This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json) Hash identifier: sY1ti6ueWDfa0V0kt8e3KPpDn5Ni+HizgIPAjNO+fPs= Subject key identifier: F7:83:9C:EE:7E:0F:0A:D2:36:32:0D:BB:AD:19:72:F6:4B:68:88:56 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2E903ADE5B7602DD060B539EBE37E7C79D375A2A Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa Signing time: Sat 15 Nov 2025 06:50:23 +0000 ROA not before: Sat 15 Nov 2025 06:50:23 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.48.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:90:3a:de:5b:76:02:dd:06:0b:53:9e:be:37:e7:c7:9d:37:5a:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:23 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b5e23d2615bacd23b0346319d94d092309fd13afb96c4efd38800f457165ba36, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:32:97:4a:80:1f:d3:68:73:f1:28:77:01:69: 10:85:48:a3:59:5b:2a:60:35:d6:6c:5b:ed:8d:fd: bb:d7:5f:25:65:11:1b:6d:d9:89:1c:56:c0:26:43: 54:28:cd:d2:66:f4:4f:4b:75:b6:28:d0:01:28:f2: 71:e6:f2:d5:4f:96:0e:d4:e4:b6:97:fa:f9:3b:3b: 48:a2:a2:96:d3:9e:0a:6b:ff:0c:89:5d:b1:92:97: 85:6b:6d:09:ce:78:34:b4:79:79:60:96:2d:90:c9: ac:7f:97:7c:bf:32:5f:27:e2:f0:54:d3:bf:0b:14: bf:da:ce:de:4e:ad:9e:c9:bd:6c:d1:13:b5:76:56: 75:85:ae:04:21:0e:2e:22:c7:ba:7f:14:0a:8f:82: d3:c5:43:d7:0c:bc:3a:9d:c6:3d:7f:0e:f8:0b:ba: 66:52:9c:9b:90:52:f7:46:e8:6d:64:c2:6f:b9:d4: fa:cd:2b:fa:ee:ba:c7:f4:21:30:97:db:8f:dc:c3: 4b:a2:51:9f:37:d7:2b:40:7a:6c:16:08:7b:58:9e: 2e:76:90:6a:1a:55:b6:05:f5:5c:01:74:30:e3:34: a2:dd:0e:b4:4e:07:a7:54:36:6d:6e:6a:0c:c0:f0: 7f:bd:21:8d:63:eb:b1:e5:d3:e0:b8:6c:7b:64:2b: e5:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:83:9C:EE:7E:0F:0A:D2:36:32:0D:BB:AD:19:72:F6:4B:68:88:56 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.48.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7c:a2:3d:81:20:16:3a:d5:fc:2c:99:da:9a:0e:ac:bc:1e:51: 59:94:3d:a0:05:ba:28:59:43:54:ad:38:2f:0a:5b:94:01:43: 72:7a:65:e1:a3:9e:d9:c3:6e:5b:ad:59:2f:0a:ff:73:84:0a: d8:a0:45:90:b3:a2:1d:c6:e6:2a:70:7e:f2:27:51:34:88:96: 52:25:6c:a4:a4:b2:0e:db:36:92:9f:01:68:a4:1d:44:3f:fb: 30:29:39:50:68:89:71:21:3d:93:05:93:50:27:c9:e9:b3:78: be:40:1c:80:99:44:20:c6:f8:a5:41:a9:03:ac:d7:de:26:88: c0:09:e7:40:ac:54:44:53:4f:e9:ed:90:1b:00:cb:a6:7b:d6: d2:89:89:0d:63:1c:11:cb:aa:6d:28:c0:66:4d:ec:09:a3:cc: 45:05:b5:bf:f6:90:41:2e:1d:b7:0a:11:7b:2e:4d:85:28:94: 53:58:e0:ab:9a:49:cd:5a:ea:62:23:23:8a:b5:42:88:f4:46: 44:7d:70:a2:42:7c:16:0b:63:7e:a0:f9:2d:64:e4:ea:70:ce: 27:27:ad:b9:ce:a5:a2:9d:3a:77:c8:a1:7a:4c:75:fd:97:67: 69:ae:46:31:86:cd:7e:d7:6c:ef:31:0d:19:39:4a:cf:21:62: c8:0c:8e:a9 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIULpA63lt2At0GC1Oevjfnx503WiowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMjNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGI1ZTIzZDI2MTViYWNkMjNiMDM0NjMxOWQ5NGQwOTIzMDlmZDEzYWZiOTZj NGVmZDM4ODAwZjQ1NzE2NWJhMzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJUyl0qAH9Noc/EodwFpEIVIo1lbKmA11mxb7Y39u9dfJWURG23ZiRxWwCZD VCjN0mb0T0t1tijQASjyceby1U+WDtTktpf6+Ts7SKKiltOeCmv/DIldsZKXhWtt Cc54NLR5eWCWLZDJrH+XfL8yXyfi8FTTvwsUv9rO3k6tnsm9bNETtXZWdYWuBCEO LiLHun8UCo+C08VD1wy8Op3GPX8O+Au6ZlKcm5BS90bobWTCb7nU+s0r+u66x/Qh MJfbj9zDS6JRnzfXK0B6bBYIe1ieLnaQahpVtgX1XAF0MOM0ot0OtE4Hp1Q2bW5q DMDwf70hjWPrseXT4Lhse2Qr5asCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3g5zu fg8K0jYyDbutGXL2S2iIVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G CSqGSIb3DQEBCwUAA4IBAQB8oj2BIBY61fwsmdqaDqy8HlFZlD2gBbooWUNUrTgv CluUAUNyemXho57Zw25brVkvCv9zhArYoEWQs6IdxuYqcH7yJ1E0iJZSJWykpLIO 2zaSnwFopB1EP/swKTlQaIlxIT2TBZNQJ8nps3i+QByAmUQgxvilQakDrNfeJojA CedArFREU0/p7ZAbAMume9bSiYkNYxwRy6ptKMBmTewJo8xFBbW/9pBBLh23ChF7 Lk2FKJRTWOCrmknNWupiIyOKtUKI9EZEfXCiQnwWC2N+oPktZOTqcM4nJ625zqWi nTp3yKF6THX9l2dprkYxhs1+12zvMQ0ZOUrPIWLIDI6p -----END CERTIFICATE-----Generated at Sat Dec 6 16:01:14 2025 by rpki-client