This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa File: 620d46e8-bb13-40cd-8918-677590eaf682.roa (raw, json) Hash identifier: Wypgclv3qF0cG8A0VmPRQ4eWbBBryJzAA4FS98ql3qA= Subject key identifier: 03:7E:9C:A1:21:AB:9D:A3:84:6E:6C:6D:59:C8:1C:51:31:F8:03:29 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 49362DCFBDBBD647299FF9F58AD43F54B2508F43 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa Signing time: Sat 15 Nov 2025 06:50:21 +0000 ROA not before: Sat 15 Nov 2025 06:50:21 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 51.226.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:36:2d:cf:bd:bb:d6:47:29:9f:f9:f5:8a:d4:3f:54:b2:50:8f:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:21 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=d25d348ddf9326f0e621f0c0bd43cf5b3e0c2ce4685161d861ca90fc53511550, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:c3:72:ce:8c:bb:12:0a:d7:a9:e7:78:5d:03: da:82:4e:bd:9a:eb:5a:7a:3c:5b:d0:b9:6d:08:79: 9e:41:0d:22:a1:10:8a:4c:98:c3:ae:19:c7:9d:e8: fb:cf:11:c0:5f:2e:73:12:27:91:82:b6:c1:cb:a9: 0f:e7:63:a2:b0:54:ef:7c:5d:f1:f2:29:95:d4:d7: 47:9a:b8:31:f9:84:74:8c:2a:97:0e:ab:0d:5e:43: bb:c3:76:15:75:23:e1:b3:d1:8a:50:7b:f3:14:ab: d6:94:e3:05:d5:be:fa:55:ee:38:23:a8:c1:8a:66: a5:03:c3:17:b0:75:79:0f:de:b7:f5:c1:12:32:c2: 35:63:be:a5:35:cb:27:dc:9d:ca:3b:e1:e1:da:19: 31:4f:67:53:cb:c3:de:ff:71:a8:f2:76:c4:b1:cd: a9:e5:07:6d:5d:c7:b0:bb:60:00:0a:08:f0:b1:e7: 78:17:aa:ea:58:49:c1:1f:bf:9e:0a:c8:13:a9:8b: 44:28:73:7e:50:31:ad:18:4f:54:3e:02:7d:26:ca: 90:26:aa:bc:20:61:f4:3f:d1:b1:72:7b:b8:16:0e: 4a:72:1d:57:d2:74:3f:a1:b4:8c:f6:6e:48:99:8b: 14:ca:be:52:6f:80:80:ae:ab:c9:46:23:c2:64:dc: 3f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:7E:9C:A1:21:AB:9D:A3:84:6E:6C:6D:59:C8:1C:51:31:F8:03:29 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.226.0.0/15 Signature Algorithm: sha256WithRSAEncryption 3a:79:aa:e1:13:ff:ea:86:a0:94:65:75:9c:c8:00:67:77:4a: c3:3e:4e:7a:ac:c4:38:9e:a7:ea:57:22:b0:9b:03:24:a9:6f: c2:fa:a9:45:de:03:a4:e3:c0:3e:05:27:7c:8f:ca:2b:06:a0: cb:c6:f8:fe:99:19:4f:3c:97:85:8a:59:ec:69:da:5b:b3:01: 89:10:53:0c:71:47:e9:5a:2e:05:3f:72:ab:f8:93:71:f8:11: e7:11:a0:5e:84:cb:21:34:c4:cd:6f:4f:5b:69:75:13:10:e3: 9c:7a:37:e7:cc:60:72:a3:d9:a8:a6:f5:9d:44:30:4e:fe:80: d5:e6:af:60:34:bd:b4:fb:57:d0:6d:2b:3e:83:a3:5c:eb:1a: 48:0a:d4:12:1f:08:54:34:8b:c3:3d:7e:75:39:a2:42:bb:17: 71:e6:d3:46:0b:2e:11:b8:fc:1c:87:00:f7:54:e4:fb:89:f3: 25:70:44:ce:4e:16:3f:d2:12:1b:03:1b:9e:03:0a:23:92:19: 80:84:61:ff:eb:c5:eb:f8:c1:6f:08:a1:ae:c8:22:02:3b:ca: 27:71:b6:69:85:36:33:8a:bc:03:35:02:9b:4d:ea:83:c1:05: bc:8a:8a:a8:b4:a6:6c:09:96:ed:04:09:c6:23:72:d3:91:16: 6d:f3:be:19 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUSTYtz7271kcpn/n1itQ/VLJQj0MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMjFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGQyNWQzNDhkZGY5MzI2ZjBlNjIxZjBjMGJkNDNjZjViM2UwYzJjZTQ2ODUx NjFkODYxY2E5MGZjNTM1MTE1NTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ/Dcs6MuxIK16nneF0D2oJOvZrrWno8W9C5bQh5nkENIqEQikyYw64Zx53o +88RwF8ucxInkYK2wcupD+djorBU73xd8fIpldTXR5q4MfmEdIwqlw6rDV5Du8N2 FXUj4bPRilB78xSr1pTjBdW++lXuOCOowYpmpQPDF7B1eQ/et/XBEjLCNWO+pTXL J9ydyjvh4doZMU9nU8vD3v9xqPJ2xLHNqeUHbV3HsLtgAAoI8LHneBeq6lhJwR+/ ngrIE6mLRChzflAxrRhPVD4CfSbKkCaqvCBh9D/RsXJ7uBYOSnIdV9J0P6G0jPZu SJmLFMq+Um+AgK6ryUYjwmTcP3cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQDfpyh Iaudo4RubG1ZyBxRMfgDKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NjIwZDQ2ZTgtYmIxMy00MGNkLTg5MTgtNjc3NTkwZWFmNjgyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G CSqGSIb3DQEBCwUAA4IBAQA6earhE//qhqCUZXWcyABnd0rDPk56rMQ4nqfqVyKw mwMkqW/C+qlF3gOk48A+BSd8j8orBqDLxvj+mRlPPJeFilnsadpbswGJEFMMcUfp Wi4FP3Kr+JNx+BHnEaBehMshNMTNb09baXUTEOOcejfnzGByo9mopvWdRDBO/oDV 5q9gNL20+1fQbSs+g6Nc6xpICtQSHwhUNIvDPX51OaJCuxdx5tNGCy4RuPwchwD3 VOT7ifMlcETOThY/0hIbAxueAwojkhmAhGH/68Xr+MFvCKGuyCICO8oncbZphTYz irwDNQKbTeqDwQW8ioqotKZsCZbtBAnGI3LTkRZt874Z -----END CERTIFICATE-----Generated at Sat Nov 22 21:37:45 2025 by rpki-client