This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a9974ff0-62d1-4203-bf68-04eb8602d197.roa File: a9974ff0-62d1-4203-bf68-04eb8602d197.roa (raw, json) Hash identifier: gUxNHuLWsdwzt8H+kj4oetDYVSHKthpzZU9n8QVBJfo= Subject key identifier: BA:4B:05:14:58:CC:D9:96:13:D4:43:19:79:80:D5:E2:85:2A:61:D7 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 4AC0CE35CB5ED0366EA40CEA42FA512B7C1A595E Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a9974ff0-62d1-4203-bf68-04eb8602d197.roa Signing time: Tue 02 Dec 2025 01:40:10 +0000 ROA not before: Tue 02 Dec 2025 01:40:10 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:7000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:c0:ce:35:cb:5e:d0:36:6e:a4:0c:ea:42:fa:51:2b:7c:1a:59:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:10 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=cf0b0516d17c6c0dc7a1bd647c4979ccd7f6746bf43c80efa18b2e86da8aa88d, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:bd:14:5c:7a:bc:7e:f8:3e:3c:82:d1:f3:24: 7a:84:60:81:a1:00:f2:5e:5b:ff:5b:b0:5f:e4:ce: f1:2a:61:10:9c:71:ed:88:a0:76:2f:e9:20:fd:1c: 9f:61:f8:c3:4f:c6:91:6e:09:c5:a9:bc:71:98:f3: bc:d9:b7:50:fa:b5:97:8a:44:80:30:2c:2d:dc:bb: 76:5b:af:01:e9:03:80:f2:0c:c2:e3:91:5e:30:73: cc:ff:71:de:c4:81:5a:ed:58:77:27:ae:d5:7e:e6: eb:9f:bf:06:5a:2d:bf:7e:4c:f9:4a:68:ba:74:e0: 68:30:5c:53:7c:0a:06:68:9f:29:35:dc:a0:e0:60: 83:eb:98:09:96:b9:18:b4:b1:99:50:48:d2:e0:8d: d7:40:cb:56:cb:40:ea:58:b8:e0:46:c6:6d:67:55: 73:64:20:84:f7:a6:1a:79:44:75:12:06:26:4d:49: b7:8c:0d:3f:a2:4e:eb:d2:2a:6b:53:8a:4a:a9:c5: a0:24:49:62:f4:63:ee:f8:4c:35:a3:8d:04:20:ab: ea:9d:86:a6:f5:29:68:af:f7:89:9b:f5:0d:6c:5d: 0b:f0:d3:13:2c:95:ab:18:af:ab:cc:12:d2:fc:4b: 55:d1:da:c9:14:46:0b:ed:f1:11:fc:34:14:fe:b4: b6:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:4B:05:14:58:CC:D9:96:13:D4:43:19:79:80:D5:E2:85:2A:61:D7 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a9974ff0-62d1-4203-bf68-04eb8602d197.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:7000::/36 Signature Algorithm: sha256WithRSAEncryption a1:32:4c:55:9c:43:87:54:24:06:20:e7:ec:4c:e5:47:ae:e8: 76:a7:09:96:dc:38:f2:99:b0:02:41:e2:22:29:65:ef:58:68: c5:18:60:84:72:11:09:2f:e0:66:57:a8:62:d9:c0:cc:ac:dc: df:4f:c9:54:d7:33:a6:50:a7:3e:49:5a:70:70:42:42:d2:fe: fb:3c:b0:4c:c3:29:81:b5:e7:7d:b6:eb:c2:85:ea:e4:eb:1d: 28:89:cc:70:24:18:db:5e:7b:6d:6d:3b:e0:b8:e4:22:bf:08: e7:60:52:01:18:dc:3e:21:1e:89:8f:0e:76:06:a4:a1:14:e0: 68:56:14:7b:8b:07:41:d2:6b:27:44:6c:f8:61:da:db:c3:3b: c8:eb:da:2b:f7:70:00:24:d6:23:9a:4a:a0:8f:18:31:ce:d4: 03:f9:d2:d2:fa:e1:86:2b:cd:be:8f:6c:3e:85:fc:26:26:4f: 6b:74:0d:cf:20:90:cb:88:dc:f4:d9:52:56:e2:b4:0c:b6:43: f7:cf:f5:f0:98:67:02:a9:0b:f8:a2:dd:7a:75:14:50:3d:d1: d7:93:c9:b7:d6:27:c3:a6:2d:11:e8:8d:da:04:5c:f6:6f:3e: b1:42:af:23:50:4f:c2:92:3f:dd:22:09:da:5c:dc:1a:6e:41: ea:fb:67:18 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUSsDONcte0DZupAzqQvpRK3waWV4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMTBaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGNmMGIwNTE2ZDE3YzZjMGRjN2ExYmQ2NDdjNDk3OWNjZDdmNjc0NmJmNDNj ODBlZmExOGIyZTg2ZGE4YWE4OGQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPK9FFx6vH74PjyC0fMkeoRggaEA8l5b/1uwX+TO8SphEJxx7Yigdi/pIP0c n2H4w0/GkW4Jxam8cZjzvNm3UPq1l4pEgDAsLdy7dluvAekDgPIMwuORXjBzzP9x 3sSBWu1Ydyeu1X7m65+/Blotv35M+UpounTgaDBcU3wKBmifKTXcoOBgg+uYCZa5 GLSxmVBI0uCN10DLVstA6li44EbGbWdVc2QghPemGnlEdRIGJk1Jt4wNP6JO69Iq a1OKSqnFoCRJYvRj7vhMNaONBCCr6p2GpvUpaK/3iZv1DWxdC/DTEyyVqxivq8wS 0vxLVdHayRRGC+3xEfw0FP60tr8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6SwUU WMzZlhPUQxl5gNXihSph1zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YTk5NzRmZjAtNjJkMS00MjAzLWJmNjgtMDRlYjg2MDJkMTk3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dw MA0GCSqGSIb3DQEBCwUAA4IBAQChMkxVnEOHVCQGIOfsTOVHruh2pwmW3DjymbAC QeIiKWXvWGjFGGCEchEJL+BmV6hi2cDMrNzfT8lU1zOmUKc+SVpwcEJC0v77PLBM wymBted9tuvCherk6x0oicxwJBjbXnttbTvguOQivwjnYFIBGNw+IR6Jjw52BqSh FOBoVhR7iwdB0msnRGz4YdrbwzvI69or93AAJNYjmkqgjxgxztQD+dLS+uGGK82+ j2w+hfwmJk9rdA3PIJDLiNz02VJW4rQMtkP3z/XwmGcCqQv4ot16dRRQPdHXk8m3 1ifDpi0R6I3aBFz2bz6xQq8jUE/Ckj/dIgnaXNwabkHq+2cY -----END CERTIFICATE-----Generated at Sat Dec 6 09:48:44 2025 by rpki-client