This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/b1191abf-2871-473a-8ee2-a2089f6894a7.roa File: b1191abf-2871-473a-8ee2-a2089f6894a7.roa (raw, json) Hash identifier: UxyJxAc+nuo1vCrEnWF+aKSJ9zeh4X1osOQXZOkc14E= Subject key identifier: 9F:F8:D1:F6:BC:F5:02:A8:0A:27:AC:9B:FC:47:EF:2E:0D:4E:18:25 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 466B5FC854C619CE2F08F008DE5257F61C8F8509 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/b1191abf-2871-473a-8ee2-a2089f6894a7.roa Signing time: Tue 02 Dec 2025 01:40:25 +0000 ROA not before: Tue 02 Dec 2025 01:40:25 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:6b:5f:c8:54:c6:19:ce:2f:08:f0:08:de:52:57:f6:1c:8f:85:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:25 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=a5e667e2da47d76dcdaed91478c1cd53bb5a9217e8b0240b85694f69155427a3, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f7:39:06:ce:29:69:90:3f:64:85:91:de:43: 89:92:e5:20:33:df:5b:54:c7:d5:4a:4a:ff:0c:b1: 32:6d:e8:74:c4:ed:a0:28:bf:bf:17:93:fe:af:4a: c7:97:91:78:37:48:3b:9d:2d:5d:76:45:1a:ed:2f: b5:6a:a3:52:e7:05:93:2b:f2:31:b9:f3:30:d0:16: d5:8f:cf:3d:e2:0b:75:5b:4d:87:9e:26:e1:42:78: bb:6f:a2:17:80:59:be:5c:4a:6b:6f:dc:9f:01:e8: 70:86:b7:d7:4d:ce:b4:47:f9:34:2c:02:87:52:57: 16:ba:38:f4:e0:1a:e0:b1:a9:26:24:e2:98:ee:1e: 89:4e:ed:e5:a6:5a:2e:27:25:7d:21:f2:7c:7f:ce: af:74:57:ef:0a:8e:f0:09:3f:3a:6b:96:03:3f:fa: a8:69:01:a9:35:9d:52:e9:22:37:b6:0a:91:f5:2d: 9a:ab:ad:d5:27:83:50:f9:a9:19:e6:0f:fe:b6:95: 7d:61:f5:b6:44:ad:2a:40:a3:c6:8f:23:dd:ed:5d: c6:1d:4a:6d:dc:6d:d8:e0:14:30:1e:62:64:42:64: d5:9f:6d:25:d3:de:bf:5e:c7:f3:16:a3:99:fd:47: c7:eb:9c:f2:85:ab:88:a9:df:41:66:06:7e:ac:8d: ad:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:F8:D1:F6:BC:F5:02:A8:0A:27:AC:9B:FC:47:EF:2E:0D:4E:18:25 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/b1191abf-2871-473a-8ee2-a2089f6894a7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:2840::/48 Signature Algorithm: sha256WithRSAEncryption 92:86:21:7b:74:95:f8:64:1f:b5:75:87:35:93:b2:31:72:a3: 88:fb:a2:4f:e6:5b:16:e7:1f:a1:4f:e2:12:00:09:53:36:f1: db:68:dc:d9:02:e0:40:72:7d:f9:0f:95:ae:91:b4:f9:7b:35: 26:a4:ee:ae:49:fb:17:28:b1:12:10:1e:71:2e:85:a7:26:aa: 3f:ab:e7:63:37:4b:06:de:20:af:c7:00:33:27:89:7b:f3:c8: 08:d5:18:a8:37:e5:0f:4f:8a:e6:cc:f1:26:83:73:75:1e:60: cb:8e:3a:0c:75:db:64:6e:a3:be:85:62:73:10:9c:ff:47:6a: cd:24:3e:8f:88:7e:58:a2:fd:be:88:7d:06:a3:25:32:e4:70: dc:b6:21:9a:21:37:82:39:fe:bd:ec:1a:e6:d7:c8:47:2d:87: eb:dd:4b:2b:81:e9:85:53:a4:6f:cc:6e:eb:6f:72:02:3c:a4: d7:8b:73:e3:8c:79:38:e5:28:72:50:a7:99:bd:47:f3:5a:02: 34:41:b9:36:64:ba:f0:aa:03:18:56:f4:be:e1:71:75:26:66: f4:42:7c:b2:d5:3e:a7:63:87:6f:dc:74:af:00:c5:26:63:1c: 90:f9:61:8d:a6:e5:67:e4:ca:68:0a:24:b8:21:73:03:ee:16: 5d:c6:fb:09 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIURmtfyFTGGc4vCPAI3lJX9hyPhQkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjVaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGE1ZTY2N2UyZGE0N2Q3NmRjZGFlZDkxNDc4YzFjZDUzYmI1YTkyMTdlOGIw MjQwYjg1Njk0ZjY5MTU1NDI3YTMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKv3OQbOKWmQP2SFkd5DiZLlIDPfW1TH1UpK/wyxMm3odMTtoCi/vxeT/q9K x5eReDdIO50tXXZFGu0vtWqjUucFkyvyMbnzMNAW1Y/PPeILdVtNh54m4UJ4u2+i F4BZvlxKa2/cnwHocIa3103OtEf5NCwCh1JXFro49OAa4LGpJiTimO4eiU7t5aZa LiclfSHyfH/Or3RX7wqO8Ak/OmuWAz/6qGkBqTWdUukiN7YKkfUtmqut1SeDUPmp GeYP/raVfWH1tkStKkCjxo8j3e1dxh1Kbdxt2OAUMB5iZEJk1Z9tJdPev17H8xaj mf1Hx+uc8oWriKnfQWYGfqyNrUUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSf+NH2 vPUCqAonrJv8R+8uDU4YJTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YjExOTFhYmYtMjg3MS00NzNhLThlZTItYTIwODlmNjg5NGE3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co QDANBgkqhkiG9w0BAQsFAAOCAQEAkoYhe3SV+GQftXWHNZOyMXKjiPuiT+ZbFucf oU/iEgAJUzbx22jc2QLgQHJ9+Q+VrpG0+Xs1JqTurkn7FyixEhAecS6FpyaqP6vn YzdLBt4gr8cAMyeJe/PICNUYqDflD0+K5szxJoNzdR5gy446DHXbZG6jvoVicxCc /0dqzSQ+j4h+WKL9voh9BqMlMuRw3LYhmiE3gjn+vewa5tfIRy2H691LK4HphVOk b8xu629yAjyk14tz44x5OOUoclCnmb1H81oCNEG5NmS68KoDGFb0vuFxdSZm9EJ8 stU+p2OHb9x0rwDFJmMckPlhjablZ+TKaAokuCFzA+4WXcb7CQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:48:16 2025 by rpki-client