This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2a38309-dc8f-4fea-abcb-43fd0ba79d30.roa File: a2a38309-dc8f-4fea-abcb-43fd0ba79d30.roa (raw, json) Hash identifier: rmLE1DQWIlOw5bVqt8hON8wyeJ9Sl+AdhEzMWUzn+Ww= Subject key identifier: 58:CB:AB:A3:5D:80:9B:68:47:FD:F4:AE:1E:1C:8F:48:DF:0C:B9:13 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 2AB919FB29AD4A2EAAD9B1A7AD89FC24153B353F Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2a38309-dc8f-4fea-abcb-43fd0ba79d30.roa Signing time: Mon 08 Dec 2025 02:00:07 +0000 ROA not before: Mon 08 Dec 2025 02:00:07 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.128.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:b9:19:fb:29:ad:4a:2e:aa:d9:b1:a7:ad:89:fc:24:15:3b:35:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:07 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=0ab797b072690e8fb3e15cf9afaf682e97eab7d3c3c78e5659bc5d585dab0abf, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ab:30:30:68:73:b4:9c:b2:78:73:db:5a:06: bd:54:41:99:c2:5f:e3:40:15:07:ec:b0:88:43:21: 66:08:bd:2e:b8:8a:e5:7b:5b:c6:97:2d:28:9c:83: 6c:d6:f7:e5:d8:ee:a8:52:ad:be:a7:f2:4a:a6:85: 74:65:51:fa:09:8d:4e:98:e0:b0:b3:87:d2:85:8e: f4:00:8f:9b:3d:67:4f:2d:ff:ca:74:8f:fd:ef:0c: 1b:20:2b:69:e9:3f:d9:d6:06:c5:e9:17:55:08:16: d2:0c:f9:60:83:37:11:09:3d:56:de:9c:e6:5b:84: 5a:d1:c5:f7:da:a7:92:ea:e6:04:98:a5:48:ee:25: 8f:20:4f:c6:dc:3a:d9:9d:11:11:dc:32:fc:ba:93: ec:e5:7c:38:9d:aa:81:89:da:da:25:c9:e2:7e:1f: a8:ca:16:c1:4e:5f:17:30:61:9b:ee:dd:77:ed:2c: 46:70:cf:7e:51:f3:fc:b7:ef:74:6a:05:9e:ef:c5: 56:97:e7:cf:da:35:12:d8:3c:dc:4f:f5:ac:b5:b3: fd:e6:6d:39:8b:39:a4:19:77:34:82:a5:1a:f3:1f: ef:8b:0e:86:0b:35:17:d1:12:9e:d5:ee:56:93:0a: d7:a4:a9:ae:76:70:a0:ae:b3:d4:57:9c:99:05:0e: 33:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:CB:AB:A3:5D:80:9B:68:47:FD:F4:AE:1E:1C:8F:48:DF:0C:B9:13 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2a38309-dc8f-4fea-abcb-43fd0ba79d30.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.128.0/22 Signature Algorithm: sha256WithRSAEncryption 91:01:62:b1:63:e0:46:a7:83:f6:fc:f5:22:08:ba:ea:3c:48: e8:a5:c9:ad:7e:93:3f:94:60:cb:ad:2f:10:3e:bd:f5:d9:f9: 5a:93:65:8c:32:b2:4b:aa:06:64:93:b2:0d:ff:c1:cd:97:ce: bf:e8:81:f3:58:a3:c5:4e:5f:78:41:9f:25:8f:32:80:1f:e5: 5d:8e:46:e8:ef:58:1e:b7:13:a7:be:e8:af:27:82:36:01:34: bb:5b:62:f0:37:17:3a:e9:c8:2c:02:ea:3d:f4:3f:d0:f2:fe: a3:fd:2f:64:d5:13:14:89:5e:1f:64:8b:ed:b2:2b:00:2b:88: d5:17:34:bd:55:68:90:28:1d:b1:e7:cc:34:32:96:4b:49:e2: b7:1b:c7:f4:3a:79:1e:02:a2:7c:cf:70:2f:16:08:fa:9e:e7: f3:88:d1:4d:f0:e8:08:2e:2c:8c:6d:90:0e:43:20:72:3c:81: ae:1c:e7:70:21:e9:24:e6:d2:32:d7:b4:e5:34:5e:4d:83:3a: cb:d3:00:c3:e8:6b:db:f0:e3:8b:65:1a:f3:3e:a1:24:91:73: 1c:b0:20:75:ce:cb:0e:45:f1:19:89:6c:e2:7a:37:78:20:eb: 42:6a:2c:09:78:9d:44:0c:83:f1:67:af:42:38:b4:be:2f:a0: 3c:d4:75:58 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUKrkZ+ymtSi6q2bGnrYn8JBU7NT8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMDdaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDBhYjc5N2IwNzI2OTBlOGZiM2UxNWNmOWFmYWY2ODJlOTdlYWI3ZDNjM2M3 OGU1NjU5YmM1ZDU4NWRhYjBhYmYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM+rMDBoc7Scsnhz21oGvVRBmcJf40AVB+ywiEMhZgi9LriK5XtbxpctKJyD bNb35djuqFKtvqfySqaFdGVR+gmNTpjgsLOH0oWO9ACPmz1nTy3/ynSP/e8MGyAr aek/2dYGxekXVQgW0gz5YIM3EQk9Vt6c5luEWtHF99qnkurmBJilSO4ljyBPxtw6 2Z0REdwy/LqT7OV8OJ2qgYna2iXJ4n4fqMoWwU5fFzBhm+7dd+0sRnDPflHz/Lfv dGoFnu/FVpfnz9o1Etg83E/1rLWz/eZtOYs5pBl3NIKlGvMf74sOhgs1F9ESntXu VpMK16SprnZwoK6z1FecmQUOMykCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYy6uj XYCbaEf99K4eHI9I3wy5EzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YTJhMzgzMDktZGM4Zi00ZmVhLWFiY2ItNDNmZDBiYTc5ZDMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMAgDAN BgkqhkiG9w0BAQsFAAOCAQEAkQFisWPgRqeD9vz1Igi66jxI6KXJrX6TP5Rgy60v ED699dn5WpNljDKyS6oGZJOyDf/BzZfOv+iB81ijxU5feEGfJY8ygB/lXY5G6O9Y HrcTp77oryeCNgE0u1ti8DcXOunILALqPfQ/0PL+o/0vZNUTFIleH2SL7bIrACuI 1Rc0vVVokCgdsefMNDKWS0nitxvH9Dp5HgKifM9wLxYI+p7n84jRTfDoCC4sjG2Q DkMgcjyBrhzncCHpJObSMte05TReTYM6y9MAw+hr2/Dji2Ua8z6hJJFzHLAgdc7L DkXxGYls4no3eCDrQmosCXidRAyD8WevQji0vi+gPNR1WA== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:49 2025 by rpki-client