This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa File: f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa (raw, json) Hash identifier: jax2UNXUzPl4zyhQpq19phOVmHJxae02fvo+x233liQ= Subject key identifier: 72:E3:E9:F7:23:FD:CC:C7:5C:05:1C:F6:81:66:85:C3:2C:C0:65:27 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 594E8ED0849833BDCF3D8858D4E4A247C187FE1E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa Signing time: Tue 18 Nov 2025 00:40:08 +0000 ROA not before: Tue 18 Nov 2025 00:40:08 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.46.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 02:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:4e:8e:d0:84:98:33:bd:cf:3d:88:58:d4:e4:a2:47:c1:87:fe:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:08 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=17ed06b186d3c2609e284ccfc7670f5531f1a24e1595447d7ede51f745755c10, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:51:90:77:dd:1c:c7:f0:12:47:b6:df:6b:0a: 66:5b:47:31:03:ca:7b:26:f1:4a:2a:a2:72:83:51: 38:1e:72:b0:39:a4:52:8f:83:04:a2:70:b9:f3:4a: 13:42:0d:11:75:40:0f:6c:79:e0:1c:78:b6:dc:b0: 1f:47:96:c2:56:b2:1f:f1:2c:c0:aa:c0:fc:d6:01: 8e:64:68:85:ae:8c:f3:63:74:fb:dd:57:a2:96:3d: 68:85:39:39:42:c7:dc:56:27:95:7a:5d:6a:71:bd: 6c:e4:90:1d:41:2e:cb:6b:c9:cf:bf:2f:8b:27:9e: 51:70:9f:cb:55:5d:ef:b2:9a:2b:f8:8b:56:1b:24: 83:a8:9e:4e:84:82:15:b0:9a:37:ee:bf:bd:b3:7d: f9:6b:5e:ed:2c:f8:00:a6:cf:26:bf:4e:f9:f1:4f: 61:11:82:7d:55:d1:49:df:2d:63:b8:44:c7:7e:13: e8:81:5d:60:88:ed:b9:5e:38:7a:8a:72:57:6e:bb: ce:5c:90:a2:cc:d9:49:6e:24:53:70:6a:72:fe:89: 95:f1:17:9c:09:6d:eb:f7:62:38:da:d2:73:cb:dd: a4:b9:9d:3a:18:72:73:1f:b8:b3:95:20:cc:dc:03: fc:ac:99:ff:cd:d4:a9:5b:da:51:3d:4c:b2:a3:5e: d3:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:E3:E9:F7:23:FD:CC:C7:5C:05:1C:F6:81:66:85:C3:2C:C0:65:27 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.46.0.0/15 Signature Algorithm: sha256WithRSAEncryption 9a:33:fd:b0:f4:1f:fb:51:c3:49:88:4a:74:52:08:54:7b:24: eb:a7:d0:24:a1:c4:99:8f:0a:a6:0b:78:3d:95:aa:b7:da:30: e8:a6:2f:ac:19:fa:c4:e6:20:fe:b7:cb:5b:10:45:5f:52:bf: 10:a2:63:72:5d:ba:fd:4a:e7:78:ab:1b:7a:fc:56:51:7b:5a: 6d:5e:fe:6c:3b:0f:ff:97:1c:f2:23:c3:80:4a:39:1b:5f:fa: c7:64:6d:88:01:53:c5:1e:43:0d:4a:4e:15:ae:84:01:a8:40: d7:1b:0f:fd:61:cc:5c:8a:f8:29:55:3a:7f:a8:0a:ef:51:38: b3:01:4c:f9:01:fa:e9:43:58:31:f4:94:13:22:82:df:cd:c2: 12:05:0e:ca:e5:b1:6f:bb:df:5d:83:a5:f3:c5:26:80:f8:cc: b3:8b:6e:af:e4:5e:d6:7b:e2:ab:38:10:99:0a:e3:b3:db:a1: 44:f2:2c:c8:84:a0:55:0f:24:01:c4:b5:f6:ad:9f:eb:bf:98: ff:8f:ac:da:d8:b2:e7:50:b8:11:ba:aa:4a:af:36:d5:0f:78: 87:5d:54:fa:9a:42:f7:6c:4c:4d:9d:d0:f2:d9:4c:ea:e2:e3: 07:66:66:1f:65:8c:06:0d:28:d7:74:34:0d:94:9d:fa:da:5a: de:3f:02:61 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUWU6O0ISYM73PPYhY1OSiR8GH/h4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDhaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDE3ZWQwNmIxODZkM2MyNjA5ZTI4NGNjZmM3NjcwZjU1MzFmMWEyNGUxNTk1 NDQ3ZDdlZGU1MWY3NDU3NTVjMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJFRkHfdHMfwEke232sKZltHMQPKeybxSiqicoNROB5ysDmkUo+DBKJwufNK E0INEXVAD2x54Bx4ttywH0eWwlayH/EswKrA/NYBjmRoha6M82N0+91XopY9aIU5 OULH3FYnlXpdanG9bOSQHUEuy2vJz78viyeeUXCfy1Vd77KaK/iLVhskg6ieToSC FbCaN+6/vbN9+Wte7Sz4AKbPJr9O+fFPYRGCfVXRSd8tY7hEx34T6IFdYIjtuV44 eopyV267zlyQoszZSW4kU3Bqcv6JlfEXnAlt6/diONrSc8vdpLmdOhhycx+4s5Ug zNwD/KyZ/83UqVvaUT1MsqNe00ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRy4+n3 I/3Mx1wFHPaBZoXDLMBlJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZjU1NzZjYTYtYTFhZS00YTQ2LWI2ZWQtMDRhNDhlZmMxOWM3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G CSqGSIb3DQEBCwUAA4IBAQCaM/2w9B/7UcNJiEp0UghUeyTrp9AkocSZjwqmC3g9 laq32jDopi+sGfrE5iD+t8tbEEVfUr8QomNyXbr9Sud4qxt6/FZRe1ptXv5sOw// lxzyI8OASjkbX/rHZG2IAVPFHkMNSk4VroQBqEDXGw/9YcxcivgpVTp/qArvUTiz AUz5AfrpQ1gx9JQTIoLfzcISBQ7K5bFvu99dg6XzxSaA+Myzi26v5F7We+KrOBCZ CuOz26FE8izIhKBVDyQBxLX2rZ/rv5j/j6za2LLnULgRuqpKrzbVD3iHXVT6mkL3 bExNndDy2Uzq4uMHZmYfZYwGDSjXdDQNlJ362lrePwJh -----END CERTIFICATE-----Generated at Thu Nov 27 04:16:08 2025 by rpki-client