This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d944ab55-e596-4301-a331-22631b97a422.roa File: d944ab55-e596-4301-a331-22631b97a422.roa (raw, json) Hash identifier: y6xZNfkpaR2Wc32FvPx3q6YL09KP0OOhOa3IZltEk7I= Subject key identifier: CE:66:7C:39:CC:BA:10:06:AE:C9:32:15:9D:D8:F3:B0:D1:66:FD:42 Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 42CFE962CD7B18000C96A4CBD3E33CE4148115A4 Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d944ab55-e596-4301-a331-22631b97a422.roa Signing time: Mon 08 Dec 2025 02:00:29 +0000 ROA not before: Mon 08 Dec 2025 02:00:29 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:cf:e9:62:cd:7b:18:00:0c:96:a4:cb:d3:e3:3c:e4:14:81:15:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:29 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=1b1f281d239fd4e706b467624901c01dcde55850b999e086e2e4a24f98d04413, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:3b:0e:e2:5f:1b:1b:30:4b:a1:6f:37:9e:0f: f5:2d:5f:3d:8f:35:5d:fc:e7:2f:37:02:7c:67:69: fe:44:9f:1b:28:61:63:83:a6:31:1f:08:6b:80:8b: 41:27:c6:c7:23:e0:9f:52:48:2a:f8:3f:5e:da:76: b3:88:89:99:40:77:b6:ff:35:69:49:46:d8:52:31: c9:02:ef:41:78:19:4d:7a:3f:d0:49:e7:63:6f:e0: 07:cd:6f:65:dc:0d:c9:79:65:a5:96:b7:7e:75:37: 63:05:61:ff:8d:ad:20:f0:53:e1:a8:36:d8:be:76: 75:99:9a:1e:b2:ab:3f:a5:49:90:35:f8:fa:f9:d8: 71:dc:17:c2:75:4c:d8:77:d8:e3:85:5f:f9:9b:b3: 62:d6:17:f4:a4:3b:3f:e4:2d:ca:1a:e8:b3:a7:e7: a4:97:e4:e7:7f:27:28:a8:d2:af:63:04:93:b1:26: 53:bd:99:20:0d:d0:38:88:e2:d8:20:8f:f4:86:18: 05:a3:37:f5:46:c9:75:cb:b3:2d:dd:34:ec:b4:92: 15:9f:61:a0:e5:34:57:c2:eb:88:ed:18:be:71:6d: c9:4f:17:57:7d:2a:d8:6e:ae:4b:fd:b7:88:d0:29: 27:11:31:3a:ab:0e:cb:3c:86:d4:c2:e4:1e:86:fd: 46:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:66:7C:39:CC:BA:10:06:AE:C9:32:15:9D:D8:F3:B0:D1:66:FD:42 X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d944ab55-e596-4301-a331-22631b97a422.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.252.0/24 Signature Algorithm: sha256WithRSAEncryption 44:1a:f2:d6:76:f5:6e:82:e9:e6:a8:3b:ea:b6:8a:a7:49:20: bf:38:25:6a:3f:3a:c6:b9:c3:0b:ec:76:32:e9:0e:6b:4d:0e: 39:4a:54:dd:2b:84:4c:27:87:b7:bd:47:f4:4d:32:34:0c:d1: d8:1a:4f:68:a1:22:30:0b:db:f6:38:8c:7a:e1:38:3a:ad:26: 1b:7b:5f:78:19:1d:ce:9c:3e:7a:a3:a5:93:70:d3:9c:60:42: 33:c1:fb:d1:76:35:24:b9:49:99:0c:99:a6:cb:df:73:34:4f: 82:a6:c6:92:b6:ba:f9:50:84:8e:87:f1:b5:98:56:bf:e6:3a: 4b:9a:56:34:a1:5d:38:50:13:3c:a4:11:f1:b7:51:a9:29:c1: b6:54:0e:66:0d:cc:d0:d6:12:2e:40:06:8e:8c:e4:2e:c1:b3: f7:c3:79:37:0c:1f:cb:4f:e6:4f:05:7f:03:bf:fb:9f:32:a1: a3:6b:6e:d9:d5:66:94:21:c0:5b:7a:08:f4:df:e7:c6:33:4d: e4:36:da:95:86:9e:f3:3a:bf:4d:67:eb:39:38:d1:43:5c:61: a4:88:00:f1:3a:36:01:dd:9f:cf:e9:15:54:c1:14:ba:83:59: d3:50:d7:e6:b4:c6:ed:8b:17:e8:06:5b:cf:a2:d6:d4:bd:b5: 66:f7:4f:c3 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUQs/pYs17GAAMlqTL0+M85BSBFaQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjlaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDFiMWYyODFkMjM5ZmQ0ZTcwNmI0Njc2MjQ5MDFjMDFkY2RlNTU4NTBiOTk5 ZTA4NmUyZTRhMjRmOThkMDQ0MTMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL47DuJfGxswS6FvN54P9S1fPY81XfznLzcCfGdp/kSfGyhhY4OmMR8Ia4CL QSfGxyPgn1JIKvg/Xtp2s4iJmUB3tv81aUlG2FIxyQLvQXgZTXo/0EnnY2/gB81v ZdwNyXllpZa3fnU3YwVh/42tIPBT4ag22L52dZmaHrKrP6VJkDX4+vnYcdwXwnVM 2HfY44Vf+ZuzYtYX9KQ7P+Qtyhros6fnpJfk538nKKjSr2MEk7EmU72ZIA3QOIji 2CCP9IYYBaM39UbJdcuzLd007LSSFZ9hoOU0V8LriO0YvnFtyU8XV30q2G6uS/23 iNApJxExOqsOyzyG1MLkHob9RosCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTOZnw5 zLoQBq7JMhWd2POw0Wb9QjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv ZDk0NGFiNTUtZTU5Ni00MzAxLWEzMzEtMjI2MzFiOTdhNDIyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMA/DAN BgkqhkiG9w0BAQsFAAOCAQEARBry1nb1boLp5qg76raKp0kgvzglaj86xrnDC+x2 MukOa00OOUpU3SuETCeHt71H9E0yNAzR2BpPaKEiMAvb9jiMeuE4Oq0mG3tfeBkd zpw+eqOlk3DTnGBCM8H70XY1JLlJmQyZpsvfczRPgqbGkra6+VCEjofxtZhWv+Y6 S5pWNKFdOFATPKQR8bdRqSnBtlQOZg3M0NYSLkAGjozkLsGz98N5Nwwfy0/mTwV/ A7/7nzKho2tu2dVmlCHAW3oI9N/nxjNN5DbalYae8zq/TWfrOTjRQ1xhpIgA8To2 Ad2fz+kVVMEUuoNZ01DX5rTG7YsX6AZbz6LW1L21ZvdPww== -----END CERTIFICATE-----Generated at Fri Dec 19 23:19:47 2025 by rpki-client