This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa File: 4a35eec8-470f-4ad0-852b-9006065bbbb0.roa (raw, json) Hash identifier: nPThjgc1whSpJ2vbFFTVoDihSpVxo2LHM4HlzSnq++8= Subject key identifier: 42:E8:21:56:48:7F:60:C9:79:53:49:27:9C:A4:BE:03:E9:60:37:1F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 202B0F696E206F64F6AA141E6A811B241F7622A4 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa Signing time: Sat 15 Nov 2025 06:50:04 +0000 ROA not before: Sat 15 Nov 2025 06:50:04 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 51.166.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 27 Nov 2025 22:51:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:2b:0f:69:6e:20:6f:64:f6:aa:14:1e:6a:81:1b:24:1f:76:22:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:04 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=cf8d22926867cfbcdf0d1fe8beea021c8fb62ca45e18f4d8a246a02f77661808, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:69:63:10:16:8f:de:e7:6d:5a:f1:82:30:31: c1:94:12:c6:b9:31:62:d0:e0:8c:87:13:f5:0c:fc: 09:cc:64:8c:24:bf:97:b9:cf:cc:c2:b1:c4:41:af: 0e:68:b7:c7:85:69:9d:23:b1:ad:47:0a:ed:2d:ab: 01:05:1a:23:ca:d0:e2:b7:5b:8e:37:81:19:47:ce: 6c:03:90:d3:5d:cf:4f:fd:a5:e7:f9:7f:a0:ec:3f: c3:59:1b:df:4a:13:e0:c6:70:90:22:1f:41:6e:03: f5:33:1a:ea:b4:22:1e:2b:c1:43:87:0b:04:10:0f: 46:bd:85:28:83:89:0d:79:77:02:52:7f:ac:d0:6c: f7:9e:0a:1a:c3:d8:63:ea:d4:24:64:28:b6:41:8b: 73:8c:ac:2d:2f:5e:be:4f:33:9a:ca:45:52:82:fa: 6a:31:10:3d:04:39:62:dc:58:57:73:32:0c:1b:2b: 54:fa:b3:e6:59:3c:ab:0c:2d:43:16:3b:f6:ca:f1: 78:c6:eb:10:c7:1c:36:e5:fd:4a:a0:a7:77:48:f2: 70:79:74:b7:5a:a4:3b:8e:6d:a0:08:fc:b8:25:fb: 73:9c:12:8a:f5:e4:3b:36:dc:c1:49:ea:09:ef:30: e2:d9:84:ff:8a:2b:d5:45:0d:a8:41:8e:45:04:46: d5:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:E8:21:56:48:7F:60:C9:79:53:49:27:9C:A4:BE:03:E9:60:37:1F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.166.0.0/15 Signature Algorithm: sha256WithRSAEncryption 57:7b:ac:12:ac:00:15:9c:a8:ee:28:be:c5:7e:c1:c7:82:dc: 95:49:55:ca:67:c3:b5:af:ad:18:a9:d4:83:e9:74:85:71:59: dd:51:54:d2:ce:ee:3c:6b:db:93:fd:45:61:5a:65:91:4c:ec: bf:51:6e:a8:f8:41:a7:63:09:e3:6c:e4:5f:0b:21:62:c9:45: f2:52:e6:b2:34:4e:86:32:00:6c:af:bb:a3:96:84:fe:1d:f1: 42:94:c4:39:92:20:1b:84:76:8e:52:9a:65:f2:c8:84:1f:fd: 90:fc:c2:32:e6:2d:ef:0f:89:91:0d:c4:de:7d:ff:58:9e:3a: bf:ec:3d:41:8a:b2:56:6a:82:e7:03:3d:b4:7a:30:fa:3d:b3: ac:73:95:77:bb:37:17:b4:05:5e:41:e1:14:d0:71:9e:9e:06: e3:9a:c3:51:d5:b4:93:36:f9:bf:5a:d7:98:93:80:df:c7:05: c3:a3:63:39:a0:7e:9d:ee:b7:ee:d7:e8:fa:9c:b7:c7:18:f4: ff:da:3a:71:14:f3:7a:41:56:7e:75:c1:6c:16:d4:04:a2:9c: 1d:c6:e0:d2:a3:6a:3a:00:f2:b9:f8:95:5b:d5:15:ca:3f:eb: d3:fb:0d:68:2d:63:97:a2:f8:58:77:92:2f:02:71:a9:4d:f3: 2b:03:2f:57 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUICsPaW4gb2T2qhQeaoEbJB92IqQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGNmOGQyMjkyNjg2N2NmYmNkZjBkMWZlOGJlZWEwMjFjOGZiNjJjYTQ1ZTE4 ZjRkOGEyNDZhMDJmNzc2NjE4MDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdpYxAWj97nbVrxgjAxwZQSxrkxYtDgjIcT9Qz8CcxkjCS/l7nPzMKxxEGv Dmi3x4VpnSOxrUcK7S2rAQUaI8rQ4rdbjjeBGUfObAOQ013PT/2l5/l/oOw/w1kb 30oT4MZwkCIfQW4D9TMa6rQiHivBQ4cLBBAPRr2FKIOJDXl3AlJ/rNBs954KGsPY Y+rUJGQotkGLc4ysLS9evk8zmspFUoL6ajEQPQQ5YtxYV3MyDBsrVPqz5lk8qwwt QxY79srxeMbrEMccNuX9SqCnd0jycHl0t1qkO45toAj8uCX7c5wSivXkOzbcwUnq Ce8w4tmE/4or1UUNqEGORQRG1RMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRC6CFW SH9gyXlTSSecpL4D6WA3HzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NGEzNWVlYzgtNDcwZi00YWQwLTg1MmItOTAwNjA2NWJiYmIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G CSqGSIb3DQEBCwUAA4IBAQBXe6wSrAAVnKjuKL7FfsHHgtyVSVXKZ8O1r60YqdSD 6XSFcVndUVTSzu48a9uT/UVhWmWRTOy/UW6o+EGnYwnjbORfCyFiyUXyUuayNE6G MgBsr7ujloT+HfFClMQ5kiAbhHaOUppl8siEH/2Q/MIy5i3vD4mRDcTeff9Ynjq/ 7D1BirJWaoLnAz20ejD6PbOsc5V3uzcXtAVeQeEU0HGengbjmsNR1bSTNvm/WteY k4DfxwXDo2M5oH6d7rfu1+j6nLfHGPT/2jpxFPN6QVZ+dcFsFtQEopwdxuDSo2o6 APK5+JVb1RXKP+vT+w1oLWOXovhYd5IvAnGpTfMrAy9X -----END CERTIFICATE-----Generated at Thu Nov 27 04:20:02 2025 by rpki-client