This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa File: 3558ad32-215e-47a4-9f5b-477ec71e940f.roa (raw, json) Hash identifier: NwAUEhiQzZXD9JDp5SBgVhrksySOzBgU78gj/2yOfog= Subject key identifier: 89:5F:64:CA:BE:4B:0D:B6:F8:E8:AC:13:49:E4:05:BB:16:1B:22:E7 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3CBF2BC89F7669E3CB071D6393AA9ECBC0A0AE84 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa Signing time: Sat 15 Nov 2025 06:50:06 +0000 ROA not before: Sat 15 Nov 2025 06:50:06 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a01:578:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 29 Nov 2025 22:51:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:bf:2b:c8:9f:76:69:e3:cb:07:1d:63:93:aa:9e:cb:c0:a0:ae:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:06 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=3b3fddc397a8ddfeeede35792a8f2fa70c3ac181c54323a037a88ebe809acf14, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a5:ac:42:ee:27:a6:95:36:f3:a0:fe:59:04: 7d:1c:83:79:8f:9e:0e:f2:8d:ad:3d:bf:26:83:a5: 6a:d3:5f:6c:3c:a8:10:2c:28:67:e6:13:6d:04:7c: d9:0d:4d:b3:d6:3f:94:35:d3:39:c8:2f:1d:8c:d8: cd:2e:44:79:50:b8:7b:47:b5:f9:25:5e:88:b1:bd: 1b:d2:4b:f6:3b:72:cf:dc:71:d2:ab:33:ae:a0:2e: e2:d2:2a:2a:18:31:6b:1c:7c:c4:d4:fa:64:8e:84: 58:5f:0b:82:25:df:32:d5:1f:64:06:38:d4:e2:9c: ae:cc:53:a1:3d:7d:b3:a3:f0:d1:20:a8:07:1a:7d: 3a:42:b1:8f:01:c5:3c:71:52:1b:e7:b6:8a:f9:54: 32:38:fc:33:51:f2:19:af:0f:db:93:dd:b9:8c:ef: f9:30:f3:14:f7:c1:1b:97:9c:4f:fb:30:ef:30:24: a1:97:c2:8a:86:c6:d4:8d:05:81:58:1a:4a:1d:a8: 00:7f:35:98:23:a3:54:14:2c:0e:78:be:85:1e:5a: 96:2c:d5:52:9f:b9:cc:f5:11:42:85:20:ee:7c:3b: 17:f4:d1:e3:d0:3d:ac:c8:64:f5:f2:5b:fb:c0:d5: ab:e0:97:43:31:03:9e:d3:42:4b:87:eb:51:18:b4: c0:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:5F:64:CA:BE:4B:0D:B6:F8:E8:AC:13:49:E4:05:BB:16:1B:22:E7 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:578:3::/48 Signature Algorithm: sha256WithRSAEncryption 29:36:bc:89:61:7c:eb:bd:67:fe:28:db:6c:88:f9:7b:c3:b8: f5:f9:ba:53:df:fd:b4:f8:e2:70:1e:ee:97:cc:3a:f1:e5:71: 12:07:af:a8:7b:5e:0b:87:a0:fc:f8:79:fe:44:1e:7c:ab:96: 95:55:74:9d:6f:09:59:a4:67:f1:de:bd:83:b8:86:90:19:b1: 0c:3c:6b:60:9d:50:3f:e5:34:36:3f:8b:10:9e:0d:c0:f4:85: 75:34:32:0d:69:bc:d4:18:15:a4:c3:0c:47:5d:ee:4f:94:d1: 53:6d:ac:09:22:35:9b:2a:8c:01:2c:19:64:6a:62:57:0d:7e: 15:a1:d3:08:aa:99:c2:e5:89:82:29:7a:95:5b:a2:f4:26:f2: de:eb:da:b9:c4:c5:fa:01:af:8c:fd:c7:7d:fc:dd:b7:8d:1b: 13:6e:c9:08:2e:ec:42:5c:a3:ff:3e:34:32:c9:a1:f8:a8:44: 20:5b:f6:51:e0:a8:9f:e0:ed:21:eb:f9:5b:f6:ec:14:7f:c3: 1c:b8:c1:6c:83:a3:ae:fc:f5:42:88:5d:72:93:02:86:13:a0: 70:64:1d:6c:5a:a1:6d:fc:7b:9c:57:6b:3c:60:3d:01:9e:c2: 10:fb:95:8d:b6:d7:ea:fe:56:cc:1e:e4:86:cf:2f:3a:aa:3e: 8c:a8:41:ad -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUPL8ryJ92aePLBx1jk6qey8CgroQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDNiM2ZkZGMzOTdhOGRkZmVlZWRlMzU3OTJhOGYyZmE3MGMzYWMxODFjNTQz MjNhMDM3YTg4ZWJlODA5YWNmMTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ6lrELuJ6aVNvOg/lkEfRyDeY+eDvKNrT2/JoOlatNfbDyoECwoZ+YTbQR8 2Q1Ns9Y/lDXTOcgvHYzYzS5EeVC4e0e1+SVeiLG9G9JL9jtyz9xx0qszrqAu4tIq Khgxaxx8xNT6ZI6EWF8LgiXfMtUfZAY41OKcrsxToT19s6Pw0SCoBxp9OkKxjwHF PHFSG+e2ivlUMjj8M1HyGa8P25PduYzv+TDzFPfBG5ecT/sw7zAkoZfCiobG1I0F gVgaSh2oAH81mCOjVBQsDni+hR5alizVUp+5zPURQoUg7nw7F/TR49A9rMhk9fJb +8DVq+CXQzEDntNCS4frURi0wK8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSJX2TK vksNtvjorBNJ5AW7Fhsi5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MzU1OGFkMzItMjE1ZS00N2E0LTlmNWItNDc3ZWM3MWU5NDBmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA AzANBgkqhkiG9w0BAQsFAAOCAQEAKTa8iWF8671n/ijbbIj5e8O49fm6U9/9tPji cB7ul8w68eVxEgevqHteC4eg/Ph5/kQefKuWlVV0nW8JWaRn8d69g7iGkBmxDDxr YJ1QP+U0Nj+LEJ4NwPSFdTQyDWm81BgVpMMMR13uT5TRU22sCSI1myqMASwZZGpi Vw1+FaHTCKqZwuWJgil6lVui9Cby3uvaucTF+gGvjP3Hffzdt40bE27JCC7sQlyj /z40Msmh+KhEIFv2UeCon+DtIev5W/bsFH/DHLjBbIOjrvz1QohdcpMChhOgcGQd bFqhbfx7nFdrPGA9AZ7CEPuVjbbX6v5WzB7khs8vOqo+jKhBrQ== -----END CERTIFICATE-----Generated at Sat Nov 29 01:20:24 2025 by rpki-client