This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/78f049e0-a9a9-4ac6-aeaf-9fde546d76b5.roa File: 78f049e0-a9a9-4ac6-aeaf-9fde546d76b5.roa (raw, json) Hash identifier: oR9SYt2AiHAOjautnRdgtjDbXl2DTlyolEq8BfrjBRI= Subject key identifier: 7A:EF:3F:17:6C:04:95:79:07:D6:33:EE:9A:39:74:32:78:90:81:64 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 027BB4B69CE29D3EE03CF2C62542F2531D526C81 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/78f049e0-a9a9-4ac6-aeaf-9fde546d76b5.roa Signing time: Mon 08 Dec 2025 02:00:22 +0000 ROA not before: Mon 08 Dec 2025 02:00:22 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:7b:b4:b6:9c:e2:9d:3e:e0:3c:f2:c6:25:42:f2:53:1d:52:6c:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:22 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=2c08c81bbb9fe89df2975049700ea0bcb7440d13ea301412104e0d90283ad622, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:99:02:8b:dd:33:75:a9:b9:d8:df:77:50:b6: f6:47:25:96:29:3d:d5:7f:bf:63:06:69:31:fb:3b: d3:c5:2b:18:a1:bd:0c:2b:90:c2:7a:cd:42:b0:5f: 09:1b:b3:6b:cb:74:fb:b4:2c:1c:dd:26:45:cf:08: eb:57:d6:66:af:cc:01:18:21:e0:9e:88:32:3b:82: 75:02:a2:31:a3:ec:05:d1:e9:d9:26:2e:81:fa:d8: 5a:3f:7c:46:21:b3:c1:7b:28:e5:e9:80:1a:03:86: e0:94:77:68:c4:e1:e3:11:56:5a:20:2d:af:bc:42: 2d:3e:9f:59:53:76:90:24:a4:ea:64:d5:29:ec:5d: a4:8e:f1:6c:40:44:b7:aa:c9:1a:6b:c5:8f:d4:e2: 51:74:84:08:e9:a9:8d:97:e2:9c:ff:bd:54:31:ed: c9:cd:56:22:14:e5:cb:73:a5:3a:1b:b1:24:c1:20: f0:b4:6f:bf:0d:b6:d3:d0:7f:c9:03:3f:5e:94:bf: 39:31:32:a0:51:f3:86:ce:d1:db:28:39:28:58:99: d3:a8:7f:2e:4b:12:24:0f:09:0f:db:f6:2c:cd:af: 79:80:5d:68:59:fc:af:1f:0b:93:31:a7:c0:13:5a: ae:7d:e9:9c:31:1c:65:06:40:2c:13:8a:61:2f:cc: f9:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:EF:3F:17:6C:04:95:79:07:D6:33:EE:9A:39:74:32:78:90:81:64 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/78f049e0-a9a9-4ac6-aeaf-9fde546d76b5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.138.0/23 Signature Algorithm: sha256WithRSAEncryption ae:2c:c7:de:5c:01:37:00:2b:8b:b4:ce:96:4b:f5:f6:09:cb: e2:5d:ef:d1:a4:52:cf:34:ea:a8:56:37:f6:59:cb:53:40:75: ed:2c:99:90:78:a8:b1:17:a1:23:f2:ec:fd:db:3f:18:91:3b: 10:1e:29:4c:b3:fa:10:b0:b7:bb:96:09:7d:28:19:96:74:64: 86:04:0f:3c:ff:b3:74:2f:f6:20:b1:d6:c2:5c:c2:cd:36:7c: f8:af:3e:84:8e:79:e7:41:00:a5:cd:8e:73:70:ff:d3:be:8b: a7:2d:5f:66:5a:10:f9:12:e9:4d:31:f2:72:a2:3b:02:c4:4c: fc:e7:05:43:55:5d:bf:9a:40:da:b4:62:f0:ea:d9:92:41:06: d0:51:42:61:09:27:e4:47:51:de:fc:89:a9:83:88:9f:58:67: ba:d5:10:33:28:07:d2:4c:be:7f:e9:db:b8:0f:9d:dd:38:e0: ae:eb:67:86:40:94:a3:a0:17:76:6c:3c:77:b7:5d:6e:94:97: 44:af:29:b3:c1:da:ed:3a:b0:ef:86:70:25:04:c3:62:cc:00: 9c:19:73:74:0f:45:ce:a4:db:00:6f:ac:02:a9:bc:8a:b8:8a: ef:88:a6:f2:82:d2:bb:71:55:90:6d:ce:aa:af:e4:45:94:27: 00:64:0f:63 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUAnu0tpzinT7gPPLGJULyUx1SbIEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjJaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDJjMDhjODFiYmI5ZmU4OWRmMjk3NTA0OTcwMGVhMGJjYjc0NDBkMTNlYTMw MTQxMjEwNGUwZDkwMjgzYWQ2MjIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALeZAovdM3Wpudjfd1C29kcllik91X+/YwZpMfs708UrGKG9DCuQwnrNQrBf CRuza8t0+7QsHN0mRc8I61fWZq/MARgh4J6IMjuCdQKiMaPsBdHp2SYugfrYWj98 RiGzwXso5emAGgOG4JR3aMTh4xFWWiAtr7xCLT6fWVN2kCSk6mTVKexdpI7xbEBE t6rJGmvFj9TiUXSECOmpjZfinP+9VDHtyc1WIhTly3OlOhuxJMEg8LRvvw2209B/ yQM/XpS/OTEyoFHzhs7R2yg5KFiZ06h/LksSJA8JD9v2LM2veYBdaFn8rx8LkzGn wBNarn3pnDEcZQZALBOKYS/M+dMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR67z8X bASVeQfWM+6aOXQyeJCBZDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NzhmMDQ5ZTAtYTlhOS00YWM2LWFlYWYtOWZkZTU0NmQ3NmI1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMAijAN BgkqhkiG9w0BAQsFAAOCAQEArizH3lwBNwAri7TOlkv19gnL4l3v0aRSzzTqqFY3 9lnLU0B17SyZkHiosRehI/Ls/ds/GJE7EB4pTLP6ELC3u5YJfSgZlnRkhgQPPP+z dC/2ILHWwlzCzTZ8+K8+hI5550EApc2Oc3D/076Lpy1fZloQ+RLpTTHycqI7AsRM /OcFQ1Vdv5pA2rRi8OrZkkEG0FFCYQkn5EdR3vyJqYOIn1hnutUQMygH0ky+f+nb uA+d3TjgrutnhkCUo6AXdmw8d7ddbpSXRK8ps8Ha7Tqw74ZwJQTDYswAnBlzdA9F zqTbAG+sAqm8iriK74im8oLSu3FVkG3Oqq/kRZQnAGQPYw== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:50 2025 by rpki-client