This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa File: 736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa (raw, json) Hash identifier: 4OcmJjkWZbwnOoiDLnk2raU6WkWLfY8t6ydFHMj+qA4= Subject key identifier: 9B:5A:7A:E6:5C:E8:B8:99:90:FF:9B:08:77:D2:92:79:AD:D0:D9:F3 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 47E51B02CD5445088A3672F888456D39676C5A98 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa Signing time: Mon 08 Dec 2025 02:00:29 +0000 ROA not before: Mon 08 Dec 2025 02:00:29 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.224.186.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:e5:1b:02:cd:54:45:08:8a:36:72:f8:88:45:6d:39:67:6c:5a:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:29 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=d2da0d27012e1bb390b1d1ee1f38575a2428d5ff0b3011e63b52841e6b50cb04, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:0d:49:42:6f:2d:de:1d:ec:7b:35:27:4c:97: 7c:5a:fb:06:ab:5d:0b:ac:b3:85:85:7b:6e:38:f4: 1c:c2:a9:95:74:0c:1b:ee:3b:02:54:21:69:92:7b: 87:c5:4c:e5:95:bb:62:7f:82:b9:0f:49:25:39:14: e3:04:6c:80:8d:7a:f3:c8:03:16:f7:e4:7f:e9:93: ae:f0:2c:9d:10:f1:b6:23:a7:32:99:f2:2d:89:84: b0:a6:83:e6:53:b2:96:97:ed:ef:47:65:09:2c:87: bd:3f:1f:11:6e:f5:d5:23:78:20:8c:26:d7:70:21: af:c4:00:50:65:ee:d3:b6:93:90:0d:b1:54:27:89: 36:8e:f2:e5:d0:ec:48:11:7e:01:9b:89:22:96:ff: 99:6b:34:b0:8b:88:cd:f8:da:49:5f:a7:25:05:a8: a7:be:3f:84:4c:cc:a3:59:21:c9:49:e8:01:93:e7: 47:51:ec:45:64:7f:b6:ec:89:ec:0e:7f:34:60:82: a4:92:e6:b6:ba:3a:6d:40:38:69:19:c5:2f:52:a4: fc:9b:98:2e:37:b5:df:e0:69:c8:b6:0d:24:7a:d3: 1b:ca:36:9b:08:9e:a3:5f:1b:f0:6d:f7:39:2e:fc: b9:24:07:9d:ce:2a:0b:d3:e7:9d:ef:4c:45:b6:b9: df:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:5A:7A:E6:5C:E8:B8:99:90:FF:9B:08:77:D2:92:79:AD:D0:D9:F3 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.224.186.0/23 Signature Algorithm: sha256WithRSAEncryption b1:50:b0:6b:99:69:92:78:f5:af:25:60:3b:29:5a:68:94:d9: 44:ec:d2:83:37:a5:e2:7c:7d:37:88:53:4f:79:11:d4:f1:97: c2:96:2b:49:1c:c8:36:b2:b6:6c:69:a3:58:3f:9b:10:11:5f: 14:59:43:0f:77:09:59:7c:b6:57:94:2b:9d:da:ed:2f:c0:0c: 02:75:57:01:4e:fa:2e:e0:f7:6d:41:ba:c2:26:4f:8f:4a:cc: 3d:ba:d0:49:a5:f8:bb:a2:93:84:f1:a9:bb:fd:6c:af:f4:80: a1:dc:96:05:4f:93:32:c3:b7:3c:b4:ae:c2:04:8a:9f:fc:7d: c4:31:2d:20:80:47:ca:69:56:e8:c3:1f:2f:53:aa:0c:74:03: b9:3d:41:4c:8f:46:04:fa:21:c6:c7:b5:72:d9:91:1c:e7:b3: 7d:a7:53:ac:7c:a4:35:69:5c:40:df:9e:73:c0:d4:bd:a8:b2: 21:1f:d1:2c:d4:bc:8e:34:8f:bd:e0:de:74:bf:c0:5b:52:7d: c6:5e:22:a2:02:6b:7b:60:c5:ec:1a:ea:fd:ba:97:34:e4:a0: 54:4f:f5:ca:05:50:1b:6a:34:02:3a:da:10:dd:06:37:0e:28: d8:d1:29:aa:28:ac:da:b0:36:18:9f:f3:55:db:43:f5:86:80: 40:10:08:f3 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUR+UbAs1URQiKNnL4iEVtOWdsWpgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjlaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQGQyZGEwZDI3MDEyZTFiYjM5MGIxZDFlZTFmMzg1NzVhMjQyOGQ1ZmYwYjMw MTFlNjNiNTI4NDFlNmI1MGNiMDQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkNSUJvLd4d7Hs1J0yXfFr7BqtdC6yzhYV7bjj0HMKplXQMG+47AlQhaZJ7 h8VM5ZW7Yn+CuQ9JJTkU4wRsgI1688gDFvfkf+mTrvAsnRDxtiOnMpnyLYmEsKaD 5lOylpft70dlCSyHvT8fEW711SN4IIwm13Ahr8QAUGXu07aTkA2xVCeJNo7y5dDs SBF+AZuJIpb/mWs0sIuIzfjaSV+nJQWop74/hEzMo1khyUnoAZPnR1HsRWR/tuyJ 7A5/NGCCpJLmtro6bUA4aRnFL1Kk/JuYLje13+BpyLYNJHrTG8o2mwieo18b8G33 OS78uSQHnc4qC9Pnne9MRba536ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSbWnrm XOi4mZD/mwh30pJ5rdDZ8zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NzM2YWE2MGUtZDRlMi00Y2E1LWI5NmItYzY0ZDhmYTE4ZGMxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgujAN BgkqhkiG9w0BAQsFAAOCAQEAsVCwa5lpknj1ryVgOylaaJTZROzSgzel4nx9N4hT T3kR1PGXwpYrSRzINrK2bGmjWD+bEBFfFFlDD3cJWXy2V5QrndrtL8AMAnVXAU76 LuD3bUG6wiZPj0rMPbrQSaX4u6KThPGpu/1sr/SAodyWBU+TMsO3PLSuwgSKn/x9 xDEtIIBHymlW6MMfL1OqDHQDuT1BTI9GBPohxse1ctmRHOezfadTrHykNWlcQN+e c8DUvaiyIR/RLNS8jjSPveDedL/AW1J9xl4iogJre2DF7Brq/bqXNOSgVE/1ygVQ G2o0AjraEN0GNw4o2NEpqiis2rA2GJ/zVdtD9YaAQBAI8w== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:51 2025 by rpki-client