This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d3861b82-61e2-49b9-b47f-b22209774f28.roa File: d3861b82-61e2-49b9-b47f-b22209774f28.roa (raw, json) Hash identifier: RSHpzBrlJeBxRJu2FfhPyC6L6nuiZVCqqhJ/+cwvtzI= Subject key identifier: D1:95:54:78:81:9C:7E:64:08:54:60:F5:02:F1:E1:A2:61:AF:A5:48 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 4E3674B2196E23007E34E6DA2CE45475782E7B32 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d3861b82-61e2-49b9-b47f-b22209774f28.roa Signing time: Tue 02 Dec 2025 01:40:42 +0000 ROA not before: Tue 02 Dec 2025 01:40:42 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:f800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:36:74:b2:19:6e:23:00:7e:34:e6:da:2c:e4:54:75:78:2e:7b:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:42 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=b7482c25e157cfe73f24881bf2108cb1367d08f063e1800546ac9150939bcd1c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:a1:24:67:23:ed:0a:7e:cc:b5:14:bd:24:7f: 97:83:75:60:9e:94:cd:c2:32:c8:85:57:d5:ba:95: 16:86:b8:4f:81:94:01:be:8f:40:42:6e:49:02:5f: 51:06:97:db:b1:9c:91:53:42:a1:56:74:41:1c:44: 59:9d:39:5d:de:d0:b0:02:2e:94:84:fc:91:25:4f: 52:12:8a:1f:dd:32:ef:4e:51:c4:44:7a:2f:eb:1a: 96:74:89:b2:a0:31:c6:b3:f9:40:b4:4e:16:c0:5f: e3:96:e6:54:08:ef:72:c1:d2:81:9a:e4:18:57:bc: 2d:55:fc:77:be:44:cf:97:ca:cc:e9:25:c9:a4:76: 61:47:d1:3b:81:fa:5d:cc:32:35:d1:57:4d:3d:5e: d1:a9:e6:72:40:36:48:b7:52:3d:f8:25:cd:4a:0b: be:ee:25:0e:ba:ca:32:d1:b3:45:0c:3f:99:41:29: 7a:1b:ad:5c:5e:1f:0c:f7:6e:16:9c:08:66:80:37: fb:95:28:63:db:5b:63:2d:eb:c9:99:7a:11:30:56: 62:69:60:a4:65:ac:4f:81:22:6e:09:7d:d8:96:56: ab:7c:a6:9b:b7:ef:19:5c:76:e1:82:b2:f0:a6:44: 6d:5f:fe:f4:a7:c5:fd:7a:91:1f:63:72:7f:15:46: bd:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:95:54:78:81:9C:7E:64:08:54:60:F5:02:F1:E1:A2:61:AF:A5:48 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d3861b82-61e2-49b9-b47f-b22209774f28.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:f800::/40 Signature Algorithm: sha256WithRSAEncryption 65:85:e7:b2:93:29:eb:34:63:44:2f:e5:10:0a:8c:a5:92:23: 14:75:e9:9d:0d:50:46:06:1f:a4:4b:5d:41:8e:aa:4a:d8:50: c8:bd:5d:d5:f7:7c:83:8c:93:9d:8e:79:78:ad:d0:42:a2:d2: d4:46:f8:23:35:ea:7a:c5:51:82:cd:fd:a9:80:0c:e7:71:42: df:00:4a:f9:5e:18:de:4e:b9:f0:93:8f:4e:c8:5a:2a:4e:8c: fb:71:56:c5:b0:09:d5:75:9c:56:cd:91:87:52:5a:18:e3:fa: f4:2d:76:a0:a4:2e:ef:c5:d6:24:d1:68:49:f8:ce:90:e6:a4: 92:23:11:69:e1:6e:f1:82:41:eb:ce:7c:b7:3b:58:1b:d6:19: d7:e2:02:bb:6b:04:d3:44:f4:b0:6c:55:5f:be:7b:a6:8e:75: c6:c2:30:d7:7e:9b:20:98:1c:2a:60:45:fd:fc:db:49:f5:65: bd:85:4c:c5:75:b0:60:07:f4:8b:87:ff:b4:c1:b1:c9:55:f5: 31:c0:24:b2:8f:21:b0:27:32:23:d6:19:31:e8:7f:a0:c1:22: 0c:ad:5a:06:8e:af:26:f2:ba:8d:04:59:ef:66:fb:1b:01:f1: 92:0b:1b:68:48:82:f1:d4:f1:dc:5c:69:4b:2c:e4:3b:3c:ed: a8:01:ec:22 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUTjZ0shluIwB+NObaLORUdXguezIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNDJaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGI3NDgyYzI1ZTE1N2NmZTczZjI0ODgxYmYyMTA4Y2IxMzY3ZDA4ZjA2M2Ux ODAwNTQ2YWM5MTUwOTM5YmNkMWMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANKhJGcj7Qp+zLUUvSR/l4N1YJ6UzcIyyIVX1bqVFoa4T4GUAb6PQEJuSQJf UQaX27GckVNCoVZ0QRxEWZ05Xd7QsAIulIT8kSVPUhKKH90y705RxER6L+salnSJ sqAxxrP5QLROFsBf45bmVAjvcsHSgZrkGFe8LVX8d75Ez5fKzOklyaR2YUfRO4H6 XcwyNdFXTT1e0anmckA2SLdSPfglzUoLvu4lDrrKMtGzRQw/mUEpehutXF4fDPdu FpwIZoA3+5UoY9tbYy3ryZl6ETBWYmlgpGWsT4Eibgl92JZWq3ymm7fvGVx24YKy 8KZEbV/+9KfF/XqRH2NyfxVGvZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRlVR4 gZx+ZAhUYPUC8eGiYa+lSDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZDM4NjFiODItNjFlMi00OWI5LWI0N2YtYjIyMjA5Nzc0ZjI4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8f4 MA0GCSqGSIb3DQEBCwUAA4IBAQBlheeykynrNGNEL+UQCoylkiMUdemdDVBGBh+k S11BjqpK2FDIvV3V93yDjJOdjnl4rdBCotLURvgjNep6xVGCzf2pgAzncULfAEr5 XhjeTrnwk49OyFoqToz7cVbFsAnVdZxWzZGHUloY4/r0LXagpC7vxdYk0WhJ+M6Q 5qSSIxFp4W7xgkHrzny3O1gb1hnX4gK7awTTRPSwbFVfvnumjnXGwjDXfpsgmBwq YEX9/NtJ9WW9hUzFdbBgB/SLh/+0wbHJVfUxwCSyjyGwJzIj1hkx6H+gwSIMrVoG jq8m8rqNBFnvZvsbAfGSCxtoSILx1PHcXGlLLOQ7PO2oAewi -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:20 2025 by rpki-client