This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json) Hash identifier: ItQXl1VRH9/ctmTBK04o2AhmpcL5l1z1TpvssqmyQLQ= Subject key identifier: F9:AE:36:65:EA:33:22:F4:68:82:4A:26:DD:FF:A7:F3:F8:F4:F5:75 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1C4D1C0C92BF3AA7142949AC79EB179F32DC05E7 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa Signing time: Sat 15 Nov 2025 06:50:43 +0000 ROA not before: Sat 15 Nov 2025 06:50:43 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.32.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:4d:1c:0c:92:bf:3a:a7:14:29:49:ac:79:eb:17:9f:32:dc:05:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:43 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9cfde6bc736cc06c92abde958e201cff7443586e6c8a0784e7e3a7c98d62db67, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:41:0e:10:49:1b:83:a9:ae:37:c8:e1:98:04: bc:e6:79:b8:be:76:53:e4:6a:39:de:59:59:c5:b9: 65:ca:66:fb:a2:d5:53:9b:cf:fd:dc:12:47:ba:6c: eb:07:88:7f:ab:28:7d:1c:27:82:2a:59:6c:c1:38: 07:39:85:aa:ab:3a:57:51:78:1a:5e:df:4b:71:a5: 2d:c1:11:ca:5c:dd:83:c1:f8:b0:39:43:bf:62:f1: 33:ac:14:0c:5d:27:1f:61:ad:e6:dc:4d:03:ad:12: f5:b9:9c:b6:83:00:de:4c:3a:9c:57:11:df:14:c1: c1:3e:ea:33:00:9f:10:c5:96:24:2b:2f:f5:89:91: 41:83:de:01:89:98:6f:b8:24:3b:81:ce:ea:23:10: 48:55:54:c9:c4:31:c2:fc:a1:c6:6d:01:c0:f4:af: bd:e1:e1:76:cb:2f:6f:bc:fc:c5:7f:8a:4d:7b:5a: 61:10:0c:2b:4f:e5:d4:11:33:98:d1:eb:ea:23:69: c4:f2:b2:3d:e5:7f:89:a5:98:7c:56:95:37:8b:fc: 95:51:af:b5:4a:1a:f7:64:43:6c:ba:73:a5:90:33: 0e:af:94:20:e1:a0:ca:ed:e5:2d:3b:02:e1:b4:23: 0a:ad:74:48:6a:51:85:13:ac:ac:5c:07:c4:2e:39: 1f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:AE:36:65:EA:33:22:F4:68:82:4A:26:DD:FF:A7:F3:F8:F4:F5:75 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.32.0.0/16 Signature Algorithm: sha256WithRSAEncryption 99:0b:6e:1d:49:e1:f6:07:7e:18:77:a8:56:41:d3:3c:4c:97: 37:55:25:70:67:8a:1b:6f:6c:1c:ae:46:4f:0a:1f:59:56:5c: 4a:d8:31:07:39:4f:9b:29:0c:51:54:f1:5e:cf:7b:96:a4:16: 15:ba:5c:91:ef:6e:f0:42:aa:cc:19:59:f4:d7:5e:fd:5b:38: d6:9d:f3:8e:3b:21:c5:c4:50:c6:ae:bb:d8:d5:35:e7:50:49: c4:de:38:be:9c:2c:d4:3d:16:9d:c8:2d:2b:34:3d:80:46:74: 80:d3:4f:8f:e2:ce:53:a3:bc:b7:c2:5b:57:42:98:6e:ab:f8: 68:b0:62:07:45:ae:7b:83:87:e2:7e:0a:c1:81:d9:ae:8c:a6: 3e:88:bb:0a:5d:c6:4b:34:69:71:27:78:fe:83:34:5f:3e:43: 25:01:c1:9b:0d:d5:2a:84:88:b9:79:92:19:ce:78:b3:65:0d: c2:ff:34:96:f8:e0:a7:95:b6:0d:fd:88:ac:3a:a0:e3:60:8f: 5d:7d:43:fc:2c:9a:78:c3:18:29:2d:89:5d:5c:1d:fe:2f:d4: cf:3d:65:89:44:5e:a3:4f:45:1b:69:11:90:6c:2b:8d:f5:8e: 23:9b:bc:2a:5d:c3:0d:ef:2a:10:68:bd:f9:ee:e6:0f:c5:a9: 45:49:27:9f -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUHE0cDJK/OqcUKUmseesXnzLcBecwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDljZmRlNmJjNzM2Y2MwNmM5MmFiZGU5NThlMjAxY2ZmNzQ0MzU4NmU2Yzhh MDc4NGU3ZTNhN2M5OGQ2MmRiNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKFBDhBJG4OprjfI4ZgEvOZ5uL52U+RqOd5ZWcW5Zcpm+6LVU5vP/dwSR7ps 6weIf6sofRwngipZbME4BzmFqqs6V1F4Gl7fS3GlLcERylzdg8H4sDlDv2LxM6wU DF0nH2Gt5txNA60S9bmctoMA3kw6nFcR3xTBwT7qMwCfEMWWJCsv9YmRQYPeAYmY b7gkO4HO6iMQSFVUycQxwvyhxm0BwPSvveHhdssvb7z8xX+KTXtaYRAMK0/l1BEz mNHr6iNpxPKyPeV/iaWYfFaVN4v8lVGvtUoa92RDbLpzpZAzDq+UIOGgyu3lLTsC 4bQjCq10SGpRhROsrFwHxC45H3UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT5rjZl 6jMi9GiCSibd/6fz+PT1dTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G CSqGSIb3DQEBCwUAA4IBAQCZC24dSeH2B34Yd6hWQdM8TJc3VSVwZ4obb2wcrkZP Ch9ZVlxK2DEHOU+bKQxRVPFez3uWpBYVulyR727wQqrMGVn01179WzjWnfOOOyHF xFDGrrvY1TXnUEnE3ji+nCzUPRadyC0rND2ARnSA00+P4s5To7y3wltXQphuq/ho sGIHRa57g4fifgrBgdmujKY+iLsKXcZLNGlxJ3j+gzRfPkMlAcGbDdUqhIi5eZIZ znizZQ3C/zSW+OCnlbYN/YisOqDjYI9dfUP8LJp4wxgpLYldXB3+L9TPPWWJRF6j T0UbaRGQbCuN9Y4jm7wqXcMN7yoQaL357uYPxalFSSef -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:33 2025 by rpki-client