This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aab50dd8-a220-4509-8901-cb5ca23cff5f.roa File: aab50dd8-a220-4509-8901-cb5ca23cff5f.roa (raw, json) Hash identifier: o/hKjYmTMyV2ybaCOWSyrT0zgDzylckov7o/1C3SlLk= Subject key identifier: 2F:D2:82:49:5E:AA:A5:AD:FA:60:3E:E2:D7:D1:ED:CC:D2:46:6A:A5 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 0A859A53886C8000589FFDFF90208FEF7BA70064 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aab50dd8-a220-4509-8901-cb5ca23cff5f.roa Signing time: Tue 02 Dec 2025 01:40:38 +0000 ROA not before: Tue 02 Dec 2025 01:40:38 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6:c::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:85:9a:53:88:6c:80:00:58:9f:fd:ff:90:20:8f:ef:7b:a7:00:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:38 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=874fa66889101edc441f7d8df58f9668bc5a1e6280ba66c0f9d1dd017fcf6832, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:06:fb:15:f2:26:49:57:c6:2e:1b:d7:79:96: 6f:c9:73:d5:df:ec:8d:19:7e:2d:28:ee:ce:2c:d8: 23:1b:38:9d:e1:39:8d:06:57:13:1f:79:af:2f:3a: 5b:ca:c9:50:a5:ac:bc:29:fa:4a:5c:68:38:0e:4d: 2a:19:69:77:b8:b7:f6:9a:5a:57:e3:1d:b6:54:bb: 67:3c:ee:de:38:b3:2e:cb:6d:1a:68:ab:12:ae:bb: bb:ff:1a:37:fc:8f:80:55:e3:e5:fb:e0:15:28:f7: 08:46:35:6d:43:a9:0c:2d:b2:96:25:a8:ef:31:16: 3b:10:aa:31:04:ae:38:92:98:33:06:04:17:88:d3: c3:6f:d7:f7:23:f3:18:ed:3d:06:45:a6:ac:49:d0: 8b:7d:de:7b:7d:95:cc:1b:ca:a5:5c:74:fa:52:db: e1:9c:9d:e5:7c:b0:1b:6c:99:9d:db:1e:b6:52:1f: 8d:70:c8:20:0a:99:ed:7d:4e:7d:c2:15:75:fb:56: 05:06:9e:ed:26:df:b2:b2:7c:8f:2a:96:85:1f:ee: 93:6a:4d:0c:40:22:87:73:1b:a3:18:46:2c:8f:02: 8b:89:93:88:25:3d:61:5c:33:2e:a8:49:18:d5:86: 71:70:e3:60:9e:76:1c:4d:0f:60:db:13:18:f1:00: 29:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:D2:82:49:5E:AA:A5:AD:FA:60:3E:E2:D7:D1:ED:CC:D2:46:6A:A5 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aab50dd8-a220-4509-8901-cb5ca23cff5f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6:c::/47 Signature Algorithm: sha256WithRSAEncryption 5e:01:ec:c4:4b:45:f9:f7:31:a4:6a:52:70:a6:75:78:4a:6f: ca:b3:2f:6f:fe:7b:de:5f:eb:b6:b3:60:3f:66:9a:64:19:62: 0f:71:dc:a2:ba:58:4c:65:25:2d:0c:4f:c6:9b:55:73:9b:28: b2:51:16:7b:ba:97:f0:5e:f8:b2:84:9a:0e:5e:cc:e6:c6:d0: 75:b1:62:f2:87:e0:1c:01:40:82:a2:16:8d:43:82:43:7f:40: 8d:a9:ab:3d:90:b4:8f:d2:16:f3:98:bb:33:a9:6c:4a:7d:47: aa:05:1b:0e:78:14:61:3f:a1:d8:ff:de:eb:e4:23:65:e8:3a: ab:1c:95:23:38:80:73:da:b2:6f:a7:3f:4e:b6:b4:e7:9f:2a: 5e:07:b0:c1:45:d5:f1:5b:66:43:8a:f3:b7:5b:35:e7:0b:f7: 57:ab:34:aa:e5:41:3b:ba:05:0e:34:5d:28:b4:9a:a0:fe:bc: d9:5f:77:78:30:9f:c7:2e:4e:d8:d7:50:9a:0b:94:83:d6:8a: a3:4b:3b:60:33:a7:d3:06:86:83:a5:e6:f8:97:96:27:76:09: 43:d4:07:a7:d8:c5:4e:9c:d3:98:cc:61:45:9b:03:26:79:48: 08:8a:bd:91:0b:19:a2:c9:57:36:c2:63:18:b5:0a:35:98:fc: 2f:be:20:dd -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUCoWaU4hsgABYn/3/kCCP73unAGQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDg3NGZhNjY4ODkxMDFlZGM0NDFmN2Q4ZGY1OGY5NjY4YmM1YTFlNjI4MGJh NjZjMGY5ZDFkZDAxN2ZjZjY4MzIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ8G+xXyJklXxi4b13mWb8lz1d/sjRl+LSjuzizYIxs4neE5jQZXEx95ry86 W8rJUKWsvCn6SlxoOA5NKhlpd7i39ppaV+MdtlS7Zzzu3jizLsttGmirEq67u/8a N/yPgFXj5fvgFSj3CEY1bUOpDC2yliWo7zEWOxCqMQSuOJKYMwYEF4jTw2/X9yPz GO09BkWmrEnQi33ee32VzBvKpVx0+lLb4Zyd5XywG2yZndsetlIfjXDIIAqZ7X1O fcIVdftWBQae7SbfsrJ8jyqWhR/uk2pNDEAih3MboxhGLI8Ci4mTiCU9YVwzLqhJ GNWGcXDjYJ52HE0PYNsTGPEAKUcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQv0oJJ XqqlrfpgPuLX0e3M0kZqpTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YWFiNTBkZDgtYTIyMC00NTA5LTg5MDEtY2I1Y2EyM2NmZjVmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA DDANBgkqhkiG9w0BAQsFAAOCAQEAXgHsxEtF+fcxpGpScKZ1eEpvyrMvb/573l/r trNgP2aaZBliD3HcorpYTGUlLQxPxptVc5soslEWe7qX8F74soSaDl7M5sbQdbFi 8ofgHAFAgqIWjUOCQ39AjamrPZC0j9IW85i7M6lsSn1HqgUbDngUYT+h2P/e6+Qj Zeg6qxyVIziAc9qyb6c/Tra0558qXgewwUXV8VtmQ4rzt1s15wv3V6s0quVBO7oF DjRdKLSaoP682V93eDCfxy5O2NdQmguUg9aKo0s7YDOn0waGg6Xm+JeWJ3YJQ9QH p9jFTpzTmMxhRZsDJnlICIq9kQsZoslXNsJjGLUKNZj8L74g3Q== -----END CERTIFICATE-----Generated at Sat Dec 6 09:46:55 2025 by rpki-client