This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa File: c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa (raw, json) Hash identifier: AgnSl07GQe7SFMoPaqDm4P7ikEqkgClElTrbYxb+ps0= Subject key identifier: CA:AB:70:36:55:40:37:F5:E7:40:E5:8E:A6:14:18:56:3E:0B:37:D4 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 71AE2FA55887C6026FBD27314B2DB623096932BE Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa Signing time: Tue 02 Dec 2025 01:40:54 +0000 ROA not before: Tue 02 Dec 2025 01:40:54 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6:a::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:ae:2f:a5:58:87:c6:02:6f:bd:27:31:4b:2d:b6:23:09:69:32:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:54 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=1c38f0da6e2ad8d826c0687854e1c6e4f54aeefbc0ba53ae99e59d0454d990a2, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:5d:ed:3b:3a:e3:17:b4:cf:a4:cc:c3:74:37: f4:33:fe:0a:00:a9:96:f1:03:cc:fd:40:79:9e:4a: cb:88:d7:48:33:17:10:81:0c:43:b9:1b:2c:41:b6: fb:bc:d7:4b:b8:3c:8b:3c:43:3d:e9:f8:51:44:36: f1:b5:62:a4:3c:e4:59:2a:ea:c6:88:ee:94:ef:72: 7b:bc:bf:8d:e7:32:35:92:a0:88:30:f7:fe:b8:10: 2c:4b:a3:bf:3b:f9:12:1a:72:2a:30:47:89:2f:99: 6d:25:b2:63:a4:2e:d2:8e:cf:fb:b9:12:97:6d:38: e9:66:38:4a:f5:8a:fd:05:e6:6f:da:05:cd:36:e7: 8e:f0:6c:ac:8f:96:23:63:9f:f8:7c:48:ad:6f:9b: de:42:da:85:d2:62:92:e0:64:c2:cd:86:79:d8:1d: 51:67:af:45:a1:d0:c3:5e:1d:20:ce:90:ca:fe:1a: 4e:ae:1c:a6:a3:7f:64:05:88:e1:62:54:f3:8f:c4: a0:a1:42:7f:5d:78:03:9c:92:76:f4:8b:27:cb:f5: 9b:a5:09:a6:f9:45:59:b5:89:6f:d0:38:a0:af:7e: 9a:94:83:10:df:24:ef:bb:d7:74:bc:7a:13:ff:b4: 75:7c:67:82:dd:0d:80:7d:31:71:dc:08:44:4a:44: 8e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:AB:70:36:55:40:37:F5:E7:40:E5:8E:A6:14:18:56:3E:0B:37:D4 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6:a::/47 Signature Algorithm: sha256WithRSAEncryption 38:dc:21:5e:db:6c:65:cb:6a:71:6a:09:ae:9b:03:7e:61:50: 39:3d:b8:6d:7b:ac:cf:1f:61:02:ba:21:de:bd:2d:17:f3:3d: c6:54:87:b6:1f:2f:e5:28:36:d8:29:e4:8f:eb:ed:b2:bc:b6: ac:6a:d0:42:96:41:7c:b6:fe:b6:08:85:bd:3b:c9:e4:64:38: ca:18:28:67:e2:21:74:49:d6:a3:c6:a3:45:49:34:2f:65:9a: 6f:e8:a8:4d:17:ce:ba:6e:4e:a5:a8:3d:ec:59:4d:65:3e:fa: 10:d6:0d:36:3a:c1:e9:03:4f:f7:44:a2:7e:58:7b:47:b6:b3: fb:1a:0d:b8:23:05:5b:18:08:41:a5:cf:0a:e0:f0:be:66:2e: 6c:c1:47:66:35:1e:eb:9b:b9:1b:a0:04:83:7c:ab:8d:13:ed: b8:7d:0a:60:c9:af:f0:7a:59:38:74:59:73:c7:de:c5:68:ae: e5:2f:70:03:67:13:0b:e7:3a:c7:88:bb:74:77:01:36:14:d5: 24:2a:d2:51:fc:53:cd:42:73:10:72:89:ce:43:e6:bf:8c:a7: 9c:1b:45:1c:c3:85:5d:31:f6:86:85:77:ea:bd:f9:62:3c:fa: ce:16:0c:95:7e:30:48:49:60:d8:f2:19:d4:5d:ad:ce:ef:3e: 88:b7:16:38 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUca4vpViHxgJvvScxSy22IwlpMr4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNTRaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDFjMzhmMGRhNmUyYWQ4ZDgyNmMwNjg3ODU0ZTFjNmU0ZjU0YWVlZmJjMGJh NTNhZTk5ZTU5ZDA0NTRkOTkwYTIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPRd7Ts64xe0z6TMw3Q39DP+CgCplvEDzP1AeZ5Ky4jXSDMXEIEMQ7kbLEG2 +7zXS7g8izxDPen4UUQ28bVipDzkWSrqxojulO9ye7y/jecyNZKgiDD3/rgQLEuj vzv5EhpyKjBHiS+ZbSWyY6Qu0o7P+7kSl2046WY4SvWK/QXmb9oFzTbnjvBsrI+W I2Of+HxIrW+b3kLahdJikuBkws2GedgdUWevRaHQw14dIM6Qyv4aTq4cpqN/ZAWI 4WJU84/EoKFCf114A5ySdvSLJ8v1m6UJpvlFWbWJb9A4oK9+mpSDEN8k77vXdLx6 E/+0dXxngt0NgH0xcdwIREpEjjcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKq3A2 VUA39edA5Y6mFBhWPgs31DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv Yzc3MmJkNWEtNGY3Mi00YWQ0LWE1ZDAtOWVkODJlNWYxZTk1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA CjANBgkqhkiG9w0BAQsFAAOCAQEAONwhXttsZctqcWoJrpsDfmFQOT24bXuszx9h Aroh3r0tF/M9xlSHth8v5Sg22Cnkj+vtsry2rGrQQpZBfLb+tgiFvTvJ5GQ4yhgo Z+IhdEnWo8ajRUk0L2Wab+ioTRfOum5Opag97FlNZT76ENYNNjrB6QNP90Siflh7 R7az+xoNuCMFWxgIQaXPCuDwvmYubMFHZjUe65u5G6AEg3yrjRPtuH0KYMmv8HpZ OHRZc8fexWiu5S9wA2cTC+c6x4i7dHcBNhTVJCrSUfxTzUJzEHKJzkPmv4ynnBtF HMOFXTH2hoV36r35Yjz6zhYMlX4wSElg2PIZ1F2tzu8+iLcWOA== -----END CERTIFICATE-----Generated at Sat Dec 6 21:48:00 2025 by rpki-client