This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa File: 60c12693-1526-46ae-aa45-d5276a0c0f79.roa (raw, json) Hash identifier: kyjzsqct06THbiITBXW/nIARCXkmsGBFu2J8iXiLqKk= Subject key identifier: 90:2C:BC:CB:FF:2D:CF:4B:79:28:0D:2F:B6:E7:D6:64:42:11:2C:C4 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 460E2E860D69136E84DCB6060001C2663FB59103 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa Signing time: Tue 18 Nov 2025 00:40:06 +0000 ROA not before: Tue 18 Nov 2025 00:40:06 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.86.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:0e:2e:86:0d:69:13:6e:84:dc:b6:06:00:01:c2:66:3f:b5:91:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:06 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=c1f06f9f80f6cfbb5c01c610e1689ec08f64e3dd7e400cde47fc748150512a83, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:69:db:bd:86:09:5e:06:2b:af:06:90:65:cc: da:66:e2:37:91:ff:3d:67:42:bd:6e:93:8e:9a:cc: d6:68:56:e5:66:80:65:21:b5:09:0d:49:cb:ff:65: 62:a2:44:a8:54:94:db:9b:ec:6e:48:10:8e:b0:b6: 4c:6c:9f:3b:62:eb:6c:00:a6:fa:56:02:05:60:90: bb:8f:fa:3b:8a:ec:44:23:a1:eb:71:b2:fc:50:48: ac:3e:17:18:df:a0:1b:de:d6:97:a9:72:ce:b9:94: a1:5d:7b:3d:1d:f7:7a:78:04:0f:0f:92:93:66:17: 91:66:39:7d:aa:4e:e9:b4:4c:3b:39:79:a6:59:f1: 9b:34:01:9d:bf:9a:d0:80:0f:89:af:93:14:11:4e: b9:f0:2e:de:1b:b1:bc:93:96:94:7e:00:be:20:1b: ff:a3:a2:0a:06:03:2b:44:e2:41:f1:6f:12:93:95: d8:4a:94:ff:b6:ef:95:bf:f1:82:bb:08:90:2e:a7: 92:55:82:95:69:ca:f6:15:94:a7:5e:1b:61:98:f7: 6e:b3:2e:81:c0:6b:fe:5e:a6:e9:f6:e8:b4:2b:d8: 03:a7:21:3f:61:88:7a:1b:ef:e2:dc:f7:c1:2b:25: 36:75:32:63:c9:7a:f3:0a:ab:77:62:6e:85:13:f3: 48:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:2C:BC:CB:FF:2D:CF:4B:79:28:0D:2F:B6:E7:D6:64:42:11:2C:C4 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.86.0.0/15 Signature Algorithm: sha256WithRSAEncryption 81:ab:ce:4b:f2:79:18:76:ed:ed:7c:7b:32:06:3f:6c:df:2d: 05:d9:f2:a0:c2:49:eb:4c:f9:b2:c7:cc:58:0b:f9:44:38:0c: f6:5b:14:d9:ad:1c:a9:55:2e:25:69:2e:7a:d6:a6:7a:2e:24: e5:8c:f4:2d:f1:94:17:92:f4:27:ed:d7:4a:9e:b9:6a:6a:30: b5:ba:e8:cc:c2:1f:d2:ac:a8:fb:8b:a3:0a:14:fe:0b:1c:17: c4:96:7a:5d:9a:37:d2:7f:d6:b6:15:b3:e0:bb:32:df:46:93: 90:43:35:c3:c7:ce:13:19:f2:2f:5a:89:64:d8:88:4c:34:21: 9d:85:04:f9:c7:66:b4:d6:8f:d9:70:f8:0b:9a:7b:43:ea:8c: e0:73:0b:5e:0d:79:50:71:66:69:df:9f:8f:ad:95:0c:92:37: e3:64:04:13:a8:96:21:09:e8:c1:ff:5f:1f:8a:46:1b:ac:64: 4b:ee:a4:0a:6c:87:55:eb:f8:61:c7:af:01:24:f3:53:31:3c: 69:5c:00:7a:9a:08:cc:f0:db:4d:36:30:b1:34:19:4d:21:10: 81:65:7c:b3:68:7e:b7:f1:d6:5a:ed:8b:8a:0a:6f:5b:7c:95: 5e:0d:45:b1:ba:67:d7:11:ab:5b:e5:6f:18:a0:9c:73:a3:1f: cd:04:78:3c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIURg4uhg1pE26E3LYGAAHCZj+1kQMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDZaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGMxZjA2ZjlmODBmNmNmYmI1YzAxYzYxMGUxNjg5ZWMwOGY2NGUzZGQ3ZTQw MGNkZTQ3ZmM3NDgxNTA1MTJhODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJJp272GCV4GK68GkGXM2mbiN5H/PWdCvW6TjprM1mhW5WaAZSG1CQ1Jy/9l YqJEqFSU25vsbkgQjrC2TGyfO2LrbACm+lYCBWCQu4/6O4rsRCOh63Gy/FBIrD4X GN+gG97Wl6lyzrmUoV17PR33engEDw+Sk2YXkWY5fapO6bRMOzl5plnxmzQBnb+a 0IAPia+TFBFOufAu3huxvJOWlH4AviAb/6OiCgYDK0TiQfFvEpOV2EqU/7bvlb/x grsIkC6nklWClWnK9hWUp14bYZj3brMugcBr/l6m6fbotCvYA6chP2GIehvv4tz3 wSslNnUyY8l68wqrd2JuhRPzSJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQLLzL /y3PS3koDS+259ZkQhEsxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NjBjMTI2OTMtMTUyNi00NmFlLWFhNDUtZDUyNzZhMGMwZjc5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G CSqGSIb3DQEBCwUAA4IBAQCBq85L8nkYdu3tfHsyBj9s3y0F2fKgwknrTPmyx8xY C/lEOAz2WxTZrRypVS4laS561qZ6LiTljPQt8ZQXkvQn7ddKnrlqajC1uujMwh/S rKj7i6MKFP4LHBfElnpdmjfSf9a2FbPguzLfRpOQQzXDx84TGfIvWolk2IhMNCGd hQT5x2a01o/ZcPgLmntD6ozgcwteDXlQcWZp35+PrZUMkjfjZAQTqJYhCejB/18f ikYbrGRL7qQKbIdV6/hhx68BJPNTMTxpXAB6mgjM8NtNNjCxNBlNIRCBZXyzaH63 8dZa7YuKCm9bfJVeDUWxumfXEatb5W8YoJxzox/NBHg8 -----END CERTIFICATE-----Generated at Sat Dec 6 11:55:08 2025 by rpki-client