a0: 76:7a:75:cc:6a:25:4a:10:93:96:2d:55:cb:d4:44:ff:a0:83: b1:6a:df:33:e1:b5:40:98:96:12:7e:a4:c1:04:e3:90:5b:67: 8a:29:54:2d:83:12:63:e7:bf:c2:ed:f4:9a:54:43:1c:db:bf: 09:b2:53:8d:3b:db:8a:8f:61:45:5c:84:a0:a7:46:a6:ff:57: 24:fc:f3:19:55:23:3e:6e:f2:6e:92:8f:02:c4:a8:ad:a2:8e: c3:f5:d7:bc:7b:47:27:ac:0d:69:68:57:4a:a2:04:4e:35:f8: 14:e0:74:c3:b2:7a:1f:04:fe:56:fc:8d:1f:a4:7f:b2:b0:0b: 6f:51:ee:ba:82:52:95:e6:91:1d:04:85:23:5a:ee:05:61:90: d3:96:47:a4:36:b8:a8:62:39:2e:79:75:d1:84:07:bc:bb:2d: 9b:10:08:30:98:44:98:68:53:b7:0c:c4:70:22:f3:02:1e:b4: 5c:0e:15:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUSl2UG2smpZo3joy6q6xJrwQiAJwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMTFaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGRjMTQ0MDQ3ZWJkZWJiNTljMWIyNTlkYzhjNDIxYjA4NzdiZTc2ZWM4YTRh NDA5YjE2Y2NjNDMzMTBiZjhmOGIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/kH5M7OQz+2seZUqGTtK8uvlKtGBmdYE1ajrQfmEPGfgJyFLmIRtTymDo+ A/OW300CdYE6zF4YC11yxtT+3fpw5pIXtFGpmIzc9bRmmhTRQhcoo2qquXx7FI2x D9GCk1xi/vXu4+sLdDd4DRcZMQPoKMxTCfS1uYYTt8/lmp+sj6pVX9wQY+ztaYk1 5K8PzFVi4bQA61MhKfvt65afy8td6aTj1TYnCc3hGJ3YdNiZl+/A5JtO2jUPAKn+ SIRurMRn4YkLpJLW+BXm+sxKEP57ZlEhKZLNhuo/MJvGS40HH+eozI6j1Eo/jgtC EWySyEnfVajSn2mrlp/aOkE4XmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTajdbi nUePnKpRws3WF7FiWHYlDDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OWExZTY0MzUtNjM0Mi00YjE4LTk0ZDctMjdiZWIyY2UwNTE5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg MA0GCSqGSIb3DQEBCwUAA4IBAQA2QwqPt8bSjhkzj4/3YydYJGFn1wOa7aXuLTwI aRzklkULWQ/sY7YGCNZueF333YvR93ANbk0+xPcoORoGMJRk8cdRX482SKB2enXM aiVKEJOWLVXL1ET/oIOxat8z4bVAmJYSfqTBBOOQW2eKKVQtgxJj57/C7fSaVEMc 278JslONO9uKj2FFXISgp0am/1ck/PMZVSM+bvJuko8CxKitoo7D9de8e0cnrA1p aFdKogRONfgU4HTDsnofBP5W/I0fpH+ysAtvUe66glKV5pEdBIUjWu4FYZDTlkek NrioYjkueXXRhAe8uy2bEAgwmESYaFO3DMRwIvMCHrRcDhXU -----END CERTIFICATE-----Generated at Sat Dec 6 10:48:50 2025 by rpki-client