This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json) Hash identifier: DgpTUM5jclk6kyiDmmTlNnuUqo5j5ix7RU39XFE/6yc= Subject key identifier: CB:F0:E9:34:61:E3:19:EB:C8:9E:FE:AC:4F:8D:C3:C5:21:17:16:78 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 170F643796783DF09F7F05A27F61F7DDCF75F111 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa Signing time: Thu 11 Dec 2025 01:00:23 +0000 ROA not before: Thu 11 Dec 2025 01:00:23 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a01:578::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:0f:64:37:96:78:3d:f0:9f:7f:05:a2:7f:61:f7:dd:cf:75:f1:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:23 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=07c68d9750f63da9ab4f5a28a7c12760ef24cf29f61b329cce985f3e13b2e71d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:4b:d5:99:63:ec:e8:32:81:82:d3:26:ec:be: 04:20:da:17:17:21:10:be:ba:53:c4:98:0e:6e:74: 35:37:8c:0a:fe:98:fa:f3:5c:e8:46:ed:6a:eb:98: 35:75:32:e6:7b:8c:38:90:4b:54:a9:48:eb:6e:9e: ca:bc:36:3d:44:cb:4c:85:ca:a2:62:c9:c2:4a:e7: 6c:84:47:a0:1b:79:ac:4f:0a:a9:5e:71:a0:45:b4: 0f:71:e8:b4:da:ef:37:ec:25:cd:df:b1:99:c9:84: 17:c1:ae:65:96:61:b0:8c:04:8d:94:7d:60:14:9a: b9:4a:2b:49:ef:18:b9:44:7d:98:31:ef:fe:97:c4: 03:b1:74:98:7d:bf:93:26:d2:83:01:63:59:ba:c0: ee:de:5b:99:38:ab:74:bd:b6:e7:cd:4e:ee:af:9e: f2:f3:c5:98:45:23:a0:4b:1a:d8:36:39:eb:41:d7: c4:b4:70:8b:ef:0a:34:a2:8c:af:58:2f:e3:98:55: 24:40:15:e5:51:81:44:03:2c:8d:5d:ca:fd:dc:63: 6d:11:30:a6:b4:f9:59:81:8c:d6:d8:3d:f3:12:70: 09:ee:c2:f5:d5:c6:96:dd:51:be:c3:a9:25:d6:a5: 23:04:27:74:f8:41:f3:71:83:53:c3:ba:5a:97:af: 19:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:F0:E9:34:61:E3:19:EB:C8:9E:FE:AC:4F:8D:C3:C5:21:17:16:78 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:578::/48 Signature Algorithm: sha256WithRSAEncryption d6:17:a6:b8:b4:bc:4c:bb:b4:de:cf:8d:52:f9:8e:fc:4b:94: e5:d4:38:b8:11:ee:e3:fe:dd:7c:f5:5a:ce:01:63:cd:e6:a7: 50:5c:00:a2:a8:57:ab:74:38:8b:a2:b9:ab:f3:db:af:4b:55: ef:9c:c4:e2:6b:3c:79:fc:b1:e8:87:b5:4e:ba:01:9e:1c:48: e4:5b:5a:af:c7:67:5e:a2:bd:a2:b0:a8:74:a6:72:ad:1b:98: 1b:f5:a3:3f:f3:f6:d2:eb:c5:01:82:ea:50:f4:ff:94:3a:39: 23:ec:3a:a9:56:d9:af:ad:47:e2:95:82:e9:5d:91:f8:6e:f2: cf:8e:ef:de:d5:05:a3:ba:a4:da:ff:be:d8:77:c2:8f:b2:1e: 42:ce:f1:2a:ea:3d:d0:d4:1c:21:a8:a3:48:c2:8a:00:63:a5: 86:d0:c7:2c:e8:ee:17:61:a3:c5:c3:e6:8c:f8:b5:55:4d:20: 7f:d8:a9:3d:43:d7:dd:fe:78:2a:5d:2f:39:d8:96:d5:25:28: 7c:04:21:36:51:1f:1b:6c:e0:48:6b:55:3e:10:36:91:76:5c: 05:02:15:82:39:2c:b9:07:0f:1d:76:1a:45:1e:10:5e:12:b4: 2c:c9:7c:b9:41:ba:35:0d:8e:ab:50:0c:65:a4:65:d4:82:33: 68:79:d9:f5 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFw9kN5Z4PfCffwWif2H33c918REwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjNaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDA3YzY4ZDk3NTBmNjNkYTlhYjRmNWEyOGE3YzEyNzYwZWYyNGNmMjlmNjFi MzI5Y2NlOTg1ZjNlMTNiMmU3MWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOFL1Zlj7OgygYLTJuy+BCDaFxchEL66U8SYDm50NTeMCv6Y+vNc6EbtauuY NXUy5nuMOJBLVKlI626eyrw2PUTLTIXKomLJwkrnbIRHoBt5rE8KqV5xoEW0D3Ho tNrvN+wlzd+xmcmEF8GuZZZhsIwEjZR9YBSauUorSe8YuUR9mDHv/pfEA7F0mH2/ kybSgwFjWbrA7t5bmTirdL22581O7q+e8vPFmEUjoEsa2DY560HXxLRwi+8KNKKM r1gv45hVJEAV5VGBRAMsjV3K/dxjbREwprT5WYGM1tg98xJwCe7C9dXGlt1RvsOp JdalIwQndPhB83GDU8O6WpevGf8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTL8Ok0 YeMZ68ie/qxPjcPFIRcWeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA ADANBgkqhkiG9w0BAQsFAAOCAQEA1hemuLS8TLu03s+NUvmO/EuU5dQ4uBHu4/7d fPVazgFjzeanUFwAoqhXq3Q4i6K5q/Pbr0tV75zE4ms8efyx6Ie1TroBnhxI5Fta r8dnXqK9orCodKZyrRuYG/WjP/P20uvFAYLqUPT/lDo5I+w6qVbZr61H4pWC6V2R +G7yz47v3tUFo7qk2v++2HfCj7IeQs7xKuo90NQcIaijSMKKAGOlhtDHLOjuF2Gj xcPmjPi1VU0gf9ipPUPX3f54Kl0vOdiW1SUofAQhNlEfG2zgSGtVPhA2kXZcBQIV gjksuQcPHXYaRR4QXhK0LMl8uUG6NQ2Oq1AMZaRl1IIzaHnZ9Q== -----END CERTIFICATE-----Generated at Mon Dec 15 12:14:05 2025 by rpki-client