This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa File: e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa (raw, json) Hash identifier: KSSQGby+2YCRqAtlgH7Wy7ww8h/MTD5gAB4lI6kP2SQ= Subject key identifier: AA:F3:68:77:C5:BA:DC:D9:37:91:0B:CB:05:EF:4C:D7:A6:C9:F0:C7 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 3E22116CB992EE9D7C5B029002D78670CD3278A2 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa Signing time: Tue 02 Dec 2025 01:30:14 +0000 ROA not before: Tue 02 Dec 2025 01:30:14 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc6:100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:22:11:6c:b9:92:ee:9d:7c:5b:02:90:02:d7:86:70:cd:32:78:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:14 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=d91fbb4cc7d249040978037fe5d204476eaede571a266dd3d1d0e4535cd42253, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:89:52:9e:bb:59:d3:e3:12:97:96:4f:c6:af: cc:c7:ab:8c:41:d1:03:0d:67:ef:17:ab:05:14:d7: 89:91:6c:b6:3c:86:14:fc:08:43:1e:eb:4c:51:fd: a0:d7:35:c8:44:09:0a:7b:4f:ed:7a:e9:c3:1f:f5: c8:00:e3:50:5a:f3:49:0a:ec:8c:84:99:39:7a:ce: 0c:50:ee:65:fc:41:7f:a7:e8:f3:32:b4:28:e9:69: e6:f7:e0:ce:88:a5:16:97:04:8a:ad:39:ca:f5:a2: eb:f7:53:42:cd:30:25:34:5d:95:f7:5c:51:17:85: c9:9d:05:0a:70:1b:0c:86:72:a8:59:b8:97:c7:c9: 81:46:81:7f:1d:cf:f9:39:d6:d1:68:e5:31:29:81: 81:f6:fc:f4:7f:02:b7:72:20:9c:e9:60:f2:b6:06: 66:ad:01:7b:ed:c5:7f:4a:8b:38:c3:25:7e:6d:c0: c2:3e:7d:a9:18:fb:b5:8c:4d:21:32:29:34:b9:68: 9a:7e:22:9f:81:3c:cd:83:13:92:a0:25:0c:5e:25: 2c:b6:e6:8f:c5:c2:44:32:72:8b:31:82:d2:e3:da: c6:92:65:8d:de:a2:5a:65:57:df:75:c6:bc:4f:b5: 08:85:0d:15:d6:0f:61:27:2c:1d:a8:46:4b:0c:e9: bc:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:F3:68:77:C5:BA:DC:D9:37:91:0B:CB:05:EF:4C:D7:A6:C9:F0:C7 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc6:100::/48 Signature Algorithm: sha256WithRSAEncryption be:39:0a:2c:5c:d0:2e:9e:89:cc:40:be:c2:0a:a4:ff:6b:5d: 3d:4b:a7:5f:f7:c8:fc:0a:ec:a0:59:51:ba:0b:67:b1:a6:b7: 96:fe:58:c8:76:c7:cc:a7:da:ed:80:56:ea:d7:3e:87:23:06: e4:6e:b5:37:29:4d:0c:72:9b:12:50:6b:9b:7f:84:18:e9:59: ba:ed:ca:c8:12:88:77:cc:f6:52:e8:d8:2d:69:b8:aa:4d:76: af:09:8b:66:4a:4d:88:1f:b8:39:8a:bb:6b:df:cf:b9:fd:54: eb:5d:aa:c6:33:46:26:93:24:d8:6f:f0:a4:a8:3a:9b:d9:06: a1:af:aa:0d:eb:a6:46:a8:1b:92:3e:9c:10:03:ec:b6:98:e7: 21:10:4f:9a:5d:d4:4c:86:ff:e5:0d:b6:a6:b7:03:b5:dd:f2: 10:13:f2:2c:41:8e:63:bd:a4:64:62:ec:2b:f2:92:42:e5:cd: 08:0f:87:96:fb:4f:dc:88:52:a8:3d:66:fa:8f:49:3c:9f:dd: 35:2c:6e:9e:5e:53:17:0e:6f:e4:ad:bb:67:87:88:8f:0e:34: 99:28:cd:2b:37:9f:41:93:ec:9a:2b:51:12:9b:b3:ba:7b:64: ba:86:d9:4e:10:3b:33:ed:cb:78:66:aa:6b:f9:6b:08:80:8f: 6f:c7:98:67 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUPiIRbLmS7p18WwKQAteGcM0yeKIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTRaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGQ5MWZiYjRjYzdkMjQ5MDQwOTc4MDM3ZmU1ZDIwNDQ3NmVhZWRlNTcxYTI2 NmRkM2QxZDBlNDUzNWNkNDIyNTMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANyJUp67WdPjEpeWT8avzMerjEHRAw1n7xerBRTXiZFstjyGFPwIQx7rTFH9 oNc1yEQJCntP7Xrpwx/1yADjUFrzSQrsjISZOXrODFDuZfxBf6fo8zK0KOlp5vfg zoilFpcEiq05yvWi6/dTQs0wJTRdlfdcUReFyZ0FCnAbDIZyqFm4l8fJgUaBfx3P +TnW0WjlMSmBgfb89H8Ct3IgnOlg8rYGZq0Be+3Ff0qLOMMlfm3Awj59qRj7tYxN ITIpNLlomn4in4E8zYMTkqAlDF4lLLbmj8XCRDJyizGC0uPaxpJljd6iWmVX33XG vE+1CIUNFdYPYScsHahGSwzpvHECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSq82h3 xbrc2TeRC8sF70zXpsnwxzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZTRkYWQ4YzctOWE5ZC00NzRmLWFhZjItYWI3YTllNTE3Mjg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YB ADANBgkqhkiG9w0BAQsFAAOCAQEAvjkKLFzQLp6JzEC+wgqk/2tdPUunX/fI/Ars oFlRugtnsaa3lv5YyHbHzKfa7YBW6tc+hyMG5G61NylNDHKbElBrm3+EGOlZuu3K yBKId8z2UujYLWm4qk12rwmLZkpNiB+4OYq7a9/Puf1U612qxjNGJpMk2G/wpKg6 m9kGoa+qDeumRqgbkj6cEAPstpjnIRBPml3UTIb/5Q22prcDtd3yEBPyLEGOY72k ZGLsK/KSQuXNCA+HlvtP3IhSqD1m+o9JPJ/dNSxunl5TFw5v5K27Z4eIjw40mSjN KzefQZPsmitREpuzuntkuobZThA7M+3LeGaqa/lrCICPb8eYZw== -----END CERTIFICATE-----Generated at Sat Dec 6 20:51:14 2025 by rpki-client