This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa File: 16271914-dc77-4545-b526-a3ebfab5d63a.roa (raw, json) Hash identifier: xNW0FsZvLKMeSmePZGYYaKR8xTs9O+OBKChz6WSy360= Subject key identifier: 97:52:75:80:82:50:0C:86:75:67:3D:D7:FB:3F:0E:E7:DD:0E:C6:96 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 19878A67B9829EBD16BF2F4954F567D23BA2A90B Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa Signing time: Mon 08 Dec 2025 02:00:06 +0000 ROA not before: Mon 08 Dec 2025 02:00:06 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.224.192.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:87:8a:67:b9:82:9e:bd:16:bf:2f:49:54:f5:67:d2:3b:a2:a9:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:06 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=f1f67e7ea376117155adc6d433c982c358271e01b4da3cd3c727efcf84bbae36, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:88:5c:f5:55:4b:51:8e:46:a6:16:d0:90:9b: 69:48:12:fd:57:be:f9:2e:5e:20:24:86:b6:c6:8d: dd:62:49:7b:85:57:e9:a6:c1:f9:88:91:95:1c:2b: 10:10:f4:0a:b7:c9:15:90:ae:37:33:5d:92:cb:1e: 4c:75:20:a8:95:1d:8d:3c:91:35:a7:1f:98:0c:61: 44:6f:b9:d3:4a:5a:aa:77:e5:4f:b7:0a:62:42:f4: e6:94:e7:82:8b:59:7a:d7:25:12:a4:cc:ca:22:d9: 05:4e:ef:33:6c:0b:8b:c8:2d:65:83:d3:e6:bb:41: ef:b2:a8:e4:05:3b:1c:5b:c7:5d:e0:d0:4f:e2:44: 70:77:fa:5f:af:99:60:62:99:6d:7b:b3:a6:7b:51: df:b7:9f:57:15:08:af:73:77:d3:95:9d:29:59:be: fe:76:10:1e:2e:d7:40:2e:bc:57:dc:9e:ab:c9:c1: 55:4a:58:ca:01:de:23:e4:ba:22:01:62:0b:30:85: 61:98:f2:dc:c1:7f:20:b5:fa:c9:7b:58:df:b6:35: fd:15:14:6c:8e:61:b5:55:8e:bb:13:8f:7c:c1:52: bd:fb:a1:e6:de:47:e4:7c:86:23:ff:ec:fe:ca:3b: 69:9c:7a:56:20:06:4c:82:99:cd:33:d2:43:1c:4e: eb:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:52:75:80:82:50:0C:86:75:67:3D:D7:FB:3F:0E:E7:DD:0E:C6:96 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.224.192.0/23 Signature Algorithm: sha256WithRSAEncryption 16:04:ed:55:98:1d:2f:46:28:df:b3:e1:df:f2:17:22:a1:cb: ad:2b:16:5a:43:d0:b5:3d:4b:cb:e2:95:a0:e8:74:eb:ad:64: 57:23:a5:3d:0a:46:3d:c7:f3:d2:c5:d0:03:51:80:04:5b:78: 7d:a1:23:fd:da:e8:c4:bc:20:71:2d:73:47:f2:20:bc:89:cb: 4b:a9:ed:8e:da:34:c7:b6:b2:7c:10:9a:76:8f:ba:35:00:32: 11:c7:19:15:bb:b4:24:b3:65:3c:0a:41:26:b2:91:92:e1:05: 40:e1:a8:6e:72:7b:51:16:4e:e0:f2:88:45:d7:c7:10:88:e8: d3:f4:18:e5:40:d4:74:3d:60:f0:12:15:d4:c5:0b:3c:1c:10: 96:c0:78:7d:34:ab:cb:e2:5c:2a:0d:46:e5:78:e3:55:4d:f4: ed:7d:4d:da:17:5a:44:6d:00:56:b7:d0:bf:ef:5c:5d:4c:a4: 9a:ee:ab:09:51:bc:29:86:aa:fe:10:74:71:2e:92:36:66:c9: a5:bc:e9:31:21:d7:3d:fa:42:04:96:99:58:7e:fc:11:ca:51: 7a:3d:2d:d4:e9:75:5a:16:b8:30:c7:ed:08:0d:21:96:81:15: 2f:eb:4d:46:a9:14:d3:8a:fd:92:7c:87:24:0d:8e:14:9c:e3: b5:c9:a5:c2 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUGYeKZ7mCnr0Wvy9JVPVn0juiqQswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMDZaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQGYxZjY3ZTdlYTM3NjExNzE1NWFkYzZkNDMzYzk4MmMzNTgyNzFlMDFiNGRh M2NkM2M3MjdlZmNmODRiYmFlMzYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJqIXPVVS1GORqYW0JCbaUgS/Ve++S5eICSGtsaN3WJJe4VX6abB+YiRlRwr EBD0CrfJFZCuNzNdksseTHUgqJUdjTyRNacfmAxhRG+500paqnflT7cKYkL05pTn gotZetclEqTMyiLZBU7vM2wLi8gtZYPT5rtB77Ko5AU7HFvHXeDQT+JEcHf6X6+Z YGKZbXuzpntR37efVxUIr3N305WdKVm+/nYQHi7XQC68V9yeq8nBVUpYygHeI+S6 IgFiCzCFYZjy3MF/ILX6yXtY37Y1/RUUbI5htVWOuxOPfMFSvfuh5t5H5HyGI//s /so7aZx6ViAGTIKZzTPSQxxO68cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSXUnWA glAMhnVnPdf7Pw7n3Q7GljAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MTYyNzE5MTQtZGM3Ny00NTQ1LWI1MjYtYTNlYmZhYjVkNjNhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgwDAN BgkqhkiG9w0BAQsFAAOCAQEAFgTtVZgdL0Yo37Ph3/IXIqHLrSsWWkPQtT1Ly+KV oOh0661kVyOlPQpGPcfz0sXQA1GABFt4faEj/droxLwgcS1zR/IgvInLS6ntjto0 x7ayfBCado+6NQAyEccZFbu0JLNlPApBJrKRkuEFQOGobnJ7URZO4PKIRdfHEIjo 0/QY5UDUdD1g8BIV1MULPBwQlsB4fTSry+JcKg1G5XjjVU307X1N2hdaRG0AVrfQ v+9cXUykmu6rCVG8KYaq/hB0cS6SNmbJpbzpMSHXPfpCBJaZWH78EcpRej0t1Ol1 Wha4MMftCA0hloEVL+tNRqkU04r9knyHJA2OFJzjtcmlwg== -----END CERTIFICATE-----Generated at Fri Dec 19 23:20:42 2025 by rpki-client