This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa File: 28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa (raw, json) Hash identifier: 2Iw7TvV9yZO+eMbIxFRptsrgXI/kibswHDvACtrqg7o= Subject key identifier: AB:1A:03:9C:14:D7:E3:2D:9F:93:AB:95:A1:75:A3:AA:E2:A1:A7:9F Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 47B66965593093CB5B9C5531BC715DD9594C2042 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa Signing time: Mon 08 Dec 2025 02:00:24 +0000 ROA not before: Mon 08 Dec 2025 02:00:24 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.224.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:b6:69:65:59:30:93:cb:5b:9c:55:31:bc:71:5d:d9:59:4c:20:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:24 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=6f94f5a4547e6cbe4e44513e4524347a4277858ae6543d6bd83463c3bceec98f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:9c:1e:05:74:09:f4:d9:7d:7d:3c:8f:56:dc: 17:5c:61:e1:ec:ce:5d:2c:25:3d:7f:24:f6:54:55: 15:af:e0:41:56:84:1b:f9:1d:79:2c:de:05:b8:8c: 8f:97:64:23:55:bc:10:27:aa:f3:1e:30:28:46:a0: 0a:f3:01:ba:60:ab:f1:0b:bd:70:fd:7b:70:0e:6d: 48:a8:a1:4d:38:25:66:3c:39:e4:6c:b0:21:61:82: ad:d8:6f:17:10:8d:d8:27:31:17:c8:e4:50:c3:7a: c2:a9:2e:43:8c:93:a9:60:56:6c:e8:33:3d:e5:2f: 77:7f:c4:d2:5c:65:d5:e6:09:ad:8f:73:fa:2d:59: 45:ec:95:87:ae:a4:f0:09:4a:ca:90:74:e9:19:bb: ca:09:b4:7f:28:59:71:5f:2b:14:34:37:48:98:09: ca:56:79:34:4e:2e:62:a6:74:cd:ff:a1:2e:ca:c7: 14:b9:c3:93:99:8c:86:38:34:63:a1:0d:08:53:40: 97:e6:2d:c3:59:9e:0e:af:4a:6e:47:fe:42:4b:0e: 88:61:6b:ef:2e:a4:86:09:bd:63:66:bf:5a:67:f8: a6:c9:a7:c6:c8:1d:29:1f:dd:ec:1c:54:6b:df:87: c4:76:fc:5b:d6:94:42:e3:1b:7e:09:c9:aa:6b:fc: 67:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:1A:03:9C:14:D7:E3:2D:9F:93:AB:95:A1:75:A3:AA:E2:A1:A7:9F X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.224.0.0/15 Signature Algorithm: sha256WithRSAEncryption 38:df:ee:ae:d2:d4:9c:78:f3:c9:80:71:8f:65:02:b9:e4:5e: be:71:e1:d4:26:11:8a:fd:3a:5d:be:f5:6d:a6:c0:50:b3:81: 60:bd:94:29:46:3b:3e:1b:ce:c6:c5:9a:f8:5f:17:9c:8b:2a: 67:ed:49:ea:b0:6a:e7:db:b2:d9:11:84:e2:2e:2a:2b:04:41: 5f:f8:39:6f:6b:0b:27:c4:c1:93:c0:ab:19:ae:da:e4:59:be: a8:1f:c7:bc:89:57:6c:58:62:bb:8b:d5:14:c1:2d:10:55:3f: d3:19:12:53:ee:41:25:2b:db:f0:46:f7:87:1c:6b:3d:16:eb: ba:e8:19:84:2c:38:23:1f:8e:bd:06:8d:92:2d:46:62:31:cb: 7e:b3:b7:0a:ef:87:70:54:b9:27:fd:5f:ae:64:f3:e6:f8:12: 5c:93:0b:05:57:6a:33:4f:dc:87:a5:13:fe:fa:b3:09:2d:25: 39:c9:1e:05:1d:29:da:6a:6d:2c:d1:7a:e3:ee:48:7c:82:87: b0:97:9e:2c:cc:c3:93:ba:85:6f:53:55:33:f3:b8:31:65:47: c6:b8:1f:1b:74:cc:d7:c0:17:ca:21:77:49:00:ab:70:79:71: 09:17:e6:ed:7b:df:0a:d4:07:07:c5:56:06:1b:11:b4:e3:fc: f8:72:b7:64 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUR7ZpZVkwk8tbnFUxvHFd2VlMIEIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjRaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDZmOTRmNWE0NTQ3ZTZjYmU0ZTQ0NTEzZTQ1MjQzNDdhNDI3Nzg1OGFlNjU0 M2Q2YmQ4MzQ2M2MzYmNlZWM5OGYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI+cHgV0CfTZfX08j1bcF1xh4ezOXSwlPX8k9lRVFa/gQVaEG/kdeSzeBbiM j5dkI1W8ECeq8x4wKEagCvMBumCr8Qu9cP17cA5tSKihTTglZjw55GywIWGCrdhv FxCN2CcxF8jkUMN6wqkuQ4yTqWBWbOgzPeUvd3/E0lxl1eYJrY9z+i1ZReyVh66k 8AlKypB06Rm7ygm0fyhZcV8rFDQ3SJgJylZ5NE4uYqZ0zf+hLsrHFLnDk5mMhjg0 Y6ENCFNAl+Ytw1meDq9Kbkf+QksOiGFr7y6khgm9Y2a/Wmf4psmnxsgdKR/d7BxU a9+HxHb8W9aUQuMbfgnJqmv8Z1cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSrGgOc FNfjLZ+Tq5WhdaOq4qGnnzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv MjhkZDk0YjItOGU1MS00OTRmLTk5MzMtZjlmMmUwN2M2YWExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G CSqGSIb3DQEBCwUAA4IBAQA43+6u0tScePPJgHGPZQK55F6+ceHUJhGK/TpdvvVt psBQs4FgvZQpRjs+G87GxZr4Xxeciypn7UnqsGrn27LZEYTiLiorBEFf+Dlvawsn xMGTwKsZrtrkWb6oH8e8iVdsWGK7i9UUwS0QVT/TGRJT7kElK9vwRveHHGs9Fuu6 6BmELDgjH469Bo2SLUZiMct+s7cK74dwVLkn/V+uZPPm+BJckwsFV2ozT9yHpRP+ +rMJLSU5yR4FHSnaam0s0Xrj7kh8goewl54szMOTuoVvU1Uz87gxZUfGuB8bdMzX wBfKIXdJAKtweXEJF+bte98K1AcHxVYGGxG04/z4crdk -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:47 2025 by rpki-client