This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ecfac2f3-79d5-4611-9977-14a354495dc8.roa File: ecfac2f3-79d5-4611-9977-14a354495dc8.roa (raw, json) Hash identifier: rQ2wC+J4ldPI7TyqeexpaQOBexGWC2fM8gNJXNgu8Ss= Subject key identifier: BE:4C:8E:C1:98:08:FE:49:BC:EE:90:94:85:D4:5B:85:09:6C:78:F1 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 10687D3CED5F95D0E3EAFF95A0B2EB63BFE6DAD9 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ecfac2f3-79d5-4611-9977-14a354495dc8.roa Signing time: Tue 02 Dec 2025 01:40:55 +0000 ROA not before: Tue 02 Dec 2025 01:40:55 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:68:7d:3c:ed:5f:95:d0:e3:ea:ff:95:a0:b2:eb:63:bf:e6:da:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:55 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=eb2b7cf697b4b18c1d62a5abd4a28eaf7bbac8218b83500942c8217769adde10, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:20:56:21:c9:3e:68:65:f0:1a:be:be:75:ac: 2c:2b:71:c1:30:b5:bc:f6:72:04:86:b7:f8:ab:63: e8:78:fb:2a:18:9b:d2:09:45:95:eb:8c:e6:d3:78: 77:ac:cf:60:60:3a:7b:d1:23:f8:a6:24:f3:2b:7b: ad:00:01:2a:d4:7c:9c:78:af:82:fe:dd:e9:fa:32: 07:8b:4e:7f:de:d3:a8:5a:d0:24:ff:5e:62:e0:e7: 10:3d:d8:6a:92:ba:b2:4a:30:f1:49:68:ea:e0:7c: 74:17:14:6b:dc:67:35:f2:84:e2:f6:26:76:8f:c4: 45:97:6b:44:b4:80:ed:47:9b:42:80:47:4e:4b:23: 0a:e2:71:49:15:d9:2e:0e:51:72:03:77:f7:b1:64: 14:4c:7a:52:b4:e9:ea:66:f3:24:13:e7:d8:ad:f9: 79:c7:d6:a9:6c:2e:3a:20:ac:63:e2:72:d2:2a:68: cc:77:48:44:81:1f:b6:d4:34:90:f7:51:e3:a7:0f: 17:22:32:97:96:45:33:e2:3c:a2:70:f1:17:6b:75: 73:1f:72:e4:a2:df:24:61:8f:e6:e5:d0:a5:57:7b: 9e:80:4c:78:f0:f7:16:aa:58:56:45:c0:60:73:2c: 60:e0:18:19:88:c2:ba:57:60:ed:15:07:d2:1f:a7: 32:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:4C:8E:C1:98:08:FE:49:BC:EE:90:94:85:D4:5B:85:09:6C:78:F1 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ecfac2f3-79d5-4611-9977-14a354495dc8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc0::/29 Signature Algorithm: sha256WithRSAEncryption 05:5b:d6:bb:5b:0e:f2:10:f5:c7:3d:db:de:b2:ff:fc:59:36: 60:9e:fb:e6:7f:cc:e0:d1:a7:63:0c:5c:26:a0:7a:e1:8b:79: 9a:05:84:18:32:af:1f:a3:2a:05:2a:2a:ca:ee:91:17:62:e0: a6:45:f5:80:da:0f:9e:9f:11:2f:c9:50:6c:7f:30:13:5f:89: 35:f4:cb:89:41:2d:41:37:02:b9:46:4a:d2:e9:74:4c:8a:b9: b1:99:b5:f7:d5:02:0b:6c:00:76:1a:c8:79:c6:4b:6f:ab:f6: a2:83:b9:cc:92:7c:73:06:36:03:9d:1a:15:78:43:92:cf:47: af:89:70:08:19:c1:94:3a:9f:5d:c4:45:ee:8c:06:08:2b:b2: 0d:dc:df:df:60:5b:00:0d:d2:4f:d4:a4:2d:4c:a1:d2:db:d2: da:24:74:e9:f7:fe:c7:2a:15:e9:15:28:83:1f:e9:da:45:82: 39:50:97:62:d3:e4:d4:e8:73:f4:c5:ab:f7:44:bf:c0:90:46: ba:bc:18:ac:89:22:9f:45:66:43:d6:68:68:97:62:e0:f5:67: 07:7f:d2:56:db:8e:82:1d:45:ca:7d:a3:dd:df:ee:4f:70:43: 60:92:90:2d:7f:10:26:df:96:7f:1d:44:5b:d0:67:ad:e5:35: 0a:07:22:59 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUEGh9PO1fldDj6v+VoLLrY7/m2tkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwNTVaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGViMmI3Y2Y2OTdiNGIxOGMxZDYyYTVhYmQ0YTI4ZWFmN2JiYWM4MjE4Yjgz NTAwOTQyYzgyMTc3NjlhZGRlMTAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN8gViHJPmhl8Bq+vnWsLCtxwTC1vPZyBIa3+Ktj6Hj7Khib0glFleuM5tN4 d6zPYGA6e9Ej+KYk8yt7rQABKtR8nHivgv7d6foyB4tOf97TqFrQJP9eYuDnED3Y apK6skow8Ulo6uB8dBcUa9xnNfKE4vYmdo/ERZdrRLSA7UebQoBHTksjCuJxSRXZ Lg5RcgN397FkFEx6UrTp6mbzJBPn2K35ecfWqWwuOiCsY+Jy0ipozHdIRIEfttQ0 kPdR46cPFyIyl5ZFM+I8onDxF2t1cx9y5KLfJGGP5uXQpVd7noBMePD3FqpYVkXA YHMsYOAYGYjCuldg7RUH0h+nMssCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS+TI7B mAj+SbzukJSF1FuFCWx48TAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZWNmYWMyZjMtNzlkNS00NjExLTk5NzctMTRhMzU0NDk1ZGM4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw DQYJKoZIhvcNAQELBQADggEBAAVb1rtbDvIQ9cc9296y//xZNmCe++Z/zODRp2MM XCageuGLeZoFhBgyrx+jKgUqKsrukRdi4KZF9YDaD56fES/JUGx/MBNfiTX0y4lB LUE3ArlGStLpdEyKubGZtffVAgtsAHYayHnGS2+r9qKDucySfHMGNgOdGhV4Q5LP R6+JcAgZwZQ6n13ERe6MBggrsg3c399gWwAN0k/UpC1ModLb0tokdOn3/scqFekV KIMf6dpFgjlQl2LT5NToc/TFq/dEv8CQRrq8GKyJIp9FZkPWaGiXYuD1Zwd/0lbb joIdRcp9o93f7k9wQ2CSkC1/ECbfln8dRFvQZ63lNQoHIlk= -----END CERTIFICATE-----Generated at Sat Dec 6 09:47:08 2025 by rpki-client