This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/caf04ce0-0dbd-43ea-843a-a139a615d156.roa File: caf04ce0-0dbd-43ea-843a-a139a615d156.roa (raw, json) Hash identifier: z+9iMJy4m0a5I+ZX6p0Nfboxo+QW9T0ozBQ3oitIZGk= Subject key identifier: B0:8E:A8:F8:B5:14:7E:41:7C:69:8C:49:04:56:D7:26:BB:7B:88:EF Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 35698B769D80E67CBB6480E6833FF5385695C659 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/caf04ce0-0dbd-43ea-843a-a139a615d156.roa Signing time: Mon 08 Dec 2025 02:00:22 +0000 ROA not before: Mon 08 Dec 2025 02:00:22 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.28.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:69:8b:76:9d:80:e6:7c:bb:64:80:e6:83:3f:f5:38:56:95:c6:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:22 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=08c32e8baf78b46e5915ab8bb59cc8fc524f8c52005d9978fc7c3cc7894751be, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:a7:be:c5:83:4d:31:4c:fe:09:f2:ef:e7:62: 02:19:cb:51:59:de:22:5e:de:ef:52:d0:38:75:28: e8:fc:12:67:47:13:bc:b3:a8:e1:cf:99:50:41:ad: 45:cf:a2:78:5a:50:33:e7:94:8a:b8:f6:e1:c7:03: 37:52:ee:0e:b3:86:c7:78:c9:b8:0c:ea:9d:e6:ab: 0a:e0:dd:06:2b:57:ee:4e:26:71:2a:d1:1d:b3:50: ec:e5:4d:11:32:9c:47:96:84:b5:c1:05:3b:9b:ac: 1e:43:84:ec:b7:b0:0d:7b:07:8f:8d:8c:6f:41:ed: c4:7b:d2:52:67:68:74:57:c2:ec:75:1b:4d:c4:7f: 47:ee:3a:96:88:90:4b:3b:da:a6:65:a1:61:64:cf: 6a:25:ad:8a:d0:dc:12:02:76:b1:3e:c6:90:e3:ca: 3e:a6:a9:b5:62:31:27:8d:0b:bf:a9:ed:a3:45:e9: 15:ec:ab:4f:0c:e8:94:54:3e:8e:e7:42:8a:10:74: fa:fb:fa:10:ea:2e:c1:a4:e7:ab:a3:84:a9:e0:0e: 65:b9:b5:99:29:cf:03:c2:23:88:43:7f:9d:dc:8f: 58:a0:0c:ad:97:00:e8:46:0b:e9:d0:a3:df:a2:e8: 0f:1b:0e:6c:72:cd:04:74:61:73:f5:3d:d3:46:03: de:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:8E:A8:F8:B5:14:7E:41:7C:69:8C:49:04:56:D7:26:BB:7B:88:EF X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/caf04ce0-0dbd-43ea-843a-a139a615d156.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.28.0/24 Signature Algorithm: sha256WithRSAEncryption 71:22:00:c8:2a:2e:51:51:bd:e2:0b:92:a5:d7:c1:02:28:07: 07:58:d3:01:b2:71:21:00:ea:4a:4f:16:bf:56:1c:0d:23:5b: 54:85:6e:da:12:d3:df:f0:16:19:55:3a:67:38:a4:07:b0:aa: 4f:a5:61:3c:09:1f:f1:57:11:2b:85:29:bd:26:78:76:87:4a: 7b:e7:23:b8:a2:47:7a:c7:43:bb:82:63:5b:8e:cf:f4:d0:35: 40:cc:dd:8a:6d:9b:ae:d5:f0:be:43:f8:13:56:f5:5c:35:e1: 70:9b:20:a9:6a:60:a1:94:83:db:67:34:e2:9d:a3:4d:81:00: 17:20:73:93:f8:f8:4d:34:5d:96:c3:72:43:66:b3:3c:0c:e7: 48:93:35:d4:2e:af:85:52:e0:3f:19:b2:d6:0d:89:59:10:0d: 45:a6:8f:19:f3:84:23:46:cf:6b:f3:22:5b:d8:f7:6a:42:8f: 29:ba:b5:eb:e1:0a:a8:14:51:a3:2f:79:4d:f0:e7:f2:19:ee: 15:5f:62:e0:66:23:70:f5:90:e1:fd:15:8d:41:39:e3:6a:37: 50:a1:1e:a4:94:4b:df:2c:36:26:92:52:12:00:0c:f1:a5:0e: fa:b7:1e:56:44:c1:60:15:1e:35:7b:e2:6d:8d:a9:08:fe:75: 88:41:41:95 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUNWmLdp2A5ny7ZIDmgz/1OFaVxlkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjJaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDA4YzMyZThiYWY3OGI0NmU1OTE1YWI4YmI1OWNjOGZjNTI0ZjhjNTIwMDVk OTk3OGZjN2MzY2M3ODk0NzUxYmUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJinvsWDTTFM/gny7+diAhnLUVneIl7e71LQOHUo6PwSZ0cTvLOo4c+ZUEGt Rc+ieFpQM+eUirj24ccDN1LuDrOGx3jJuAzqnearCuDdBitX7k4mcSrRHbNQ7OVN ETKcR5aEtcEFO5usHkOE7LewDXsHj42Mb0HtxHvSUmdodFfC7HUbTcR/R+46loiQ SzvapmWhYWTPaiWtitDcEgJ2sT7GkOPKPqaptWIxJ40Lv6nto0XpFeyrTwzolFQ+ judCihB0+vv6EOouwaTnq6OEqeAOZbm1mSnPA8IjiEN/ndyPWKAMrZcA6EYL6dCj 36LoDxsObHLNBHRhc/U900YD3kUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwjqj4 tRR+QXxpjEkEVtcmu3uI7zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv Y2FmMDRjZTAtMGRiZC00M2VhLTg0M2EtYTEzOWE2MTVkMTU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMAHDAN BgkqhkiG9w0BAQsFAAOCAQEAcSIAyCouUVG94guSpdfBAigHB1jTAbJxIQDqSk8W v1YcDSNbVIVu2hLT3/AWGVU6ZzikB7CqT6VhPAkf8VcRK4UpvSZ4dodKe+cjuKJH esdDu4JjW47P9NA1QMzdim2brtXwvkP4E1b1XDXhcJsgqWpgoZSD22c04p2jTYEA FyBzk/j4TTRdlsNyQ2azPAznSJM11C6vhVLgPxmy1g2JWRANRaaPGfOEI0bPa/Mi W9j3akKPKbq16+EKqBRRoy95TfDn8hnuFV9i4GYjcPWQ4f0VjUE542o3UKEepJRL 3yw2JpJSEgAM8aUO+rceVkTBYBUeNXvibY2pCP51iEFBlQ== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:44 2025 by rpki-client