This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/f1ac118e-e6d3-4c1a-be43-c76f57238339.roa File: f1ac118e-e6d3-4c1a-be43-c76f57238339.roa (raw, json) Hash identifier: s/6epv97yj4BdmkAwe9frAGUl6Q5AXtrI1wH9XtJ9m4= Subject key identifier: B3:C5:E5:E3:38:7F:AA:A6:75:18:17:71:4A:79:78:FE:6E:57:B7:6C Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 103692658212D78B37149CA77340D8F6BB1C8532 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/f1ac118e-e6d3-4c1a-be43-c76f57238339.roa Signing time: Tue 02 Dec 2025 01:30:16 +0000 ROA not before: Tue 02 Dec 2025 01:30:16 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2001:3fc5:9800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:36:92:65:82:12:d7:8b:37:14:9c:a7:73:40:d8:f6:bb:1c:85:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:30:16 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=389a1faad50ad9edc427f0cfae5d202bb7ea58647548316f573f92a8f1ab4066, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:de:1b:8c:ac:96:fb:8c:3f:61:21:7f:cf:2c: 97:26:aa:d1:41:29:04:49:56:70:e4:20:55:98:d3: dd:a6:ed:3c:86:44:ef:3d:c5:42:5c:41:30:de:00: a8:3d:68:17:45:67:ef:7b:ae:27:25:79:f4:8f:0a: b3:08:20:13:b5:43:eb:3a:06:ee:96:4c:51:09:02: 53:69:15:1f:c1:c3:86:fd:33:03:5b:6e:5a:66:d4: 4e:c4:ad:20:01:92:51:91:87:b9:f0:30:30:30:3c: 5e:60:53:82:bd:e0:3d:a7:03:df:50:c8:10:2c:37: f5:a8:1b:00:c2:82:9e:8c:d1:24:8f:f1:df:eb:f3: e3:07:0a:ed:b0:ff:e2:84:e3:70:ac:8b:0b:9f:4d: 6f:64:0e:ac:ad:08:05:5d:e9:58:b2:02:27:19:58: a4:5b:f9:64:d8:a8:87:8d:df:b7:7e:27:4e:bf:19: cb:8f:b7:a3:57:5a:c4:0e:67:0d:da:a0:4d:20:9f: f8:4d:83:a3:d0:25:f4:ce:8a:a3:3a:ab:c6:40:7e: de:2f:81:e8:47:09:50:52:c9:8a:aa:cc:91:2b:38: 6c:98:7b:c5:20:f0:44:ee:60:4e:fe:93:bb:bb:69: b2:d1:a7:53:e0:dd:f9:04:8a:b0:a9:ce:52:d4:02: 74:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:C5:E5:E3:38:7F:AA:A6:75:18:17:71:4A:79:78:FE:6E:57:B7:6C X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/f1ac118e-e6d3-4c1a-be43-c76f57238339.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc5:9800::/40 Signature Algorithm: sha256WithRSAEncryption a0:a5:d3:33:b5:34:13:4b:d0:2c:ba:6b:83:95:5d:2c:c7:2e: 2b:6e:b8:4e:36:dc:4a:99:84:b4:1a:10:63:bd:9d:55:46:4a: a2:a1:b1:5c:ed:b1:e7:f6:6a:68:fe:63:3a:19:80:35:af:91: dd:ee:d6:14:14:68:db:f0:35:91:b8:03:d9:b3:2e:06:4d:1e: 57:62:e2:9e:95:17:1e:7d:72:b9:7b:16:00:61:cd:8a:c6:5d: 21:bc:47:39:d3:6a:e9:b7:2a:28:07:36:eb:fe:41:c6:7a:71: fd:b8:6b:79:ec:3b:94:ef:23:6b:dc:fc:51:0f:80:d7:c8:45: d2:46:dd:6c:6f:19:67:6e:9a:da:0a:6a:b5:44:44:b8:08:81: 6d:f6:af:3a:0c:35:22:88:db:32:1b:4e:1f:a2:55:24:5b:20: 27:ea:c0:d6:18:6e:77:78:00:87:ba:11:2a:4c:9f:5e:15:02: af:13:d0:88:d5:e5:77:05:c3:47:94:cf:fa:52:c4:bb:7d:a6: 30:1b:3e:ff:30:37:21:36:39:bd:e4:bf:bd:87:89:2c:39:31: 36:ed:42:58:60:80:da:cf:80:60:9a:c9:85:b8:f9:dc:64:02: 79:53:b7:78:3a:a9:c8:12:19:df:50:81:88:bf:3e:a9:7b:25: 41:3e:df:41 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEDaSZYIS14s3FJync0DY9rschTIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTMwMTZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDM4OWExZmFhZDUwYWQ5ZWRjNDI3ZjBjZmFlNWQyMDJiYjdlYTU4NjQ3NTQ4 MzE2ZjU3M2Y5MmE4ZjFhYjQwNjYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfeG4yslvuMP2Ehf88slyaq0UEpBElWcOQgVZjT3abtPIZE7z3FQlxBMN4A qD1oF0Vn73uuJyV59I8KswggE7VD6zoG7pZMUQkCU2kVH8HDhv0zA1tuWmbUTsSt IAGSUZGHufAwMDA8XmBTgr3gPacD31DIECw39agbAMKCnozRJI/x3+vz4wcK7bD/ 4oTjcKyLC59Nb2QOrK0IBV3pWLICJxlYpFv5ZNioh43ft34nTr8Zy4+3o1daxA5n DdqgTSCf+E2Do9Al9M6KozqrxkB+3i+B6EcJUFLJiqrMkSs4bJh7xSDwRO5gTv6T u7tpstGnU+Dd+QSKsKnOUtQCdJUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzxeXj OH+qpnUYF3FKeXj+ble3bDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZjFhYzExOGUtZTZkMy00YzFhLWJlNDMtYzc2ZjU3MjM4MzM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WY MA0GCSqGSIb3DQEBCwUAA4IBAQCgpdMztTQTS9AsumuDlV0sxy4rbrhONtxKmYS0 GhBjvZ1VRkqiobFc7bHn9mpo/mM6GYA1r5Hd7tYUFGjb8DWRuAPZsy4GTR5XYuKe lRcefXK5exYAYc2Kxl0hvEc502rptyooBzbr/kHGenH9uGt57DuU7yNr3PxRD4DX yEXSRt1sbxlnbpraCmq1RES4CIFt9q86DDUiiNsyG04folUkWyAn6sDWGG53eACH uhEqTJ9eFQKvE9CI1eV3BcNHlM/6UsS7faYwGz7/MDchNjm95L+9h4ksOTE27UJY YIDaz4BgmsmFuPncZAJ5U7d4OqnIEhnfUIGIvz6peyVBPt9B -----END CERTIFICATE-----Generated at Sat Dec 6 11:45:54 2025 by rpki-client