This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa File: 01b25f37-a868-47f9-bc61-95397088dcdf.roa (raw, json) Hash identifier: 0ByoQAImzjKRH5VertJmniFl3sCXPMfwsmPWmMylPo8= Subject key identifier: FF:35:20:1A:CA:FA:D6:3E:01:E0:BD:93:C1:96:CD:54:8E:EA:80:8A Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 3F640C6B4C4FF3499AA77736ED016F5BEA44D6B1 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa Signing time: Mon 08 Dec 2025 02:00:28 +0000 ROA not before: Mon 08 Dec 2025 02:00:28 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.224.190.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:64:0c:6b:4c:4f:f3:49:9a:a7:77:36:ed:01:6f:5b:ea:44:d6:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:28 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=57dd9dc21531996c00ee96537bf492b27e83b10993abe9d9508344b94cefbec9, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:37:48:f5:12:d1:99:00:4a:90:6c:35:1c:55: c8:a4:0c:8e:04:b9:49:8f:9f:56:dd:0d:d1:3a:15: c5:c2:01:94:ee:ec:c5:13:8a:d4:d9:ce:4b:87:5f: 54:87:6e:4f:ee:8b:08:76:f7:c5:a1:44:df:41:2c: 84:ab:f0:fb:65:62:0a:b0:6c:93:f7:44:74:74:4e: 45:21:ce:66:45:57:ed:c2:d6:05:c8:ac:44:fa:b1: 38:e4:e4:98:77:37:0f:25:23:e5:5b:07:d0:72:56: ca:33:25:d7:08:7d:86:44:c0:3e:03:5a:b0:7f:8f: 63:ab:b2:b6:b3:e7:3d:2c:df:55:a9:d6:4c:66:26: d8:a6:7d:cf:56:fe:54:e5:fb:d4:2e:8c:2c:d4:17: cc:e7:7c:20:fc:cc:b2:0b:4e:1a:f2:69:9f:ff:f9: 6f:11:bc:a6:e1:4c:bf:fb:d8:69:0d:1a:21:eb:19: 26:cf:1f:79:38:f1:1a:75:ad:3b:28:c2:49:4a:2a: b2:36:9b:9e:9a:c2:b7:21:2d:1f:4e:f0:d8:bd:e1: 19:83:49:18:8a:16:3f:95:c9:f9:9c:92:b5:89:6e: 22:d9:88:ca:00:7c:bd:38:6d:c6:0a:96:32:39:5b: 0f:06:37:ea:be:e5:a7:71:03:02:33:6a:4d:8f:c8: 88:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:35:20:1A:CA:FA:D6:3E:01:E0:BD:93:C1:96:CD:54:8E:EA:80:8A X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.224.190.0/23 Signature Algorithm: sha256WithRSAEncryption b2:84:62:f5:d4:91:b9:29:05:59:34:8b:51:3a:7f:02:f0:b0: 76:6e:24:33:36:98:b1:9c:80:6c:0c:bb:d1:e5:88:30:c4:59: 6c:43:0d:57:90:0a:78:ca:0a:8c:ec:b6:fb:a7:ea:0d:a1:51: b9:80:4d:6c:f5:ea:4d:cd:74:ec:12:2e:b0:80:b3:55:ba:36: 2d:b9:af:5f:82:e1:a2:89:a1:47:63:d1:85:67:a5:56:00:c9: bc:87:ed:00:88:bb:12:3b:8a:13:af:62:b1:e6:3b:38:87:11: 36:82:e0:78:43:20:9d:cf:01:4f:53:a4:55:3f:53:97:56:1c: 1f:07:0f:a4:44:55:d3:cb:8f:54:e5:56:42:2c:14:c7:f4:6c: 47:fe:74:ca:5c:e9:5c:5b:0d:f4:47:4c:58:69:df:e6:2e:2b: f6:1a:ea:49:2a:49:c7:88:8b:7c:24:ca:92:ea:ee:5f:18:34: 60:4a:84:1c:d7:9c:91:f1:a4:74:5e:d8:39:f3:a3:f2:a3:54: 95:1b:73:1b:cf:ef:7b:4e:85:26:65:2d:f8:e5:08:c6:04:ec: 2e:a4:5f:54:14:7c:a6:e6:d0:ec:eb:83:52:00:bc:03:95:d0: 4e:e0:2b:8b:f6:a0:83:15:b1:f6:83:24:cc:f6:a3:b6:24:3c: 1c:80:69:98 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUP2QMa0xP80map3c27QFvW+pE1rEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjhaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDU3ZGQ5ZGMyMTUzMTk5NmMwMGVlOTY1MzdiZjQ5MmIyN2U4M2IxMDk5M2Fi ZTlkOTUwODM0NGI5NGNlZmJlYzkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK43SPUS0ZkASpBsNRxVyKQMjgS5SY+fVt0N0ToVxcIBlO7sxROK1NnOS4df VIduT+6LCHb3xaFE30EshKvw+2ViCrBsk/dEdHRORSHOZkVX7cLWBcisRPqxOOTk mHc3DyUj5VsH0HJWyjMl1wh9hkTAPgNasH+PY6uytrPnPSzfVanWTGYm2KZ9z1b+ VOX71C6MLNQXzOd8IPzMsgtOGvJpn//5bxG8puFMv/vYaQ0aIesZJs8feTjxGnWt OyjCSUoqsjabnprCtyEtH07w2L3hGYNJGIoWP5XJ+ZyStYluItmIygB8vThtxgqW MjlbDwY36r7lp3EDAjNqTY/IiDMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/NSAa yvrWPgHgvZPBls1UjuqAijAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MDFiMjVmMzctYTg2OC00N2Y5LWJjNjEtOTUzOTcwODhkY2RmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgvjAN BgkqhkiG9w0BAQsFAAOCAQEAsoRi9dSRuSkFWTSLUTp/AvCwdm4kMzaYsZyAbAy7 0eWIMMRZbEMNV5AKeMoKjOy2+6fqDaFRuYBNbPXqTc107BIusICzVbo2LbmvX4Lh oomhR2PRhWelVgDJvIftAIi7EjuKE69iseY7OIcRNoLgeEMgnc8BT1OkVT9Tl1Yc HwcPpERV08uPVOVWQiwUx/RsR/50ylzpXFsN9EdMWGnf5i4r9hrqSSpJx4iLfCTK kuruXxg0YEqEHNeckfGkdF7YOfOj8qNUlRtzG8/ve06FJmUt+OUIxgTsLqRfVBR8 pubQ7OuDUgC8A5XQTuAri/aggxWx9oMkzPajtiQ8HIBpmA== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:46 2025 by rpki-client