This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json) Hash identifier: RVvwVbaopylUpybYGw4S3bP6ROv8NHhEAAlbBOV+yy0= Subject key identifier: 7C:B6:60:8A:CB:27:65:58:68:8B:3B:B1:98:86:68:94:53:25:06:60 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7E3D553AE1A980B4CCFAAB5A4EDD82F708206260 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa Signing time: Sat 15 Nov 2025 06:40:08 +0000 ROA not before: Sat 15 Nov 2025 06:40:08 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.69.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 20 Nov 2025 07:56:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:3d:55:3a:e1:a9:80:b4:cc:fa:ab:5a:4e:dd:82:f7:08:20:62:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:08 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6d6685ce4d0e581f9bbd59c00b425272a6084214a978c5433d977628b6284001, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:81:a8:a0:a8:49:43:2d:46:2b:28:aa:93:5d: 84:b6:62:55:53:a5:92:7d:05:10:84:fa:66:eb:f7: f4:c0:5c:ad:89:6e:87:b2:34:a9:9b:d4:ae:71:c6: b3:fb:ff:8b:b5:55:f2:33:ea:5d:49:7d:9a:53:c9: 12:1d:c0:72:22:cb:eb:0b:31:61:d6:91:a7:4e:41: 2c:d4:9c:76:bb:b6:14:4a:a8:31:99:61:5c:93:a0: b8:24:ec:ef:d0:f4:4b:8b:bd:60:c0:90:f3:0f:42: 82:42:bb:90:1d:93:3d:09:83:fc:09:85:f5:ad:74: f8:be:f9:e2:3f:92:59:fe:45:d8:5a:2c:af:59:c0: a9:7c:ed:a1:08:16:0d:23:30:01:bd:be:8f:c1:9f: 73:06:65:f1:db:97:71:49:cf:ec:94:9d:07:cc:a1: ef:41:15:0a:3b:db:13:4c:8e:06:56:bb:d2:a0:68: 3c:bd:7f:19:f3:ac:5b:c1:38:13:ab:2e:4a:15:ad: 35:7f:1d:f5:8b:31:76:65:64:30:92:4e:c4:f2:b9: 08:f9:b0:cb:1f:52:6b:08:09:f1:ad:b9:e8:ea:c1: 64:25:50:13:80:7c:af:77:bb:72:41:89:6d:1f:89: b4:e0:ce:71:22:b7:f1:b2:37:50:40:60:95:17:f1: 52:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:B6:60:8A:CB:27:65:58:68:8B:3B:B1:98:86:68:94:53:25:06:60 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.69.0.0/16 Signature Algorithm: sha256WithRSAEncryption 8d:64:15:4d:ad:81:4d:6b:29:ee:63:cd:e5:e9:8f:7d:76:9b: ef:da:6f:fb:bd:dd:aa:1f:0a:07:1e:25:6e:12:8e:31:94:89: 50:73:0b:d9:66:af:76:62:cb:3d:9a:c8:b8:e1:ad:d7:e2:f7: 1e:62:48:e2:86:10:28:e0:8d:4e:df:4c:c7:e5:b3:c0:e4:4b: 5b:da:62:5e:ca:b2:1a:73:1b:d7:19:09:90:ad:00:04:96:91: cf:c2:70:45:72:11:d3:16:83:5b:eb:b1:66:b9:9e:cc:7a:b0: f5:d5:8e:0d:5c:46:22:2f:22:bd:80:da:8e:15:01:d3:94:45: 7a:02:e3:4e:c1:55:fb:3b:1a:da:f6:68:68:12:f3:a2:5f:73: 80:97:4b:9c:95:e2:3c:0f:18:56:fc:f5:f0:da:bd:ab:6a:d8: 26:94:d7:af:b9:33:26:e7:3f:61:42:f4:92:9b:34:71:4d:b0: ae:6a:b9:44:b4:9e:e4:83:1c:04:eb:e5:f6:56:e8:56:d9:0d: 70:c5:57:78:da:92:e0:59:96:e9:c8:5c:0b:e0:46:22:68:4e: a5:d4:e0:fc:12:96:9d:0d:d6:85:80:32:ec:32:32:02:d4:62: 21:e7:94:66:47:57:46:2e:ab:b6:b1:6a:cd:6d:94:73:a6:46: 1f:05:e4:b3 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUfj1VOuGpgLTM+qtaTt2C9wggYmAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMDhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDZkNjY4NWNlNGQwZTU4MWY5YmJkNTljMDBiNDI1MjcyYTYwODQyMTRhOTc4 YzU0MzNkOTc3NjI4YjYyODQwMDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuBqKCoSUMtRisoqpNdhLZiVVOlkn0FEIT6Zuv39MBcrYluh7I0qZvUrnHG s/v/i7VV8jPqXUl9mlPJEh3AciLL6wsxYdaRp05BLNScdru2FEqoMZlhXJOguCTs 79D0S4u9YMCQ8w9CgkK7kB2TPQmD/AmF9a10+L754j+SWf5F2Fosr1nAqXztoQgW DSMwAb2+j8GfcwZl8duXcUnP7JSdB8yh70EVCjvbE0yOBla70qBoPL1/GfOsW8E4 E6suShWtNX8d9YsxdmVkMJJOxPK5CPmwyx9SawgJ8a256OrBZCVQE4B8r3e7ckGJ bR+JtODOcSK38bI3UEBglRfxUkcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR8tmCK yydlWGiLO7GYhmiUUyUGYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G CSqGSIb3DQEBCwUAA4IBAQCNZBVNrYFNaynuY83l6Y99dpvv2m/7vd2qHwoHHiVu Eo4xlIlQcwvZZq92Yss9msi44a3X4vceYkjihhAo4I1O30zH5bPA5Etb2mJeyrIa cxvXGQmQrQAElpHPwnBFchHTFoNb67FmuZ7MerD11Y4NXEYiLyK9gNqOFQHTlEV6 AuNOwVX7Oxra9mhoEvOiX3OAl0ucleI8DxhW/PXw2r2ratgmlNevuTMm5z9hQvSS mzRxTbCuarlEtJ7kgxwE6+X2VuhW2Q1wxVd42pLgWZbpyFwL4EYiaE6l1OD8Epad DdaFgDLsMjIC1GIh55RmR1dGLqu2sWrNbZRzpkYfBeSz -----END CERTIFICATE-----Generated at Wed Nov 19 10:25:48 2025 by rpki-client