This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ae013680-e4f4-449c-9a2c-715867c85a51.roa File: ae013680-e4f4-449c-9a2c-715867c85a51.roa (raw, json) Hash identifier: Sp02TZCSVgrOCaMv6wqrVEgPXBvXffp2JmUyoC4fJ0w= Subject key identifier: 1C:D1:CD:DD:CC:5B:D2:00:12:4D:BA:91:83:0C:15:7E:EA:39:A4:14 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 1F68E134DB59E36E3518EF86F0D80982E1BE9B04 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ae013680-e4f4-449c-9a2c-715867c85a51.roa Signing time: Tue 02 Dec 2025 01:40:23 +0000 ROA not before: Tue 02 Dec 2025 01:40:23 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6:8::/45 maxlen: 45 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:68:e1:34:db:59:e3:6e:35:18:ef:86:f0:d8:09:82:e1:be:9b:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:23 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=f1f38b27d2f135bc6be4c2ef39e11259659165a02f890f987b9102cb9482fc43, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:14:9d:5c:35:e5:75:7a:e8:e7:1f:c7:ba:dc: fc:f8:d1:b0:3d:e2:4b:91:ba:db:8f:69:58:fc:f7: a8:74:1b:a4:04:95:e0:0c:8f:26:54:8e:27:50:e6: eb:32:28:3e:19:db:a9:5e:87:ce:19:c6:e3:31:49: c2:ab:fd:b4:ef:7b:dc:42:1b:46:5d:1d:ce:c3:e2: 75:71:8b:e2:e0:2c:02:af:6f:a9:c7:c1:46:65:fb: 94:2b:de:9a:5d:ff:9e:08:3e:81:c2:30:89:ee:74: ba:f0:5b:7c:8d:fe:de:b5:b7:3d:5b:87:90:ae:e5: 87:fd:f3:4c:03:9f:c8:5a:b5:13:e3:01:95:78:db: 12:1b:15:be:6c:79:dc:9d:0d:df:50:ad:d2:ed:76: 26:1c:3c:6c:a0:33:c1:df:21:34:bf:80:4f:83:5b: a3:4c:3c:63:92:3e:16:26:42:2c:2b:cb:51:8a:4f: 03:9b:34:80:0b:ce:77:b4:6a:03:fe:96:89:ed:13: 7a:0d:74:43:4a:87:25:1c:cd:0f:d4:ce:88:13:14: d7:8e:36:59:3f:87:ba:7d:12:de:bb:7d:c1:95:98: 0f:ac:84:3c:79:ca:ac:91:43:26:72:30:90:9f:c6: eb:52:a2:18:30:ed:22:0d:b0:c4:4a:05:01:ac:c0: ca:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:D1:CD:DD:CC:5B:D2:00:12:4D:BA:91:83:0C:15:7E:EA:39:A4:14 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ae013680-e4f4-449c-9a2c-715867c85a51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6:8::/45 Signature Algorithm: sha256WithRSAEncryption cb:5d:42:5e:bd:3f:90:c1:f1:09:31:22:86:e2:d1:4f:c6:a2: 52:2d:d8:2b:57:2b:47:15:46:99:0c:0f:13:78:a7:ad:c3:06: f2:50:62:1d:23:dd:90:26:6c:01:b4:85:f2:fe:0d:c0:4b:bf: c7:30:6e:00:43:58:b4:38:05:4c:09:bd:fd:9b:fb:7a:4b:2f: 04:67:9c:fb:f0:05:56:9d:ec:cc:48:9f:d2:ed:ed:cb:ee:b2: 33:dd:63:97:56:50:8c:34:69:4e:a5:bc:a7:da:c6:19:39:ee: 1b:c1:08:13:9c:80:e2:03:27:b0:df:9a:91:2d:b1:93:7e:39: 8c:22:11:41:d3:f5:26:38:c5:7b:18:ee:04:e8:a8:ae:a5:e9: 2d:76:98:b0:8b:3c:79:b3:66:b4:0c:d9:b2:17:ff:8a:5f:2a: 6b:16:8f:2b:97:7f:67:5c:7b:1d:a9:b8:30:65:16:df:f4:55: 09:c6:ce:a6:ef:a4:0b:51:32:2c:46:d6:8a:f7:c9:d4:11:e8: 9d:23:6f:a7:3e:9e:11:b7:4a:c9:65:fe:72:60:b3:00:7e:18: b9:91:2a:8f:f6:82:a3:38:d2:be:bc:d6:91:bb:9f:f0:ce:87: a8:cb:c1:3c:61:3a:0d:be:d5:02:44:98:f1:76:b1:10:47:c9: 85:f8:73:fc -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUH2jhNNtZ4241GO+G8NgJguG+mwQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjNaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGYxZjM4YjI3ZDJmMTM1YmM2YmU0YzJlZjM5ZTExMjU5NjU5MTY1YTAyZjg5 MGY5ODdiOTEwMmNiOTQ4MmZjNDMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJQUnVw15XV66Ocfx7rc/PjRsD3iS5G6249pWPz3qHQbpASV4AyPJlSOJ1Dm 6zIoPhnbqV6HzhnG4zFJwqv9tO973EIbRl0dzsPidXGL4uAsAq9vqcfBRmX7lCve ml3/ngg+gcIwie50uvBbfI3+3rW3PVuHkK7lh/3zTAOfyFq1E+MBlXjbEhsVvmx5 3J0N31Ct0u12Jhw8bKAzwd8hNL+AT4Nbo0w8Y5I+FiZCLCvLUYpPA5s0gAvOd7Rq A/6Wie0Teg10Q0qHJRzND9TOiBMU1442WT+Hun0S3rt9wZWYD6yEPHnKrJFDJnIw kJ/G61KiGDDtIg2wxEoFAazAyu0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQc0c3d zFvSABJNupGDDBV+6jmkFDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YWUwMTM2ODAtZTRmNC00NDljLTlhMmMtNzE1ODY3Yzg1YTUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAyABP8YA CDANBgkqhkiG9w0BAQsFAAOCAQEAy11CXr0/kMHxCTEihuLRT8aiUi3YK1crRxVG mQwPE3inrcMG8lBiHSPdkCZsAbSF8v4NwEu/xzBuAENYtDgFTAm9/Zv7eksvBGec +/AFVp3szEif0u3ty+6yM91jl1ZQjDRpTqW8p9rGGTnuG8EIE5yA4gMnsN+akS2x k345jCIRQdP1JjjFexjuBOiorqXpLXaYsIs8ebNmtAzZshf/il8qaxaPK5d/Z1x7 Ham4MGUW3/RVCcbOpu+kC1EyLEbWivfJ1BHonSNvpz6eEbdKyWX+cmCzAH4YuZEq j/aCozjSvrzWkbuf8M6HqMvBPGE6Db7VAkSY8XaxEEfJhfhz/A== -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:16 2025 by rpki-client