This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json) Hash identifier: cmgJVU/MjFSBymJM0Ectfwa5ys2ftHwD8VSnNPOj62A= Subject key identifier: 93:27:3B:04:63:0A:AF:F4:7D:DF:2B:18:C0:4E:88:4B:0C:A4:58:A9 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6313A6EE9A44D56D00DEC69E3383301197A30561 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa Signing time: Sat 15 Nov 2025 06:40:06 +0000 ROA not before: Sat 15 Nov 2025 06:40:06 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.244.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 01 Dec 2025 01:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:13:a6:ee:9a:44:d5:6d:00:de:c6:9e:33:83:30:11:97:a3:05:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:06 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b628f8d51d7c2d029ca3570106e83671adcb046f8d9e335cdf6ae7605ab975d4, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:e1:6f:01:93:f7:ec:ba:71:4d:ef:44:b4:f4: 0b:a1:a1:49:f9:9d:7d:84:26:c5:59:c7:f2:b2:82: 28:63:52:9c:60:37:7c:78:1c:89:e6:39:12:94:9c: d6:f4:a7:45:d1:36:bd:c5:41:86:45:7a:d6:df:7a: b6:ef:7c:71:71:41:b8:9e:17:27:31:7f:b4:1c:99: 1e:9c:e9:54:05:7b:01:22:ca:cb:2d:00:b2:eb:be: 1d:0a:cc:bd:f0:cf:f1:8e:d2:13:d0:c5:d9:d3:13: 6d:e4:9e:a3:33:33:89:cd:6f:bf:7e:28:88:b6:63: 85:b4:c8:70:24:df:7b:ed:92:5e:22:1a:da:39:29: b0:c3:6e:7b:9e:6d:5b:15:d4:72:81:ae:ae:2a:3b: c4:ad:c5:1c:ab:ec:00:57:4b:57:ae:20:33:24:32: 35:93:a3:13:6b:4e:84:83:5f:d9:6c:92:de:9c:e6: 0c:6b:2c:36:8e:94:94:6e:a0:52:c8:55:a0:b5:5e: c8:24:b7:19:eb:e7:cb:b0:ca:f3:90:91:dd:05:ce: ef:54:7b:80:c1:08:dc:38:d3:69:5b:3d:5b:f4:b7: d1:35:03:ef:73:76:89:f6:e4:c1:96:3a:d4:d2:19: e3:2e:6d:70:ac:ab:66:16:4c:b7:34:51:85:49:cb: 41:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:27:3B:04:63:0A:AF:F4:7D:DF:2B:18:C0:4E:88:4B:0C:A4:58:A9 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.244.0.0/16 Signature Algorithm: sha256WithRSAEncryption c9:1d:7e:21:ab:b6:69:e7:cf:b4:61:13:f4:00:c1:c1:51:12: 39:3b:72:51:bf:70:7f:4a:d6:a1:ed:31:21:d1:59:10:20:c9: 7b:34:de:49:e9:a9:7a:f4:29:79:db:91:d2:45:01:90:c0:02: d2:8e:bb:cf:7f:55:b9:ef:66:4d:29:8c:01:a9:d5:bd:d5:5b: a1:bb:eb:a5:58:e4:a3:bb:fd:52:b4:c7:dd:0d:10:5a:ad:e5: e5:b1:09:c7:df:ec:8f:3e:24:78:f2:04:a0:b3:80:87:16:e0: e9:bd:07:33:8f:46:f2:f3:81:16:43:89:6a:8b:3d:ae:86:92: 09:f1:fd:cf:1e:8d:36:95:3b:3f:d1:4c:91:fe:66:a8:a5:73: 64:01:de:19:cf:20:61:61:dc:d0:2a:ab:f6:83:8f:8d:96:e3: 2c:0b:9e:ca:d5:80:55:7e:17:89:10:76:7a:54:ae:e9:c6:41: ff:6b:c0:7a:7c:2d:b9:14:04:82:bc:09:56:47:31:f2:f8:26: a8:54:83:85:29:2d:c6:8d:75:7e:c1:d8:74:94:85:e8:f1:11: e6:4a:97:be:ba:ba:75:dd:9e:72:60:6f:70:85:24:ac:30:22: cd:0d:d5:ce:15:c8:9c:f2:01:44:27:ec:d9:00:4d:c1:2e:9f: 27:51:d0:69 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUYxOm7ppE1W0A3saeM4MwEZejBWEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGI2MjhmOGQ1MWQ3YzJkMDI5Y2EzNTcwMTA2ZTgzNjcxYWRjYjA0NmY4ZDll MzM1Y2RmNmFlNzYwNWFiOTc1ZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKDhbwGT9+y6cU3vRLT0C6GhSfmdfYQmxVnH8rKCKGNSnGA3fHgcieY5EpSc 1vSnRdE2vcVBhkV61t96tu98cXFBuJ4XJzF/tByZHpzpVAV7ASLKyy0Asuu+HQrM vfDP8Y7SE9DF2dMTbeSeozMzic1vv34oiLZjhbTIcCTfe+2SXiIa2jkpsMNue55t WxXUcoGurio7xK3FHKvsAFdLV64gMyQyNZOjE2tOhINf2WyS3pzmDGssNo6UlG6g UshVoLVeyCS3Gevny7DK85CR3QXO71R7gMEI3DjTaVs9W/S30TUD73N2ifbkwZY6 1NIZ4y5tcKyrZhZMtzRRhUnLQXsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTJzsE Ywqv9H3fKxjATohLDKRYqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G CSqGSIb3DQEBCwUAA4IBAQDJHX4hq7Zp58+0YRP0AMHBURI5O3JRv3B/Stah7TEh 0VkQIMl7NN5J6al69Cl525HSRQGQwALSjrvPf1W572ZNKYwBqdW91Vuhu+ulWOSj u/1StMfdDRBareXlsQnH3+yPPiR48gSgs4CHFuDpvQczj0by84EWQ4lqiz2uhpIJ 8f3PHo02lTs/0UyR/maopXNkAd4ZzyBhYdzQKqv2g4+NluMsC57K1YBVfheJEHZ6 VK7pxkH/a8B6fC25FASCvAlWRzHy+CaoVIOFKS3GjXV+wdh0lIXo8RHmSpe+urp1 3Z5yYG9whSSsMCLNDdXOFcic8gFEJ+zZAE3BLp8nUdBp -----END CERTIFICATE-----Generated at Sun Nov 30 07:40:53 2025 by rpki-client