This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json) Hash identifier: xMg8lShpQ3msuSM6dCBFWBUubU8y7jx2eHPhkDMC/Ho= Subject key identifier: 09:E3:5D:3A:E2:19:38:48:DE:B5:6D:81:EF:4D:A4:E8:05:AE:8E:16 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6930BE9D9AD37DCCA0B3B2CA7298AEEFC84309B3 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa Signing time: Sat 15 Nov 2025 06:50:21 +0000 ROA not before: Sat 15 Nov 2025 06:50:21 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.156.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 22 Nov 2025 00:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:30:be:9d:9a:d3:7d:cc:a0:b3:b2:ca:72:98:ae:ef:c8:43:09:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:21 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=3cf4977ba3af88da35ee1e86293283329d5026d374f71fdd748734ef59f94ec2, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ef:93:e1:74:de:b4:3f:fa:52:08:ca:2a:98: 30:1d:6e:b2:19:c4:f6:7d:25:05:50:47:42:ac:32: 7f:3b:7d:23:65:8e:dc:34:a7:7f:6f:18:ff:87:b6: a2:13:bb:aa:35:2c:f4:80:af:4f:e8:71:a5:18:01: cf:3c:5d:b7:a3:30:79:ab:c5:0e:6a:3e:e3:e6:97: 68:94:78:db:95:6b:ff:d0:00:6c:13:cc:3e:57:eb: 73:2e:12:16:c1:a5:10:62:94:99:7d:63:48:3a:1b: 92:7c:58:93:25:55:2e:f0:e8:53:e8:a1:81:6c:d1: d5:1c:0c:19:93:6f:5c:23:ed:1e:e8:bf:1b:90:62: c0:61:2f:32:1a:2b:73:cf:3d:50:1e:de:cb:5f:f4: cf:50:ec:e7:b1:2d:0a:c4:41:ac:06:a0:8e:11:c8: 8a:be:19:cd:cc:b7:0a:5f:94:31:0a:2d:a1:27:a4: 1c:48:35:03:47:eb:30:70:a0:11:1b:f2:a8:a9:35: c2:1b:2d:0f:20:47:73:a4:79:d7:4c:83:ba:b9:66: bd:8f:94:1c:d6:38:2d:f5:2a:98:74:d2:16:37:06: 4d:6f:58:ce:e7:07:29:59:e3:f0:19:0f:2e:0f:8c: a9:a1:52:76:74:a3:2a:5e:ba:6b:4e:ea:d5:39:a3: 15:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:E3:5D:3A:E2:19:38:48:DE:B5:6D:81:EF:4D:A4:E8:05:AE:8E:16 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.156.0.0/15 Signature Algorithm: sha256WithRSAEncryption 31:14:ef:51:2f:bc:62:12:61:48:c7:6c:59:78:b6:ce:d6:ae: 68:e0:f6:a3:c6:76:b0:a3:e4:3d:04:cf:fa:8e:0f:73:f0:8c: 79:99:f0:a5:44:fa:a8:d3:28:0b:6a:b0:14:1a:88:43:06:14: ce:26:cc:17:a5:f3:74:53:ff:92:f3:6c:08:40:ef:7f:bb:9f: c3:c7:99:3f:1b:c6:5a:61:f6:d3:e5:f6:02:09:9c:91:18:6a: 69:d1:2f:17:ce:5f:e9:f3:a4:54:b8:da:19:a8:05:15:81:57: 1a:10:9f:5a:90:a4:6e:c8:a6:87:32:0d:5c:30:80:7a:df:83: 35:57:48:a7:bf:5f:96:b3:3b:4c:df:17:99:70:e1:54:4d:24: d0:b8:32:1c:fb:ac:41:70:a4:90:69:04:6f:f4:67:90:26:82: 00:27:6f:96:0a:99:6a:b4:11:bb:3d:66:e1:f3:a1:7f:1c:e4: 1c:24:8f:9e:22:2d:d0:8d:57:de:2b:4a:57:fb:78:23:ea:75: 11:83:38:26:2a:6e:ab:13:59:57:5a:c4:fc:64:0c:6e:9a:5c: 28:c0:be:a1:88:d9:5c:04:e7:fa:a4:cb:ec:93:db:d6:1c:68: 67:14:c5:25:14:b5:be:94:0c:d6:49:63:a4:c2:bf:02:6b:4a: af:b1:80:8f -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUaTC+nZrTfcygs7LKcpiu78hDCbMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMjFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDNjZjQ5NzdiYTNhZjg4ZGEzNWVlMWU4NjI5MzI4MzMyOWQ1MDI2ZDM3NGY3 MWZkZDc0ODczNGVmNTlmOTRlYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMXvk+F03rQ/+lIIyiqYMB1ushnE9n0lBVBHQqwyfzt9I2WO3DSnf28Y/4e2 ohO7qjUs9ICvT+hxpRgBzzxdt6MweavFDmo+4+aXaJR425Vr/9AAbBPMPlfrcy4S FsGlEGKUmX1jSDobknxYkyVVLvDoU+ihgWzR1RwMGZNvXCPtHui/G5BiwGEvMhor c889UB7ey1/0z1Ds57EtCsRBrAagjhHIir4Zzcy3Cl+UMQotoSekHEg1A0frMHCg ERvyqKk1whstDyBHc6R510yDurlmvY+UHNY4LfUqmHTSFjcGTW9YzucHKVnj8BkP Lg+MqaFSdnSjKl66a07q1TmjFd0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJ4106 4hk4SN61bYHvTaToBa6OFjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G CSqGSIb3DQEBCwUAA4IBAQAxFO9RL7xiEmFIx2xZeLbO1q5o4Pajxnawo+Q9BM/6 jg9z8Ix5mfClRPqo0ygLarAUGohDBhTOJswXpfN0U/+S82wIQO9/u5/Dx5k/G8Za YfbT5fYCCZyRGGpp0S8Xzl/p86RUuNoZqAUVgVcaEJ9akKRuyKaHMg1cMIB634M1 V0inv1+WsztM3xeZcOFUTSTQuDIc+6xBcKSQaQRv9GeQJoIAJ2+WCplqtBG7PWbh 86F/HOQcJI+eIi3QjVfeK0pX+3gj6nURgzgmKm6rE1lXWsT8ZAxumlwowL6hiNlc BOf6pMvsk9vWHGhnFMUlFLW+lAzWSWOkwr8Ca0qvsYCP -----END CERTIFICATE-----Generated at Fri Nov 21 06:10:49 2025 by rpki-client