This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d5f28959-e053-4dd5-9cd7-d519d57c2a0e.roa File: d5f28959-e053-4dd5-9cd7-d519d57c2a0e.roa (raw, json) Hash identifier: Fb3YfBCkmZbK4qCtVUQhoKUMzsMtnSjR93IMptosqZk= Subject key identifier: C3:19:D9:F6:6E:29:66:B1:62:E4:B3:82:52:FA:81:08:49:80:AE:5C Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 226CBDC9189039FADDA4C734731CCBF07F36FECB Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d5f28959-e053-4dd5-9cd7-d519d57c2a0e.roa Signing time: Mon 08 Dec 2025 02:00:08 +0000 ROA not before: Mon 08 Dec 2025 02:00:08 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:6c:bd:c9:18:90:39:fa:dd:a4:c7:34:73:1c:cb:f0:7f:36:fe:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:08 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=08f9f97545edda51a453a25018ae1a8356aa56bc2c12b725767928150fa4dbf0, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:cb:d8:00:cd:37:c2:8a:0b:d6:d5:5c:2a:15: 00:95:fe:10:a5:81:b9:24:cd:32:8f:bf:af:bc:61: 8e:4b:c1:27:9d:1f:b0:52:ef:64:3b:48:3a:6f:79: 20:3f:d7:27:2c:cf:06:85:6b:6c:e4:8a:55:8b:45: 31:8c:d6:9a:fe:71:b7:04:45:06:72:17:70:f4:db: 4a:97:f9:fc:1d:11:66:64:bb:00:3e:ea:ea:32:eb: 2a:94:37:15:1c:b2:ce:39:96:61:8f:68:4d:e6:85: cc:30:ee:d6:d4:25:13:08:c1:36:77:8f:7b:b6:94: 9e:76:a2:61:a8:1b:ed:4a:34:b6:f5:8c:7b:6e:e2: 0e:ab:a6:41:be:b5:49:55:b6:e1:8f:af:f8:d6:f4: fb:fd:59:fc:62:79:24:70:aa:c4:50:98:ac:98:71: 27:69:24:90:c6:cf:51:bc:e1:6e:fa:7f:94:14:1b: 76:c5:72:d3:54:aa:92:17:5b:35:78:32:25:49:32: 2e:3b:c9:19:b1:06:d8:da:fa:f4:24:7e:8c:19:9c: 9f:77:07:b5:c8:8c:0e:c6:68:3e:15:6e:21:cd:64: b2:57:0c:ef:47:c6:3b:1a:7f:ce:77:22:e0:14:8d: aa:90:1f:64:1d:c9:67:a2:13:a1:15:1c:66:19:40: 44:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:19:D9:F6:6E:29:66:B1:62:E4:B3:82:52:FA:81:08:49:80:AE:5C X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d5f28959-e053-4dd5-9cd7-d519d57c2a0e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.136.0/21 Signature Algorithm: sha256WithRSAEncryption 0e:38:10:59:a9:89:6f:bc:bb:46:01:a6:32:b2:55:ca:0f:5b: e9:06:51:dd:1c:55:d6:6c:d3:ab:67:8e:7c:49:f3:d4:48:84: 9b:58:56:fe:bd:89:d0:ec:e6:46:bb:ed:48:a3:fb:82:18:59: 71:43:47:ce:05:88:28:3f:83:41:39:5c:ac:62:57:d6:d5:63: 8a:c0:83:22:54:11:3f:0b:70:7e:a7:dd:8e:5b:62:3c:4e:d4: c4:70:96:92:81:78:57:37:c4:bd:65:17:38:21:6a:c1:99:69: 4f:a9:6e:e0:5d:73:82:f8:f1:60:c0:ae:82:b1:33:01:26:bb: 76:ba:10:64:e6:ef:0c:07:a2:7a:e5:cd:95:26:b9:c7:bc:fa: 3f:41:25:dc:dd:94:df:5b:3b:6b:69:09:d1:4c:cc:c9:bf:b5: b0:a2:b3:1d:1b:1c:96:be:60:cd:40:26:97:46:9d:b6:01:d7: 38:9c:a5:db:5b:19:2b:66:16:22:1c:d8:d0:45:ea:14:f0:83: 42:cf:88:4d:d8:14:b9:c1:75:74:ac:03:b9:d2:c8:f6:98:29: a5:79:51:a6:bd:23:89:1e:5b:92:07:b5:23:b8:49:f3:b0:8a: 5f:de:f4:73:dc:84:3e:9a:4e:82:0a:5e:61:79:c4:a2:3c:6c: 4a:fb:d1:08 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUImy9yRiQOfrdpMc0cxzL8H82/sswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMDhaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDA4ZjlmOTc1NDVlZGRhNTFhNDUzYTI1MDE4YWUxYTgzNTZhYTU2YmMyYzEy YjcyNTc2NzkyODE1MGZhNGRiZjAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAInL2ADNN8KKC9bVXCoVAJX+EKWBuSTNMo+/r7xhjkvBJ50fsFLvZDtIOm95 ID/XJyzPBoVrbOSKVYtFMYzWmv5xtwRFBnIXcPTbSpf5/B0RZmS7AD7q6jLrKpQ3 FRyyzjmWYY9oTeaFzDDu1tQlEwjBNnePe7aUnnaiYagb7Uo0tvWMe27iDqumQb61 SVW24Y+v+Nb0+/1Z/GJ5JHCqxFCYrJhxJ2kkkMbPUbzhbvp/lBQbdsVy01Sqkhdb NXgyJUkyLjvJGbEG2Nr69CR+jBmcn3cHtciMDsZoPhVuIc1kslcM70fGOxp/znci 4BSNqpAfZB3JZ6IToRUcZhlARCsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTDGdn2 bilmsWLks4JS+oEISYCuXDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZDVmMjg5NTktZTA1My00ZGQ1LTljZDctZDUxOWQ1N2MyYTBlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAiDAN BgkqhkiG9w0BAQsFAAOCAQEADjgQWamJb7y7RgGmMrJVyg9b6QZR3RxV1mzTq2eO fEnz1EiEm1hW/r2J0OzmRrvtSKP7ghhZcUNHzgWIKD+DQTlcrGJX1tVjisCDIlQR PwtwfqfdjltiPE7UxHCWkoF4VzfEvWUXOCFqwZlpT6lu4F1zgvjxYMCugrEzASa7 droQZObvDAeieuXNlSa5x7z6P0El3N2U31s7a2kJ0UzMyb+1sKKzHRsclr5gzUAm l0adtgHXOJyl21sZK2YWIhzY0EXqFPCDQs+ITdgUucF1dKwDudLI9pgppXlRpr0j iR5bkge1I7hJ87CKX970c9yEPppOggpeYXnEojxsSvvRCA== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:48 2025 by rpki-client