This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/fda00aef-6886-4665-94fd-a76addf441b7.roa File: fda00aef-6886-4665-94fd-a76addf441b7.roa (raw, json) Hash identifier: +c0hiD2+sQNlvMpJrwGrjTMt1ltXn14P83APXeOfjJc= Subject key identifier: 47:27:67:2A:17:B3:EC:3D:E8:8D:BB:23:20:89:98:B9:B2:FE:AE:7C Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 15D9CF252ECB7B248332B17D20A4270803E8AE06 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/fda00aef-6886-4665-94fd-a76addf441b7.roa Signing time: Tue 02 Dec 2025 01:40:26 +0000 ROA not before: Tue 02 Dec 2025 01:40:26 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc3:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:d9:cf:25:2e:cb:7b:24:83:32:b1:7d:20:a4:27:08:03:e8:ae:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 2 01:40:26 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=01308285e3ed2990d73b4419600a46f92e3a20ada69b50ad65a3821ba1f94f53, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f4:7c:94:54:f1:5b:dc:6e:92:10:d3:bf:0b: 47:d3:aa:7a:c0:91:6d:1c:b2:0a:9f:c1:d9:6f:da: 06:93:bd:22:ab:09:b9:ab:81:a6:d8:dd:10:58:95: 12:8a:24:93:ea:8b:40:1e:6f:59:26:52:06:b2:21: 08:75:7c:54:be:15:03:b2:79:8f:5f:32:a1:e1:4f: 93:f3:26:44:b0:43:f6:8c:be:1c:30:c9:d6:08:22: 49:00:1d:0b:46:9d:eb:09:67:fb:c5:f5:c9:68:21: d6:c1:50:ce:3a:b3:ba:64:6e:5c:82:92:37:3f:91: 95:c0:c5:7d:33:75:02:b8:b9:d7:1a:63:63:59:c2: 52:b3:23:40:54:a4:a0:c0:14:f6:90:78:de:11:36: 83:6b:15:b0:69:80:76:15:ec:64:da:54:1e:a1:8a: fe:95:14:6f:e7:b4:c4:a9:ff:bb:54:71:0a:a9:a8: 07:a5:ea:40:c3:a5:bf:e5:36:71:cd:e0:77:7f:5d: 92:35:db:60:8f:77:0b:1f:9e:90:ad:4d:34:00:be: e1:f6:38:95:6b:4c:9f:2a:a9:be:8a:98:26:5e:5b: 3b:91:e0:bd:16:b7:89:e3:c8:a5:ba:46:ad:a8:d8: cc:64:bc:cf:ad:d9:18:43:36:68:7e:9f:ef:0e:65: ee:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:27:67:2A:17:B3:EC:3D:E8:8D:BB:23:20:89:98:B9:B2:FE:AE:7C X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/fda00aef-6886-4665-94fd-a76addf441b7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc3:8000::/36 Signature Algorithm: sha256WithRSAEncryption 0f:96:44:45:95:cb:52:c3:19:26:68:fe:a7:10:ef:35:f4:50: 10:f0:61:ba:08:2e:ce:58:7f:56:cf:eb:46:4e:95:bf:84:16: a2:25:bd:b7:c0:a0:0e:e8:60:f5:1a:0f:cc:1d:8e:17:18:9e: f7:c2:e5:1f:6e:75:01:d5:37:d0:a8:d5:d8:7c:bb:b9:95:f6: 2a:9a:41:6c:14:55:73:70:da:5b:f3:00:2f:93:56:1e:d1:85: 0d:ff:8f:13:44:dd:15:89:a7:83:b7:09:c4:68:09:30:ab:c7: 3a:6a:2c:a2:fe:2c:1a:76:ff:12:fc:3b:f1:d5:a9:bb:39:95: 36:91:84:09:ac:29:e3:52:19:89:ad:b1:2a:55:84:2e:ab:58: a5:f5:8f:72:89:2e:55:87:43:6d:51:c4:f6:58:6d:f0:9c:74: 2a:f6:b2:4a:89:2c:b3:05:16:1e:fa:ba:88:95:55:77:45:73: ca:92:4e:d7:0e:ea:41:73:ac:1e:81:c3:8b:ad:91:34:fc:88: 78:33:7e:28:cd:45:65:92:86:52:cf:c9:f7:dd:e9:9c:59:ca: c3:33:0a:1f:ea:ec:d3:be:c3:af:a5:f3:a5:c4:b1:ff:eb:0a: 15:63:79:a9:0b:e9:d2:b3:55:e5:2d:5a:3a:9d:72:d3:a2:f6: 51:eb:33:79 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUFdnPJS7LeySDMrF9IKQnCAPorgYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDIwMTQwMjZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDAxMzA4Mjg1ZTNlZDI5OTBkNzNiNDQxOTYwMGE0NmY5MmUzYTIwYWRhNjli NTBhZDY1YTM4MjFiYTFmOTRmNTMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMH0fJRU8VvcbpIQ078LR9OqesCRbRyyCp/B2W/aBpO9IqsJuauBptjdEFiV Eookk+qLQB5vWSZSBrIhCHV8VL4VA7J5j18yoeFPk/MmRLBD9oy+HDDJ1ggiSQAd C0ad6wln+8X1yWgh1sFQzjqzumRuXIKSNz+RlcDFfTN1Ari51xpjY1nCUrMjQFSk oMAU9pB43hE2g2sVsGmAdhXsZNpUHqGK/pUUb+e0xKn/u1RxCqmoB6XqQMOlv+U2 cc3gd39dkjXbYI93Cx+ekK1NNAC+4fY4lWtMnyqpvoqYJl5bO5HgvRa3iePIpbpG rajYzGS8z63ZGEM2aH6f7w5l7hkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHJ2cq F7PsPeiNuyMgiZi5sv6ufDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZmRhMDBhZWYtNjg4Ni00NjY1LTk0ZmQtYTc2YWRkZjQ0MWI3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8OA MA0GCSqGSIb3DQEBCwUAA4IBAQAPlkRFlctSwxkmaP6nEO819FAQ8GG6CC7OWH9W z+tGTpW/hBaiJb23wKAO6GD1Gg/MHY4XGJ73wuUfbnUB1TfQqNXYfLu5lfYqmkFs FFVzcNpb8wAvk1Ye0YUN/48TRN0ViaeDtwnEaAkwq8c6aiyi/iwadv8S/Dvx1am7 OZU2kYQJrCnjUhmJrbEqVYQuq1il9Y9yiS5Vh0NtUcT2WG3wnHQq9rJKiSyzBRYe +rqIlVV3RXPKkk7XDupBc6wegcOLrZE0/Ih4M34ozUVlkoZSz8n33emcWcrDMwof 6uzTvsOvpfOlxLH/6woVY3mpC+nSs1XlLVo6nXLTovZR6zN5 -----END CERTIFICATE-----Generated at Sat Dec 6 10:48:49 2025 by rpki-client