This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa File: c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa (raw, json) Hash identifier: EVsUM/73fMzYduJ8EJ6Y49ua7DgdQeodMm8Ip5TImHU= Subject key identifier: 2D:8A:99:72:8F:1E:18:EB:F9:A4:B9:FF:92:92:1C:8B:E3:41:9C:EB Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 0A3AC7CA3A59F71F2B0B1E65E50FA7E19404036E Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa Signing time: Tue 02 Dec 2025 01:40:39 +0000 ROA not before: Tue 02 Dec 2025 01:40:39 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:3a:c7:ca:3a:59:f7:1f:2b:0b:1e:65:e5:0f:a7:e1:94:04:03:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:39 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=8badd233d647f02e0d2c4122e0323142b52224441e49f3545d5410abe5ea609f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:16:be:2c:44:11:28:8d:bf:2f:b7:7a:0e:31: 78:2c:6d:6e:cf:b1:5b:03:92:a9:e3:26:ed:3a:e0: 64:36:f5:d1:23:88:cd:17:8e:72:38:52:b0:ba:5d: 8a:33:16:27:bf:64:9c:1e:59:d4:46:e7:ee:6e:ab: c3:f7:27:d1:46:3e:94:2d:67:6e:0d:65:2f:41:ae: a6:d3:f8:98:a0:ca:de:c9:1b:58:28:93:eb:93:e8: d2:e0:30:23:af:db:f0:1a:9e:4c:27:79:d5:0c:8a: 0c:aa:6f:e3:fb:07:27:44:58:0c:c0:d2:31:0d:a3: 2f:c0:fa:ee:84:0e:9c:eb:52:72:f7:3a:f8:7e:a4: 28:9f:e4:2f:de:38:a1:17:88:0f:1c:41:5b:fc:a5: b5:ab:1c:6c:97:bf:37:5d:92:4f:6d:48:46:3a:e6: e7:4d:1e:50:0d:e7:12:e2:f7:5d:c8:6b:35:e4:0b: a4:94:4b:b1:3c:d1:34:8f:d7:ac:0f:2d:0b:99:64: 22:ea:5e:36:39:19:43:29:51:13:80:ad:d6:76:73: b7:f1:42:8a:42:f3:bc:a8:6f:91:13:6a:60:2d:ec: 0a:45:8f:15:cd:11:1b:0f:79:fd:55:05:db:3f:d4: 37:d9:54:72:82:54:1b:b7:87:f4:df:43:96:1c:73: ea:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:8A:99:72:8F:1E:18:EB:F9:A4:B9:FF:92:92:1C:8B:E3:41:9C:EB X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3::/36 Signature Algorithm: sha256WithRSAEncryption 12:a4:65:4a:1e:4c:28:51:52:29:0f:a2:4c:a6:80:08:b0:e1: 85:25:05:c4:f8:9a:84:f9:9b:27:17:61:4e:83:65:cc:b7:9a: 34:bc:1d:12:27:9f:c0:82:5a:ad:32:9a:9c:58:ef:a4:5e:c3: 73:e3:4d:65:70:22:a0:00:c2:85:a0:52:be:3d:ab:87:70:0a: 50:06:69:39:60:fe:84:74:7b:e3:0f:85:bb:73:38:9f:d3:41: 53:d4:bf:aa:b7:e7:c0:03:32:ec:cd:e4:d3:6d:40:85:b1:d3: 55:c3:5a:f2:47:91:8d:42:62:e9:dd:bf:f0:09:6f:84:6a:ce: de:b2:8c:83:e3:ec:7b:8e:76:13:2f:78:eb:8f:27:65:91:5f: 60:7d:24:58:70:e7:8f:99:b6:2a:32:57:1a:25:05:5b:7c:59: 1a:8c:b8:0b:7c:b6:4f:ca:0f:2a:ee:cf:cf:5b:16:9c:0f:ce: 4f:b8:0a:30:5c:9d:57:33:fe:f4:25:78:f7:39:96:2f:ab:10: 2b:69:85:d6:00:18:63:59:6f:18:ec:66:67:70:66:65:d8:e6: d8:69:ab:45:1b:1b:d8:97:fc:fd:7c:c2:2c:8a:77:2a:1c:7a: 67:83:1e:f4:24:cf:d7:ee:69:fe:b9:0a:7e:91:39:b0:af:0a: 13:a3:6c:34 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUCjrHyjpZ9x8rCx5l5Q+n4ZQEA24wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMzlaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDhiYWRkMjMzZDY0N2YwMmUwZDJjNDEyMmUwMzIzMTQyYjUyMjI0NDQxZTQ5 ZjM1NDVkNTQxMGFiZTVlYTYwOWYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMAWvixEESiNvy+3eg4xeCxtbs+xWwOSqeMm7TrgZDb10SOIzReOcjhSsLpd ijMWJ79knB5Z1Ebn7m6rw/cn0UY+lC1nbg1lL0GuptP4mKDK3skbWCiT65Po0uAw I6/b8BqeTCd51QyKDKpv4/sHJ0RYDMDSMQ2jL8D67oQOnOtScvc6+H6kKJ/kL944 oReIDxxBW/yltascbJe/N12ST21IRjrm500eUA3nEuL3XchrNeQLpJRLsTzRNI/X rA8tC5lkIupeNjkZQylRE4Ct1nZzt/FCikLzvKhvkRNqYC3sCkWPFc0RGw95/VUF 2z/UN9lUcoJUG7eH9N9Dlhxz6qECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtiply jx4Y6/mkuf+SkhyL40Gc6zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YzQ3Mzg2ZmYtNGYxZC00ODBhLWJlNzYtY2M0ZWUxYjNhMzVmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA MA0GCSqGSIb3DQEBCwUAA4IBAQASpGVKHkwoUVIpD6JMpoAIsOGFJQXE+JqE+Zsn F2FOg2XMt5o0vB0SJ5/AglqtMpqcWO+kXsNz401lcCKgAMKFoFK+PauHcApQBmk5 YP6EdHvjD4W7czif00FT1L+qt+fAAzLszeTTbUCFsdNVw1ryR5GNQmLp3b/wCW+E as7esoyD4+x7jnYTL3jrjydlkV9gfSRYcOePmbYqMlcaJQVbfFkajLgLfLZPyg8q 7s/PWxacD85PuAowXJ1XM/70JXj3OZYvqxAraYXWABhjWW8Y7GZncGZl2ObYaatF GxvYl/z9fMIsincqHHpngx70JM/X7mn+uQp+kTmwrwoTo2w0 -----END CERTIFICATE-----Generated at Sun Dec 7 00:16:28 2025 by rpki-client