This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/20d3dbf0-2683-4a01-a00b-6e292c832b53.roa File: 20d3dbf0-2683-4a01-a00b-6e292c832b53.roa (raw, json) Hash identifier: hLfF/yyoMiJWnx4uq1f0vnNPgzUjN7oXyIcx2wGNBMo= Subject key identifier: FA:2C:AA:82:10:9D:71:00:9C:55:07:1D:E1:83:F8:8A:BC:19:BC:14 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 61E6953347D519A3D9A7747C6F0DA683AC7D1203 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/20d3dbf0-2683-4a01-a00b-6e292c832b53.roa Signing time: Mon 08 Dec 2025 02:00:05 +0000 ROA not before: Mon 08 Dec 2025 02:00:05 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.128.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:e6:95:33:47:d5:19:a3:d9:a7:74:7c:6f:0d:a6:83:ac:7d:12:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:05 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=035c86a31f0812b446faf686c1c80bb61d2076d69048cbf8a310cddfa306bbfa, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:6d:91:e6:44:5f:29:24:df:8f:a5:a0:11:69: 49:92:42:17:20:96:9d:c5:c4:01:8e:c0:77:a9:fd: 74:5b:4b:0c:b4:0e:30:44:8b:9c:80:10:f6:d3:9b: e8:28:63:4e:d9:3c:42:c5:7a:17:14:43:c8:2c:99: ee:a7:5f:eb:bf:92:18:74:45:c4:16:67:ff:25:6a: d9:d9:b6:ec:15:d5:6d:8f:10:42:a1:c5:9a:39:3b: da:44:12:78:08:dc:5b:cb:08:b0:13:70:fe:96:25: 21:4f:04:b1:77:16:87:e3:40:f9:84:aa:3e:71:06: dd:83:a0:0f:07:a2:6a:f5:0e:6c:c6:ae:78:3c:79: bc:13:50:01:73:87:5f:43:c1:c7:3d:ed:9c:b4:7e: 95:2f:5a:73:ab:98:81:6d:27:31:26:07:43:8c:61: 96:86:11:56:bb:36:12:f5:35:36:31:f7:e6:97:f3: c2:89:02:c2:92:4a:1b:0e:2f:05:18:f1:70:f3:54: 7e:26:a4:89:ad:3a:74:a4:01:2e:01:5d:e4:ea:0e: 4b:ed:00:9b:cf:12:90:17:4d:ba:ca:67:ef:ba:a2: f7:5b:8f:1b:83:56:7f:da:99:89:b0:1c:ec:fd:e6: ec:4f:09:be:22:58:f2:b1:f6:23:2c:39:2f:76:69: c7:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:2C:AA:82:10:9D:71:00:9C:55:07:1D:E1:83:F8:8A:BC:19:BC:14 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/20d3dbf0-2683-4a01-a00b-6e292c832b53.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.128.0/21 Signature Algorithm: sha256WithRSAEncryption c9:3f:ee:ec:51:d4:78:99:c8:12:b6:0a:04:a1:86:fa:11:00: c2:7a:cb:77:ac:29:9b:65:32:71:06:74:e6:ed:ec:64:a4:35: 0e:7d:17:51:f3:66:a2:7a:91:bb:1c:82:e3:f1:10:6c:48:61: 74:4b:4e:5b:3a:94:50:e2:8b:f7:0d:35:b6:df:78:29:ce:58: 34:7d:c1:60:58:ce:dc:07:11:89:42:e9:72:04:d7:5f:9b:d1: 1b:0c:5c:36:bf:c8:b4:75:2e:f5:19:1a:fd:33:3a:75:72:7e: 20:f0:a9:26:98:03:ba:61:a2:12:9e:4c:b0:48:50:04:f0:9b: 91:88:b7:b8:de:60:d0:b5:b2:26:ce:e1:99:e1:cf:9b:09:18: 8e:cd:aa:0c:e5:86:09:a6:47:9d:07:87:88:4c:69:6d:e7:af: 22:20:f9:2c:a3:1c:9c:5d:22:92:ad:58:50:81:df:bd:a2:4a: 89:ac:14:37:56:e4:3c:96:f8:52:15:20:a4:f1:01:a7:e6:a2: 03:9d:ee:ae:53:43:d4:f9:5f:ee:9f:98:9b:8b:75:be:df:6e: 93:39:12:12:de:e3:50:a4:4f:f3:c4:b6:1a:23:0d:b1:ec:48: b8:f5:e1:17:fb:0d:74:60:37:33:ba:a6:ef:1d:bb:a4:6b:6f: 0c:20:35:b8 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUYeaVM0fVGaPZp3R8bw2mg6x9EgMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMDVaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDAzNWM4NmEzMWYwODEyYjQ0NmZhZjY4NmMxYzgwYmI2MWQyMDc2ZDY5MDQ4 Y2JmOGEzMTBjZGRmYTMwNmJiZmExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPRtkeZEXykk34+loBFpSZJCFyCWncXEAY7Ad6n9dFtLDLQOMESLnIAQ9tOb 6ChjTtk8QsV6FxRDyCyZ7qdf67+SGHRFxBZn/yVq2dm27BXVbY8QQqHFmjk72kQS eAjcW8sIsBNw/pYlIU8EsXcWh+NA+YSqPnEG3YOgDweiavUObMaueDx5vBNQAXOH X0PBxz3tnLR+lS9ac6uYgW0nMSYHQ4xhloYRVrs2EvU1NjH35pfzwokCwpJKGw4v BRjxcPNUfiakia06dKQBLgFd5OoOS+0Am88SkBdNuspn77qi91uPG4NWf9qZibAc 7P3m7E8JviJY8rH2Iyw5L3Zpx30CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT6LKqC EJ1xAJxVBx3hg/iKvBm8FDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MjBkM2RiZjAtMjY4My00YTAxLWEwMGItNmUyOTJjODMyYjUzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAgDAN BgkqhkiG9w0BAQsFAAOCAQEAyT/u7FHUeJnIErYKBKGG+hEAwnrLd6wpm2UycQZ0 5u3sZKQ1Dn0XUfNmonqRuxyC4/EQbEhhdEtOWzqUUOKL9w01tt94Kc5YNH3BYFjO 3AcRiULpcgTXX5vRGwxcNr/ItHUu9Rka/TM6dXJ+IPCpJpgDumGiEp5MsEhQBPCb kYi3uN5g0LWyJs7hmeHPmwkYjs2qDOWGCaZHnQeHiExpbeevIiD5LKMcnF0ikq1Y UIHfvaJKiawUN1bkPJb4UhUgpPEBp+aiA53urlND1Plf7p+Ym4t1vt9ukzkSEt7j UKRP88S2GiMNsexIuPXhF/sNdGA3M7qm7x27pGtvDCA1uA== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:48 2025 by rpki-client