This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a833bcbc-91ad-4e89-8666-86ec46002db6.roa File: a833bcbc-91ad-4e89-8666-86ec46002db6.roa (raw, json) Hash identifier: jt8szqqBWn1pVCGh1rlae19e9ZoOF8WJvi2RdA3Yyt8= Subject key identifier: E1:28:B2:C3:25:42:91:C5:9B:33:1B:22:C8:D7:57:FC:35:47:25:BE Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 23F46D85BEB1525607E3825627D770221BAC9242 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a833bcbc-91ad-4e89-8666-86ec46002db6.roa Signing time: Mon 08 Dec 2025 02:00:25 +0000 ROA not before: Mon 08 Dec 2025 02:00:25 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.142.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:f4:6d:85:be:b1:52:56:07:e3:82:56:27:d7:70:22:1b:ac:92:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:25 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=e6cb9f1b3cf054ace3e68a1a3f1b2486b8191f3ee8e6f32e441fd52a71e50f9b, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:35:57:78:03:19:2e:04:9b:aa:06:ca:9f:5b: 83:89:84:fd:0a:50:6f:e1:a0:2e:0a:de:ba:56:db: d9:40:87:fb:dc:a4:ec:ab:c9:93:f2:f6:7a:0b:71: 55:e9:54:84:39:64:21:5e:80:08:03:86:a2:06:98: 99:3a:98:f0:62:2e:ad:4a:a8:30:68:63:06:15:17: 39:77:a8:14:1e:92:25:09:ae:df:f0:98:95:df:78: f6:7e:4d:ab:4f:47:6d:05:75:2f:a4:50:9f:83:44: c7:5b:b2:d4:97:6e:3f:ee:99:4f:c5:03:5b:77:aa: fb:7e:d2:34:96:2c:13:16:71:f9:94:10:50:42:99: e9:42:8f:c2:f9:10:eb:60:04:41:69:9e:7e:91:c2: 7d:b1:6a:b0:ee:35:67:7a:ff:19:11:67:73:f4:e6: 7e:be:79:e9:ce:a1:16:06:72:36:32:66:d9:1b:f5: 06:88:82:e8:a2:28:e2:0e:a3:bf:a1:d5:fa:3b:f7: 2d:7d:c6:91:7b:fc:6a:5f:19:fa:11:8e:9b:7f:20: df:77:82:88:9e:dd:7d:55:d8:3d:ee:2d:4b:6b:c5: 93:6c:b7:3e:bb:96:6a:34:ec:ab:71:22:b4:e1:9a: a8:d6:aa:5f:65:84:4b:92:63:0c:a0:cc:ee:bc:14: 74:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:28:B2:C3:25:42:91:C5:9B:33:1B:22:C8:D7:57:FC:35:47:25:BE X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a833bcbc-91ad-4e89-8666-86ec46002db6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.142.0/23 Signature Algorithm: sha256WithRSAEncryption 34:08:10:0e:d0:9c:19:b8:d3:57:59:39:4e:c2:9a:4f:cc:0d: 8f:d1:0e:52:d4:3d:63:6b:27:c5:a6:20:47:a5:57:de:94:8e: 5e:e2:74:a2:71:19:b0:09:4c:3b:b5:18:38:5d:1f:be:f2:14: 4f:b6:7f:8d:5b:3e:48:67:de:ea:b5:37:db:3e:c8:d9:52:7a: c8:45:7c:1f:3f:6a:be:46:d9:ed:ec:c1:27:49:c3:ba:c1:83: 95:f2:f0:43:5e:ad:85:e5:65:39:0a:05:b0:2d:bb:9e:c0:1f: 91:b2:2f:00:d0:21:55:91:a7:6a:33:51:be:d9:24:e7:99:f9: 93:0f:c3:54:50:78:82:d9:96:36:1e:d0:1d:9e:90:f9:8e:df: b6:bf:8b:09:6f:d3:c0:74:85:3a:b2:a1:94:d3:e2:d3:e0:8a: bb:42:c7:fa:9c:9d:82:3a:f9:00:cb:6b:c5:9b:77:31:89:b6: 07:6f:c6:e2:b1:e8:51:d1:2f:08:98:f8:31:6f:83:9f:6c:eb: ee:df:61:11:92:03:99:5a:3b:71:cb:82:29:f9:ca:a9:89:c7: cd:ba:62:12:89:f4:a7:ce:4e:f4:bc:75:f3:16:08:74:f4:55: 49:34:5b:bf:e7:ee:7c:bf:35:e3:e3:c6:93:2f:56:23:70:b7: ac:8d:9f:c0 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUI/Rthb6xUlYH44JWJ9dwIhuskkIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjVaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQGU2Y2I5ZjFiM2NmMDU0YWNlM2U2OGExYTNmMWIyNDg2YjgxOTFmM2VlOGU2 ZjMyZTQ0MWZkNTJhNzFlNTBmOWIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJM1V3gDGS4Em6oGyp9bg4mE/QpQb+GgLgreulbb2UCH+9yk7KvJk/L2egtx VelUhDlkIV6ACAOGogaYmTqY8GIurUqoMGhjBhUXOXeoFB6SJQmu3/CYld949n5N q09HbQV1L6RQn4NEx1uy1JduP+6ZT8UDW3eq+37SNJYsExZx+ZQQUEKZ6UKPwvkQ 62AEQWmefpHCfbFqsO41Z3r/GRFnc/Tmfr556c6hFgZyNjJm2Rv1BoiC6KIo4g6j v6HV+jv3LX3GkXv8al8Z+hGOm38g33eCiJ7dfVXYPe4tS2vFk2y3PruWajTsq3Ei tOGaqNaqX2WES5JjDKDM7rwUdA0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBThKLLD JUKRxZszGyLI11f8NUclvjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv YTgzM2JjYmMtOTFhZC00ZTg5LTg2NjYtODZlYzQ2MDAyZGI2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMAjjAN BgkqhkiG9w0BAQsFAAOCAQEANAgQDtCcGbjTV1k5TsKaT8wNj9EOUtQ9Y2snxaYg R6VX3pSOXuJ0onEZsAlMO7UYOF0fvvIUT7Z/jVs+SGfe6rU32z7I2VJ6yEV8Hz9q vkbZ7ezBJ0nDusGDlfLwQ16theVlOQoFsC27nsAfkbIvANAhVZGnajNRvtkk55n5 kw/DVFB4gtmWNh7QHZ6Q+Y7ftr+LCW/TwHSFOrKhlNPi0+CKu0LH+pydgjr5AMtr xZt3MYm2B2/G4rHoUdEvCJj4MW+Dn2zr7t9hEZIDmVo7ccuCKfnKqYnHzbpiEon0 p85O9Lx18xYIdPRVSTRbv+fufL814+PGky9WI3C3rI2fwA== -----END CERTIFICATE-----Generated at Fri Dec 19 23:20:39 2025 by rpki-client