This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/74f381b2-46ae-4e78-8d95-25730216e683.roa File: 74f381b2-46ae-4e78-8d95-25730216e683.roa (raw, json) Hash identifier: tl+4rfxhbYT8oiv0hABtR3liAbEJhrWcijvoi1Tf7rc= Subject key identifier: C5:0A:4A:B4:66:F3:2D:7E:85:FA:47:FC:EF:D0:2E:DF:DF:69:33:1B Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 0F4ED7E5EC4B737C11D68F00A732ACCF949D7ADD Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/74f381b2-46ae-4e78-8d95-25730216e683.roa Signing time: Tue 11 Nov 2025 21:23:06 +0000 ROA not before: Tue 11 Nov 2025 21:23:06 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2001:3fc2:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 19 Nov 2025 08:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:4e:d7:e5:ec:4b:73:7c:11:d6:8f:00:a7:32:ac:cf:94:9d:7a:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Nov 11 21:23:06 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=e7317e67f750026dba845d529f4d02396c43d520b1a5830b9972948e91e46452, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:3a:47:70:4e:07:4c:2e:48:87:dc:9d:e1:9c: 6a:94:79:6c:96:5f:bc:c1:38:1a:b7:2c:5a:7f:91: 00:3a:da:c3:3d:89:55:7c:a3:ea:b2:39:9b:12:2b: f3:b0:c1:ec:e7:75:44:b0:ce:7e:28:f9:95:17:58: 00:b6:46:aa:be:a5:e5:f6:0c:32:51:60:e2:c6:a9: 69:00:32:c6:bc:93:c2:d1:6f:c7:aa:e6:4e:17:b6: 6b:e1:d2:d1:a8:4c:fe:05:af:8a:ef:96:a1:79:87: cf:61:2f:3e:49:71:b5:32:c3:87:c3:1b:3e:7f:13: cd:b4:60:6c:cb:8b:92:92:62:62:4f:06:68:8e:e0: 2a:86:a0:c1:93:ac:6a:4c:99:38:b4:21:ac:bc:60: c2:fd:2d:e7:cb:c9:00:21:69:b2:8c:a6:1e:b7:6b: 40:f9:f3:39:69:d8:c6:c1:52:11:d9:a3:ea:9f:2c: 7b:44:6f:ef:76:c9:d0:ac:ae:6b:8b:22:fd:75:2c: cb:3c:1b:35:6e:25:bc:0e:9a:a8:94:40:d8:c9:4c: 9d:98:69:ec:bd:fa:be:fc:01:8f:8b:75:42:40:c5: 0e:76:8d:0d:bb:08:be:b6:e3:65:ea:76:1c:bb:fc: f6:b7:51:d3:d4:36:6b:14:e8:5a:5c:a2:22:b6:dc: 19:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:0A:4A:B4:66:F3:2D:7E:85:FA:47:FC:EF:D0:2E:DF:DF:69:33:1B X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/74f381b2-46ae-4e78-8d95-25730216e683.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3fc2:8000::/36 Signature Algorithm: sha256WithRSAEncryption 5f:a7:12:54:55:2e:65:3e:6e:11:58:be:46:77:96:cb:62:f0: f4:5b:09:62:9e:60:b7:96:fc:82:41:d4:8b:ef:3b:eb:80:4f: 8a:d5:01:95:4c:e2:1d:0e:dc:e3:e3:b0:0e:16:5b:75:75:7a: 23:87:2a:03:f6:e5:53:96:fa:0c:40:0b:31:65:bb:23:7a:2a: a4:f8:66:88:d1:bd:7f:46:af:97:6a:fa:8a:99:d7:fa:6a:a4: cc:a8:7c:98:e9:18:21:a1:75:f6:eb:e3:42:eb:22:45:ea:09: 4b:c5:b7:b2:2e:38:fe:c6:2a:a4:a3:98:f3:e5:bc:dc:92:ef: b5:b0:46:6b:73:ee:cd:fc:d5:fb:9d:c6:79:14:64:81:48:57: 62:71:de:8d:e7:ec:94:bf:b9:59:1a:f4:69:89:ea:ae:18:1f: fc:52:1e:a2:91:0f:cd:12:aa:16:18:e6:aa:a7:92:39:20:f1: ac:ac:f8:51:dc:f0:a5:8d:11:0b:b9:5c:ba:17:e6:98:e9:7d: 48:86:8f:40:94:51:e8:7d:de:61:95:fe:dd:e3:d0:9c:2c:e0: 57:a9:ad:4c:2f:97:8d:42:72:f6:89:7c:a6:19:14:ea:ef:81: 4d:17:42:aa:21:28:ce:4f:a2:e3:cf:fa:c1:6f:69:1f:c3:80: b5:63:4b:cf -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUD07X5exLc3wR1o8ApzKsz5Sdet0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTExMTEyMTIzMDZaFw0yNTEyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGU3MzE3ZTY3Zjc1MDAyNmRiYTg0NWQ1MjlmNGQwMjM5NmM0M2Q1MjBiMWE1 ODMwYjk5NzI5NDhlOTFlNDY0NTIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJg6R3BOB0wuSIfcneGcapR5bJZfvME4GrcsWn+RADrawz2JVXyj6rI5mxIr 87DB7Od1RLDOfij5lRdYALZGqr6l5fYMMlFg4sapaQAyxryTwtFvx6rmThe2a+HS 0ahM/gWviu+WoXmHz2EvPklxtTLDh8MbPn8TzbRgbMuLkpJiYk8GaI7gKoagwZOs akyZOLQhrLxgwv0t58vJACFpsoymHrdrQPnzOWnYxsFSEdmj6p8se0Rv73bJ0Kyu a4si/XUsyzwbNW4lvA6aqJRA2MlMnZhp7L36vvwBj4t1QkDFDnaNDbsIvrbjZep2 HLv89rdR09Q2axToWlyiIrbcGX0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTFCkq0 ZvMtfoX6R/zv0C7f32kzGzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NzRmMzgxYjItNDZhZS00ZTc4LThkOTUtMjU3MzAyMTZlNjgzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8KA MA0GCSqGSIb3DQEBCwUAA4IBAQBfpxJUVS5lPm4RWL5Gd5bLYvD0WwlinmC3lvyC QdSL7zvrgE+K1QGVTOIdDtzj47AOFlt1dXojhyoD9uVTlvoMQAsxZbsjeiqk+GaI 0b1/Rq+XavqKmdf6aqTMqHyY6RghoXX26+NC6yJF6glLxbeyLjj+xiqko5jz5bzc ku+1sEZrc+7N/NX7ncZ5FGSBSFdicd6N5+yUv7lZGvRpiequGB/8Uh6ikQ/NEqoW GOaqp5I5IPGsrPhR3PCljRELuVy6F+aY6X1Iho9AlFHofd5hlf7d49CcLOBXqa1M L5eNQnL2iXymGRTq74FNF0KqISjOT6Ljz/rBb2kfw4C1Y0vP -----END CERTIFICATE-----Generated at Tue Nov 18 13:04:35 2025 by rpki-client