This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json) Hash identifier: lovn+qfHgqLxQqqnf2Hh0jKJdEMs9JVi1Xy3GynLm1Y= Subject key identifier: 6C:F0:D9:52:84:E3:D7:23:78:26:B8:A7:7B:DB:1C:CA:7C:9C:1D:F5 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7A27065186DE4531062971196621C0135121E1D6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa Signing time: Wed 10 Dec 2025 06:40:36 +0000 ROA not before: Wed 10 Dec 2025 06:40:36 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.244.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:27:06:51:86:de:45:31:06:29:71:19:66:21:c0:13:51:21:e1:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:36 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=0942c06b3d65e7f26c857eabcdc68da758990166c5bc138c54436ecbdb23a410, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2c:9e:f1:79:fd:00:79:30:56:44:e0:4e:be: c7:22:2c:9f:fe:59:3c:ea:47:c8:57:e4:77:33:06: 7a:4c:22:60:8e:87:3e:6b:a1:0b:66:37:0a:dd:9a: c8:cb:77:16:c5:87:41:55:bb:a2:10:85:1d:35:9a: 9c:32:36:7a:83:ce:dd:5e:45:52:50:fc:b6:a5:89: 94:45:57:76:d0:1b:c5:ab:15:c8:5d:7a:3d:de:be: bf:8f:6f:b6:b0:ac:16:62:f1:43:61:cb:fe:71:e4: a8:4f:76:82:c1:0a:b3:db:fe:9c:b8:eb:92:bb:8d: 5a:34:67:51:b4:0e:3d:59:f1:76:4a:44:d4:61:cc: 02:ef:4e:f7:65:4d:5f:ed:e4:8c:45:bc:f3:fc:8f: 15:f1:c8:50:ff:af:bf:4e:00:d2:8b:67:00:17:3a: a1:3c:8c:e3:36:12:d6:06:81:c4:55:eb:68:1b:63: e6:91:d6:70:5b:f1:d8:60:cc:e2:a6:71:be:84:a2: 9d:0f:69:fc:73:cc:28:c1:e1:5d:4b:44:f4:af:8f: 45:78:29:f4:ee:ac:6f:a9:f7:75:e7:7e:83:76:a8: de:b8:64:9d:04:9d:84:35:2b:93:88:ce:2c:35:4c: 2f:10:58:03:56:f8:f0:3a:72:cb:91:02:4e:9f:07: 0d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:F0:D9:52:84:E3:D7:23:78:26:B8:A7:7B:DB:1C:CA:7C:9C:1D:F5 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.244.0.0/16 Signature Algorithm: sha256WithRSAEncryption c5:ec:bf:b0:5b:76:f5:d4:04:f9:75:c2:5b:93:cb:5e:2d:37: b1:2b:ab:d0:80:57:c0:9f:9c:49:08:0e:d5:10:7e:b6:2b:c8: ca:09:98:8e:8f:44:8f:55:b7:91:9d:52:42:d8:69:42:d2:63: c6:ef:b8:60:e8:02:62:09:19:3f:68:4f:b5:9c:77:e1:2c:73: 41:60:62:fa:79:b0:5c:32:5f:3f:56:d1:5c:ac:2b:1e:24:84: bd:5a:50:b7:24:43:d1:64:15:a9:cb:15:23:c7:6f:f9:9a:a5: 43:4e:b8:99:3d:47:0e:90:17:54:f6:90:be:97:bc:66:a5:39: 57:36:34:4f:c5:4c:35:86:cf:d1:20:95:46:7d:8c:70:ce:60: 32:b3:91:ab:d0:a6:ac:0e:50:aa:b5:82:e9:dd:30:ba:4f:11: d4:38:7a:48:30:dc:36:6f:7b:22:16:1d:df:4a:a3:f3:d6:f9: 13:09:02:65:29:28:65:3a:be:51:72:49:58:cc:90:df:f5:27: 4b:6a:59:02:10:9d:5d:42:58:dc:22:59:e0:53:7c:bc:6c:8b: b2:e1:41:c4:eb:97:64:53:c0:37:ee:e8:92:ed:2a:25:9e:99: 9b:e2:42:55:86:1b:3b:8d:3a:53:63:39:09:cc:3f:5b:8e:c7: 2b:ae:90:f7 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUeicGUYbeRTEGKXEZZiHAE1Eh4dYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMzZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDA5NDJjMDZiM2Q2NWU3ZjI2Yzg1N2VhYmNkYzY4ZGE3NTg5OTAxNjZjNWJj MTM4YzU0NDM2ZWNiZGIyM2E0MTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwsnvF5/QB5MFZE4E6+xyIsn/5ZPOpHyFfkdzMGekwiYI6HPmuhC2Y3Ct2a yMt3FsWHQVW7ohCFHTWanDI2eoPO3V5FUlD8tqWJlEVXdtAbxasVyF16Pd6+v49v trCsFmLxQ2HL/nHkqE92gsEKs9v+nLjrkruNWjRnUbQOPVnxdkpE1GHMAu9O92VN X+3kjEW88/yPFfHIUP+vv04A0otnABc6oTyM4zYS1gaBxFXraBtj5pHWcFvx2GDM 4qZxvoSinQ9p/HPMKMHhXUtE9K+PRXgp9O6sb6n3ded+g3ao3rhknQSdhDUrk4jO LDVMLxBYA1b48Dpyy5ECTp8HDUMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRs8NlS hOPXI3gmuKd72xzKfJwd9TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G CSqGSIb3DQEBCwUAA4IBAQDF7L+wW3b11AT5dcJbk8teLTexK6vQgFfAn5xJCA7V EH62K8jKCZiOj0SPVbeRnVJC2GlC0mPG77hg6AJiCRk/aE+1nHfhLHNBYGL6ebBc Ml8/VtFcrCseJIS9WlC3JEPRZBWpyxUjx2/5mqVDTriZPUcOkBdU9pC+l7xmpTlX NjRPxUw1hs/RIJVGfYxwzmAys5Gr0KasDlCqtYLp3TC6TxHUOHpIMNw2b3siFh3f SqPz1vkTCQJlKShlOr5RcklYzJDf9SdLalkCEJ1dQljcIlngU3y8bIuy4UHE65dk U8A37uiS7Solnpmb4kJVhhs7jTpTYzkJzD9bjscrrpD3 -----END CERTIFICATE-----Generated at Sun Dec 14 10:08:23 2025 by rpki-client