This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d5d13f03-51e3-4e02-981f-1c9a02e38524.roa File: d5d13f03-51e3-4e02-981f-1c9a02e38524.roa (raw, json) Hash identifier: MG471LQ8NwUsaMsBCeMuE3fPqeFpqNVfhgs4DLDQSw8= Subject key identifier: DC:51:58:23:23:71:B7:2B:17:29:FE:11:3D:EA:E9:AA:21:C7:03:42 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 6368320B952F26C601978B83DC0E58D0E707CABF Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d5d13f03-51e3-4e02-981f-1c9a02e38524.roa Signing time: Tue 02 Dec 2025 01:40:41 +0000 ROA not before: Tue 02 Dec 2025 01:40:41 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc7:5000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:68:32:0b:95:2f:26:c6:01:97:8b:83:dc:0e:58:d0:e7:07:ca:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:41 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=41e78f79417557dc3c833422872de8914afee533b3a3df4a53321106030c7f9b, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:36:b3:ea:22:e9:ac:75:98:f5:1e:0f:38:4a: a3:e3:46:b7:05:26:2d:f5:36:5f:b7:a7:7c:07:f0: 67:7f:af:46:01:a3:cb:4e:c3:b6:11:29:cb:57:34: 39:bb:5d:18:2e:c2:87:91:0a:ee:06:09:4b:10:ce: 46:f9:19:67:d5:47:42:38:2a:e1:a5:6a:1f:88:84: 65:65:c6:32:70:97:1c:6b:2c:7a:7d:6c:65:d0:ce: 58:01:f2:aa:78:4f:ac:cc:91:09:31:a8:f9:7c:87: a2:48:e0:11:99:9a:79:5d:62:6c:38:d6:6f:6b:76: a1:98:29:ec:a3:02:3a:c8:3d:7f:0b:cb:8a:ef:8c: 22:5d:32:61:a0:80:9c:00:4b:f0:98:59:60:ca:bb: 82:6b:d7:7b:fd:18:d9:a3:ab:9b:6f:a3:e1:48:3b: 9e:fa:7c:37:71:1a:68:aa:7e:2b:d8:da:7f:0a:9e: 51:7f:3f:2e:dc:50:4c:fd:32:fb:e9:7e:78:d7:53: cd:16:1d:73:a9:a2:61:cc:60:82:65:b5:c1:6f:1b: ff:0d:12:5f:db:78:14:4f:92:7a:a8:ce:15:2b:d5: 97:7c:59:08:12:50:75:56:c8:d7:cb:bd:2d:44:0f: 9a:bc:e9:7e:90:7f:c5:f3:93:df:8b:e6:f1:c4:67: cd:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:51:58:23:23:71:B7:2B:17:29:FE:11:3D:EA:E9:AA:21:C7:03:42 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d5d13f03-51e3-4e02-981f-1c9a02e38524.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc7:5000::/36 Signature Algorithm: sha256WithRSAEncryption 63:f5:4a:11:a5:99:9b:9a:3c:b5:44:77:52:61:6c:53:56:92: 18:74:82:5d:b2:8e:6d:97:bc:70:89:16:54:06:7c:b8:99:fc: 69:7f:c9:e3:2a:c6:18:c6:b7:db:86:6e:20:7a:30:70:77:b8: 56:1e:43:cb:8d:24:91:b3:27:47:d8:f2:5a:df:4e:cd:a3:4a: 99:2c:5c:68:0c:35:a2:76:df:f1:65:01:70:6d:a6:75:12:87: 3c:e9:83:44:b2:a1:e4:9c:7c:88:88:f1:a2:94:18:80:6a:ee: 58:52:ee:07:cb:c1:15:93:f0:e5:d0:a1:8e:9d:e5:26:3d:4e: 50:b5:f4:fd:03:12:53:3d:d9:9a:94:4a:58:47:d1:42:59:3d: 0f:ae:03:6d:f0:8a:00:0b:f6:55:f4:76:0c:7d:01:0d:03:4b: 2a:da:91:78:da:a1:5a:d8:ba:f9:ef:38:e2:85:0f:12:e8:b8: 01:f3:30:19:0b:43:6d:7e:79:57:05:3d:da:82:fb:b4:6d:00: 39:05:7c:b9:f6:8c:19:45:19:63:1f:23:02:f6:13:40:61:69: 4d:cc:e3:c0:d1:75:a4:64:0f:42:85:04:38:1c:06:c4:62:8c: f0:f3:b0:2f:f0:02:67:42:9e:ff:2c:7f:dc:c6:ca:f3:e5:76: 12:35:2a:cf -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUY2gyC5UvJsYBl4uD3A5Y0OcHyr8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNDFaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDQxZTc4Zjc5NDE3NTU3ZGMzYzgzMzQyMjg3MmRlODkxNGFmZWU1MzNiM2Ez ZGY0YTUzMzIxMTA2MDMwYzdmOWIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIw2s+oi6ax1mPUeDzhKo+NGtwUmLfU2X7enfAfwZ3+vRgGjy07DthEpy1c0 ObtdGC7Ch5EK7gYJSxDORvkZZ9VHQjgq4aVqH4iEZWXGMnCXHGssen1sZdDOWAHy qnhPrMyRCTGo+XyHokjgEZmaeV1ibDjWb2t2oZgp7KMCOsg9fwvLiu+MIl0yYaCA nABL8JhZYMq7gmvXe/0Y2aOrm2+j4Ug7nvp8N3EaaKp+K9jafwqeUX8/LtxQTP0y ++l+eNdTzRYdc6miYcxggmW1wW8b/w0SX9t4FE+SeqjOFSvVl3xZCBJQdVbI18u9 LUQPmrzpfpB/xfOT34vm8cRnzYcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTcUVgj I3G3Kxcp/hE96umqIccDQjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZDVkMTNmMDMtNTFlMy00ZTAyLTk4MWYtMWM5YTAyZTM4NTI0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dQ MA0GCSqGSIb3DQEBCwUAA4IBAQBj9UoRpZmbmjy1RHdSYWxTVpIYdIJdso5tl7xw iRZUBny4mfxpf8njKsYYxrfbhm4gejBwd7hWHkPLjSSRsydH2PJa307No0qZLFxo DDWidt/xZQFwbaZ1Eoc86YNEsqHknHyIiPGilBiAau5YUu4Hy8EVk/Dl0KGOneUm PU5QtfT9AxJTPdmalEpYR9FCWT0PrgNt8IoAC/ZV9HYMfQENA0sq2pF42qFa2Lr5 7zjihQ8S6LgB8zAZC0NtfnlXBT3agvu0bQA5BXy59owZRRljHyMC9hNAYWlNzOPA 0XWkZA9ChQQ4HAbEYozw87Av8AJnQp7/LH/cxsrz5XYSNSrP -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:28 2025 by rpki-client