This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9e51a10e-4122-46c4-8ad6-fd3986182184.roa File: 9e51a10e-4122-46c4-8ad6-fd3986182184.roa (raw, json) Hash identifier: 0Boi16cpj4Q3A70XFRS5Zp1zbXPrYg5CqD33MaFZEyw= Subject key identifier: CF:7D:38:53:D2:47:66:AE:48:9F:60:80:64:F2:E6:6A:B3:08:F2:5F Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 1A117BC2B2F64A7C28E6CB4B7587FDAB644A4B67 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9e51a10e-4122-46c4-8ad6-fd3986182184.roa Signing time: Sat 06 Dec 2025 00:30:13 +0000 ROA not before: Sat 06 Dec 2025 00:30:13 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2001:3fc2:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:11:7b:c2:b2:f6:4a:7c:28:e6:cb:4b:75:87:fd:ab:64:4a:4b:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 6 00:30:13 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=3ccd7f0db4084ab04816a88d4ba017586e5aa49be84d256e73ac0fce8e6f23d0, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:15:93:35:05:fd:8f:19:34:ef:f1:24:aa:cf: 5a:00:0b:a8:b6:6a:81:15:3c:fa:65:b2:12:a2:69: 7c:d9:56:71:cc:c0:07:2f:ec:8f:16:4f:1c:1b:4d: 73:31:45:53:c0:e3:e4:d2:33:29:54:7a:75:6a:09: 4c:f5:c5:f8:8b:06:8d:4f:1b:fa:5c:42:c9:26:28: 89:bf:eb:f1:fa:a9:33:04:01:cf:61:d4:cc:16:af: 0a:9e:b7:5f:e8:2f:13:21:e3:95:fc:87:ba:45:fe: 96:37:cb:e3:ac:0d:1e:90:e4:16:01:03:a6:db:c8: ce:f2:39:5b:66:e9:ad:aa:1e:da:67:1c:96:4b:a6: 53:d2:95:bb:57:97:cd:66:11:d6:49:86:f3:66:18: 0a:84:43:d2:2e:71:d4:89:a4:fa:a8:eb:be:1e:60: 40:ed:b4:e0:4d:5f:9a:52:6c:57:00:a9:1a:29:1d: af:32:26:a3:b8:d2:aa:f5:ac:23:6c:55:ff:f8:d2: 7b:7b:f1:d4:2d:44:58:3f:74:a8:2a:11:17:90:0a: 63:89:7c:bd:1b:23:c5:bc:e6:ec:20:0c:e2:64:53: 7e:15:ed:a2:1f:6f:6e:ac:8e:4a:e2:ae:df:86:9b: 27:59:fd:7d:28:9b:61:0e:ab:ee:24:c7:04:65:c2: 86:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:7D:38:53:D2:47:66:AE:48:9F:60:80:64:F2:E6:6A:B3:08:F2:5F X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9e51a10e-4122-46c4-8ad6-fd3986182184.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc2:8000::/36 Signature Algorithm: sha256WithRSAEncryption 49:18:de:bf:db:46:07:a8:5a:f2:1d:d6:a4:22:74:4c:d7:ab: ab:a7:55:2f:87:2c:1c:16:54:b6:f6:a0:f4:af:db:c7:c8:0a: 59:18:6b:a7:32:e4:7f:6e:17:4c:14:cb:26:9f:06:95:b3:9d: f1:35:c1:43:aa:42:02:54:6e:db:ba:91:b8:b0:b3:7d:14:37: d0:3c:1e:c7:cc:b6:60:38:72:bb:cd:72:cf:c3:d9:2c:20:1f: fd:02:aa:f9:50:46:d2:9c:ee:bd:dd:ce:23:30:e1:51:ce:98: 84:6d:05:31:ad:76:60:c6:a1:46:69:31:17:0e:bd:14:34:e8: de:43:ee:d4:ce:17:d6:bc:4a:3a:98:cc:2a:05:65:7c:cd:8c: e4:a6:0e:50:86:a1:82:fc:dc:46:18:e7:ac:4f:53:28:60:c7: 1c:bd:fc:dc:24:65:be:cb:f2:80:3f:20:21:14:76:3e:27:6c: 06:f6:34:8c:79:de:3c:4d:46:ca:a0:47:c4:a9:b7:34:03:05: d4:60:84:fc:b7:5b:de:a2:c1:f5:38:d5:4a:e3:f0:1b:b4:8c: 67:4a:14:27:a6:b2:fe:73:13:1e:ef:0a:47:a8:fd:ab:34:3a: 97:06:74:89:a9:32:10:d7:92:e2:5b:1b:18:75:73:58:7d:09: 44:53:76:41 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGhF7wrL2Snwo5stLdYf9q2RKS2cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDYwMDMwMTNaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQDNjY2Q3ZjBkYjQwODRhYjA0ODE2YTg4ZDRiYTAxNzU4NmU1YWE0OWJlODRk MjU2ZTczYWMwZmNlOGU2ZjIzZDAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0VkzUF/Y8ZNO/xJKrPWgALqLZqgRU8+mWyEqJpfNlWcczABy/sjxZPHBtN czFFU8Dj5NIzKVR6dWoJTPXF+IsGjU8b+lxCySYoib/r8fqpMwQBz2HUzBavCp63 X+gvEyHjlfyHukX+ljfL46wNHpDkFgEDptvIzvI5W2bpraoe2mcclkumU9KVu1eX zWYR1kmG82YYCoRD0i5x1Imk+qjrvh5gQO204E1fmlJsVwCpGikdrzImo7jSqvWs I2xV//jSe3vx1C1EWD90qCoRF5AKY4l8vRsjxbzm7CAM4mRTfhXtoh9vbqyOSuKu 34abJ1n9fSibYQ6r7iTHBGXChmkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPfThT 0kdmrkifYIBk8uZqswjyXzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OWU1MWExMGUtNDEyMi00NmM0LThhZDYtZmQzOTg2MTgyMTg0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8KA MA0GCSqGSIb3DQEBCwUAA4IBAQBJGN6/20YHqFryHdakInRM16urp1UvhywcFlS2 9qD0r9vHyApZGGunMuR/bhdMFMsmnwaVs53xNcFDqkICVG7bupG4sLN9FDfQPB7H zLZgOHK7zXLPw9ksIB/9Aqr5UEbSnO693c4jMOFRzpiEbQUxrXZgxqFGaTEXDr0U NOjeQ+7UzhfWvEo6mMwqBWV8zYzkpg5QhqGC/NxGGOesT1MoYMccvfzcJGW+y/KA PyAhFHY+J2wG9jSMed48TUbKoEfEqbc0AwXUYIT8t1veosH1ONVK4/AbtIxnShQn prL+cxMe7wpHqP2rNDqXBnSJqTIQ15LiWxsYdXNYfQlEU3ZB -----END CERTIFICATE-----Generated at Sun Dec 7 01:06:56 2025 by rpki-client