This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa File: 970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa (raw, json) Hash identifier: lQqJC47I80qGwe9n2xo45ZMiMiizpspZmTeCUwoK5ag= Subject key identifier: C4:03:8F:1D:C3:6D:84:E8:6D:B4:8E:5D:CA:92:66:A0:42:9B:D5:55 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 42AD28DDC1C95C5BEC7E2B339476897C84C12636 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa Signing time: Mon 08 Dec 2025 02:00:10 +0000 ROA not before: Mon 08 Dec 2025 02:00:10 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.16.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:ad:28:dd:c1:c9:5c:5b:ec:7e:2b:33:94:76:89:7c:84:c1:26:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:10 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=8eb495154258ead050fd8dff74b1ef7bed98f06b2dade09df2f24cdabaac0678, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:70:54:fb:02:ad:d8:ac:9a:4e:33:9b:db:58: c6:d5:a5:d8:40:4b:61:4e:7e:58:27:fd:65:a8:2f: 8d:be:90:a3:96:d9:28:ed:e3:e3:f4:6c:83:a0:24: c3:41:62:30:77:fa:20:79:e0:4f:72:3e:a6:08:34: 07:f1:a2:47:00:ab:91:34:4a:5c:cc:28:ad:f8:83: f5:cb:00:88:3e:6a:ef:c7:f7:84:22:19:a0:48:22: 05:72:2a:49:1d:c5:1e:93:83:8d:ce:46:e6:98:c3: 91:78:54:09:3e:51:36:24:da:d4:d2:77:dc:3c:3a: 38:79:dc:eb:e1:78:35:ed:23:5a:42:6b:c7:b1:75: 1d:dd:fe:6c:ce:27:3c:b2:b3:84:ad:ae:84:2a:cf: 57:82:28:47:f2:22:b3:35:23:8d:c8:98:ad:d9:76: 08:89:c3:a5:1e:85:3a:ff:8e:a9:a3:d8:44:c5:ab: 04:b9:dd:d2:bc:57:73:1d:5b:35:7e:7a:a3:77:5c: 52:b4:78:9b:68:ea:6a:fd:1d:dc:43:cb:d8:14:cb: 54:c3:a8:ad:6e:79:3c:8a:b8:8d:73:25:4e:d7:3c: 8a:16:6c:e5:a4:52:54:6b:9b:7a:9f:cf:99:50:5a: 31:70:e0:62:db:6a:a3:25:20:38:42:64:03:f4:dd: 88:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:03:8F:1D:C3:6D:84:E8:6D:B4:8E:5D:CA:92:66:A0:42:9B:D5:55 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.16.0/21 Signature Algorithm: sha256WithRSAEncryption 9c:f3:7a:30:11:94:a0:6a:b5:e8:2d:f7:89:14:ff:b0:74:0b: dd:88:56:5a:64:c3:42:94:75:49:e7:21:db:21:76:86:1e:8a: 5c:79:83:dd:9b:5b:2e:17:dd:c6:d9:30:39:25:f3:0f:4b:f1: ed:2f:ff:5e:1a:59:ea:83:f7:77:a9:26:16:46:3a:5f:37:7e: 2c:69:5e:39:6e:f2:a5:b7:d9:8f:26:20:9d:c9:6c:61:e8:38: a5:25:28:70:02:50:97:c7:c1:de:c3:4b:e4:5c:f2:60:17:68: 23:cd:23:5b:44:04:96:32:c8:6f:8a:59:81:c4:69:c0:90:d4: 9a:b6:be:0a:96:5e:d8:9b:29:a2:f5:a0:5a:47:6e:d1:58:74: bd:0f:d5:02:b1:31:af:f7:2f:ad:6a:8f:b0:79:a6:6d:95:11: 48:11:26:7e:c5:7d:58:6a:6d:b5:bb:1e:50:a7:b9:9e:13:62: fc:91:ef:fd:65:a6:9d:33:22:f8:49:dc:25:f0:ec:f5:54:bf: e4:85:af:3f:11:06:73:92:03:23:8d:ca:17:85:b9:95:74:92: 4b:05:e9:1b:22:ab:1d:33:62:c6:9b:7b:6a:70:cb:48:24:2a: 00:aa:38:7d:33:15:2e:0c:87:a5:27:af:53:12:48:3e:6b:1a: 90:df:88:46 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUQq0o3cHJXFvsfiszlHaJfITBJjYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMTBaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDhlYjQ5NTE1NDI1OGVhZDA1MGZkOGRmZjc0YjFlZjdiZWQ5OGYwNmIyZGFk ZTA5ZGYyZjI0Y2RhYmFhYzA2NzgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKVwVPsCrdismk4zm9tYxtWl2EBLYU5+WCf9Zagvjb6Qo5bZKO3j4/Rsg6Ak w0FiMHf6IHngT3I+pgg0B/GiRwCrkTRKXMworfiD9csAiD5q78f3hCIZoEgiBXIq SR3FHpODjc5G5pjDkXhUCT5RNiTa1NJ33Dw6OHnc6+F4Ne0jWkJrx7F1Hd3+bM4n PLKzhK2uhCrPV4IoR/IiszUjjciYrdl2CInDpR6FOv+OqaPYRMWrBLnd0rxXcx1b NX56o3dcUrR4m2jqav0d3EPL2BTLVMOorW55PIq4jXMlTtc8ihZs5aRSVGubep/P mVBaMXDgYttqoyUgOEJkA/TdiCECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEA48d w22E6G20jl3KkmagQpvVVTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv OTcwYmFhNTMtYzRkYy00YzJhLTk2ZDUtY2I0MTA3ZDFkOGFiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAEDAN BgkqhkiG9w0BAQsFAAOCAQEAnPN6MBGUoGq16C33iRT/sHQL3YhWWmTDQpR1Sech 2yF2hh6KXHmD3ZtbLhfdxtkwOSXzD0vx7S//XhpZ6oP3d6kmFkY6Xzd+LGleOW7y pbfZjyYgnclsYeg4pSUocAJQl8fB3sNL5FzyYBdoI80jW0QEljLIb4pZgcRpwJDU mra+CpZe2JspovWgWkdu0Vh0vQ/VArExr/cvrWqPsHmmbZURSBEmfsV9WGpttbse UKe5nhNi/JHv/WWmnTMi+EncJfDs9VS/5IWvPxEGc5IDI43KF4W5lXSSSwXpGyKr HTNixpt7anDLSCQqAKo4fTMVLgyHpSevUxJIPmsakN+IRg== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:46 2025 by rpki-client