This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json) Hash identifier: uI2cWjrO4koNDb0yMmXDwclkpd8VVke4vHBH0Gczxuo= Subject key identifier: F3:80:FB:76:E0:74:7D:B7:B2:55:6B:7A:E1:EE:89:B9:F0:7E:44:9B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6DF906EA0479D36208EC79154FD1972991FABEAB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa Signing time: Sat 15 Nov 2025 06:50:11 +0000 ROA not before: Sat 15 Nov 2025 06:50:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.60.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 22 Nov 2025 16:39:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:f9:06:ea:04:79:d3:62:08:ec:79:15:4f:d1:97:29:91:fa:be:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=108b1130a5be09ab90c8f1983610b3eaa049e226f18edac4d294844717bed29c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ca:e0:a1:b4:f5:1a:0e:8a:75:99:44:d9:37: a0:ba:92:04:f4:06:64:08:4a:22:34:d9:f8:62:03: e3:65:aa:f9:1a:a8:b7:0e:5b:1b:5c:8d:51:d4:14: e9:ac:3c:c1:2f:34:45:a8:4e:14:ea:45:f3:d2:d6: 60:14:47:3c:30:7e:ce:f3:8f:ed:de:5c:84:d4:23: 5b:18:c1:58:7f:86:89:a0:0c:4a:51:5c:96:a7:22: 5a:14:f4:f2:3c:97:a4:b1:a4:1a:34:3e:7f:77:ae: 92:50:a2:4b:09:4d:e0:27:d2:3b:f5:6d:2d:46:1b: 08:dc:91:59:95:7d:6d:3d:c7:75:7d:4e:c3:37:b6: 94:02:f7:cf:23:d7:f2:00:5e:99:58:f0:be:7a:c9: d6:2a:d7:66:64:08:e3:0b:f8:11:94:f1:20:f0:72: 90:d1:5f:28:ab:fb:d0:83:44:3c:d0:5d:35:9d:1a: 28:69:aa:cd:c1:1d:41:d7:96:d9:38:97:43:fb:dc: 45:21:9c:1c:ae:ee:93:dd:b5:81:c9:2e:c1:40:9c: b4:69:ee:b1:92:21:34:86:05:b4:ce:7a:58:ad:94: 3c:79:3b:62:5d:c6:94:7f:d5:6d:0d:f0:56:a7:f4: f3:6e:8b:8c:58:3a:b5:c8:98:e4:53:7b:63:9a:6d: 0a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:80:FB:76:E0:74:7D:B7:B2:55:6B:7A:E1:EE:89:B9:F0:7E:44:9B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.60.0.0/16 Signature Algorithm: sha256WithRSAEncryption 41:d0:1c:74:c2:0b:29:c8:13:03:39:38:ff:c0:51:50:e8:f5: 3e:8f:67:4e:71:fa:1e:45:98:92:fc:48:33:36:0b:38:b9:01: dc:a8:c6:94:1b:87:8e:ee:91:27:4e:ef:ad:c1:41:f1:f7:7f: cc:0d:b7:78:a6:dd:bf:5e:f6:0d:d2:23:8e:8d:9b:6f:36:e7: e4:de:c2:b6:ba:00:33:fc:5f:b7:83:29:ad:1a:d9:e0:84:54: 49:cd:5a:1d:17:f9:01:af:03:06:6f:08:79:d2:da:a5:9a:22: 78:d3:46:f3:a4:52:55:20:54:d9:22:f8:5e:dc:3d:d7:29:e6: 60:f7:c0:bd:5c:de:13:90:68:72:9c:b2:ef:ba:13:61:f9:2a: 95:b8:6b:d7:c8:e3:43:53:7d:26:5c:67:c4:92:dd:91:f0:a0: 62:56:fc:51:fc:a9:dc:ba:75:ea:a5:ff:40:44:07:ce:bb:83: f6:b1:a6:51:cb:c3:a2:1a:8f:7c:e3:23:3d:01:f9:ad:30:8f: 0c:fc:c5:72:81:c6:f6:9f:78:3a:91:fb:51:98:2a:3a:c4:0c: 11:ab:5b:20:f1:18:37:35:bf:ad:3a:c4:2e:52:26:a8:86:0e: 28:63:ee:f2:b4:37:78:ae:15:77:26:e3:b8:b7:5f:00:92:67: 71:f1:95:19 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUbfkG6gR502II7HkVT9GXKZH6vqswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDEwOGIxMTMwYTViZTA5YWI5MGM4ZjE5ODM2MTBiM2VhYTA0OWUyMjZmMThl ZGFjNGQyOTQ4NDQ3MTdiZWQyOWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfK4KG09RoOinWZRNk3oLqSBPQGZAhKIjTZ+GID42Wq+Rqotw5bG1yNUdQU 6aw8wS80RahOFOpF89LWYBRHPDB+zvOP7d5chNQjWxjBWH+GiaAMSlFclqciWhT0 8jyXpLGkGjQ+f3euklCiSwlN4CfSO/VtLUYbCNyRWZV9bT3HdX1Owze2lAL3zyPX 8gBemVjwvnrJ1irXZmQI4wv4EZTxIPBykNFfKKv70INEPNBdNZ0aKGmqzcEdQdeW 2TiXQ/vcRSGcHK7uk921gckuwUCctGnusZIhNIYFtM56WK2UPHk7Yl3GlH/VbQ3w Vqf0826LjFg6tciY5FN7Y5ptClkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTzgPt2 4HR9t7JVa3rh7om58H5EmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G CSqGSIb3DQEBCwUAA4IBAQBB0Bx0wgspyBMDOTj/wFFQ6PU+j2dOcfoeRZiS/Egz Ngs4uQHcqMaUG4eO7pEnTu+twUHx93/MDbd4pt2/XvYN0iOOjZtvNufk3sK2ugAz /F+3gymtGtnghFRJzVodF/kBrwMGbwh50tqlmiJ400bzpFJVIFTZIvhe3D3XKeZg 98C9XN4TkGhynLLvuhNh+SqVuGvXyONDU30mXGfEkt2R8KBiVvxR/KncunXqpf9A RAfOu4P2saZRy8OiGo984yM9AfmtMI8M/MVygcb2n3g6kftRmCo6xAwRq1sg8Rg3 Nb+tOsQuUiaohg4oY+7ytDd4rhV3JuO4t18Akmdx8ZUZ -----END CERTIFICATE-----Generated at Fri Nov 21 22:53:02 2025 by rpki-client