This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json) Hash identifier: WQnzf5E2uxV0SOZebKu14R49cFJGHiny+T11zUDFRU0= Subject key identifier: 8D:28:2F:2B:A2:4D:EB:74:32:BF:22:B4:D5:63:D3:9A:7F:DC:C5:E3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6B0D32A8A53614B7103086294C593D1AF89F8B0A Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa Signing time: Sun 16 Nov 2025 01:00:19 +0000 ROA not before: Sun 16 Nov 2025 01:00:19 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a01:578::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:0d:32:a8:a5:36:14:b7:10:30:86:29:4c:59:3d:1a:f8:9f:8b:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:19 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=bdf5abb7ed394ea0b4723cf74a7b11e937e4ec27744fc6414a1d44c957b7f1eb, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:4b:63:f8:9a:02:e7:9f:37:cd:b8:40:25:39: af:ad:86:2e:3f:ec:64:0e:3d:d3:c1:86:d1:04:e6: 24:0b:4a:89:db:88:77:fa:80:4a:0a:d0:20:b4:3c: f4:ea:ff:c6:ec:80:69:dc:c8:78:4e:3e:80:4b:38: a7:ab:10:af:4f:c7:07:24:f0:89:6e:d6:31:39:b2: 55:e3:17:a3:21:5d:4d:ce:b3:af:71:b4:05:12:89: 17:f9:09:ef:4f:12:77:bd:b6:2c:48:d7:cb:a0:1b: 06:7d:52:f1:51:bc:de:5d:b1:28:5b:f2:ca:c0:60: 47:35:ff:c6:b3:0d:85:e1:28:8b:c8:ca:a5:22:13: de:79:b5:bc:67:70:92:05:bf:a4:e1:e3:03:97:ad: 6f:69:5b:1c:eb:41:d9:46:ed:c8:98:e1:b7:0e:97: 31:87:2e:c3:76:38:9e:19:8b:3e:d5:3f:95:0a:ce: f8:c2:fa:2f:d4:20:64:ca:aa:d6:7b:82:17:7b:6e: 6b:1f:6d:8a:f0:b7:79:58:e4:de:7c:0b:93:81:16: 59:9a:76:be:ac:1e:b1:a0:09:1b:9d:00:df:98:8f: 44:57:d2:fd:48:c6:75:15:fa:ec:5e:9b:29:8e:1e: ae:70:8e:0b:08:7b:3a:d9:49:13:85:b1:f7:78:a9: 1d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:28:2F:2B:A2:4D:EB:74:32:BF:22:B4:D5:63:D3:9A:7F:DC:C5:E3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:578::/48 Signature Algorithm: sha256WithRSAEncryption 58:36:c5:51:0c:78:2c:d8:6d:0d:c7:3c:63:31:89:00:a1:ed: f2:c4:2f:31:fd:a7:e9:c4:11:ce:67:3f:54:64:28:b5:54:5a: 0a:8a:72:a8:b4:ae:2c:0a:e1:a7:e3:7f:33:9b:97:04:49:fb: c5:5a:32:7e:43:e0:36:01:e8:7d:9d:83:0c:fa:36:7c:71:ec: 71:81:7f:58:32:b5:c6:17:ab:4a:1e:7b:c5:fd:0c:b3:e7:46: ab:08:e3:19:4b:87:29:ac:67:c9:4e:27:bf:b3:a3:aa:ca:ca: 8f:fe:38:d5:16:ef:88:47:f9:95:38:f1:9e:55:0e:c0:5c:73: 8c:50:6d:21:55:3f:18:c9:22:6a:bb:1e:55:27:91:4f:6c:73: 36:a9:c7:79:68:cd:22:20:2b:6f:17:29:a7:0f:a0:06:32:e9: 12:b3:68:c3:e1:3a:da:b1:e5:3b:1f:eb:c3:96:85:42:b4:b6: a9:79:f2:5c:bc:85:b6:88:93:91:25:6d:1a:90:8a:e6:0b:98: ea:bf:82:98:8b:a4:4b:f6:2e:f2:1d:51:d7:a1:a8:dd:b0:9e: b4:2c:dc:6e:71:ed:e9:02:d9:d0:03:84:a9:eb:12:ad:42:2c: 25:61:73:da:25:3a:79:6a:79:94:5c:c9:1a:b5:73:33:24:9c: 67:08:ae:d0 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUaw0yqKU2FLcQMIYpTFk9GvifiwowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMTlaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGJkZjVhYmI3ZWQzOTRlYTBiNDcyM2NmNzRhN2IxMWU5MzdlNGVjMjc3NDRm YzY0MTRhMWQ0NGM5NTdiN2YxZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKFLY/iaAuefN824QCU5r62GLj/sZA4908GG0QTmJAtKiduId/qASgrQILQ8 9Or/xuyAadzIeE4+gEs4p6sQr0/HByTwiW7WMTmyVeMXoyFdTc6zr3G0BRKJF/kJ 708Sd722LEjXy6AbBn1S8VG83l2xKFvyysBgRzX/xrMNheEoi8jKpSIT3nm1vGdw kgW/pOHjA5etb2lbHOtB2UbtyJjhtw6XMYcuw3Y4nhmLPtU/lQrO+ML6L9QgZMqq 1nuCF3tuax9tivC3eVjk3nwLk4EWWZp2vqwesaAJG50A35iPRFfS/UjGdRX67F6b KY4ernCOCwh7OtlJE4Wx93ipHbcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSNKC8r ok3rdDK/IrTVY9Oaf9zF4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA ADANBgkqhkiG9w0BAQsFAAOCAQEAWDbFUQx4LNhtDcc8YzGJAKHt8sQvMf2n6cQR zmc/VGQotVRaCopyqLSuLArhp+N/M5uXBEn7xVoyfkPgNgHofZ2DDPo2fHHscYF/ WDK1xherSh57xf0Ms+dGqwjjGUuHKaxnyU4nv7OjqsrKj/441RbviEf5lTjxnlUO wFxzjFBtIVU/GMkiarseVSeRT2xzNqnHeWjNIiArbxcppw+gBjLpErNow+E62rHl Ox/rw5aFQrS2qXnyXLyFtoiTkSVtGpCK5guY6r+CmIukS/Yu8h1R16Go3bCetCzc bnHt6QLZ0AOEqesSrUIsJWFz2iU6eWp5lFzJGrVzMyScZwiu0A== -----END CERTIFICATE-----Generated at Sat Dec 6 23:35:13 2025 by rpki-client