This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json) Hash identifier: eNJtpPf3L6QK4CWBQdVMPpS0gdcyALFsGgDbEFWQ2Lc= Subject key identifier: 62:31:BF:FA:5A:19:93:08:4A:46:54:11:32:F0:FC:E0:8D:B2:BB:17 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4729192CE59FDEFC0A13FCC4F32E8F9EFC2D8E50 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa Signing time: Tue 18 Nov 2025 00:40:05 +0000 ROA not before: Tue 18 Nov 2025 00:40:05 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.96.0.0/14 maxlen: 14 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:29:19:2c:e5:9f:de:fc:0a:13:fc:c4:f3:2e:8f:9e:fc:2d:8e:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:05 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=deae7a251b5ea66aa1180964fb6c903a51b57efd93a642d1e4b81d658d8d4ce4, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d8:2b:35:0d:65:7e:a5:1e:8e:47:99:9b:6c: 5c:26:40:83:64:f6:18:7f:aa:e3:0b:5d:b2:a3:f2: 39:48:e3:96:28:c9:b0:bb:a9:c5:bc:ec:ac:4a:f0: cd:a5:31:d7:3c:a4:9f:c4:5c:19:61:0a:31:3e:78: 58:40:7c:cd:04:0c:0b:52:f4:b3:fe:83:67:55:65: c5:e0:ca:19:58:f7:30:0a:53:08:9f:c4:17:0f:55: 26:f0:05:a9:94:32:f1:b1:91:22:d9:c7:97:23:91: 28:36:c8:f7:d4:25:7b:db:37:ab:3e:4e:4e:36:18: 91:31:f2:80:84:36:ea:d5:f0:18:3f:2b:0f:7d:05: 68:55:2f:d0:45:1b:d6:c5:76:59:b8:8f:98:6c:66: ca:21:33:50:e2:0d:e9:c3:b7:c9:b8:60:a2:cb:6b: a8:ff:6c:57:09:d3:66:e3:34:6c:17:be:8c:27:ba: a2:15:e2:7f:91:3e:38:fb:bd:dc:6b:e9:cd:36:31: 7c:ac:96:35:76:e3:a7:95:b7:73:b9:58:b2:4d:71: f8:58:85:fd:47:83:11:9e:74:93:4e:6b:3d:aa:51: d5:2e:47:8e:f0:7d:ce:6f:ba:86:05:7d:bc:d7:67: a9:36:e2:19:65:01:10:f0:0c:9a:1e:2d:19:23:3b: b7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:31:BF:FA:5A:19:93:08:4A:46:54:11:32:F0:FC:E0:8D:B2:BB:17 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.96.0.0/14 Signature Algorithm: sha256WithRSAEncryption a9:38:e3:29:50:67:10:61:ba:62:d2:d5:fb:cb:bf:fd:e8:df: cf:e7:6e:7d:1c:4a:3d:fa:e7:47:0b:ea:d7:34:22:33:59:fa: 7b:cc:09:79:3d:a6:61:93:d9:73:23:f3:8b:fe:01:76:91:ac: 93:b1:06:e4:ac:55:c0:29:f8:8c:cb:35:ad:21:53:33:43:34: 7c:1b:94:ac:05:8b:b3:fd:d4:df:19:87:bc:f9:9d:58:fa:20: 08:38:5f:29:ff:2b:5f:8b:07:58:b1:05:86:31:fc:16:aa:4b: dd:3c:cc:85:f5:01:e8:f2:23:81:2c:00:5e:23:11:e7:e2:42: 18:a2:e8:be:34:19:8d:5c:6c:72:90:ce:dd:e8:4b:22:da:19: a9:80:12:cc:12:67:eb:23:e8:1f:cb:9c:1d:9a:42:1d:40:88: 29:59:d9:7d:95:ee:26:d3:0a:bb:d8:ab:11:0a:b0:95:2a:c7: bc:8c:2e:e5:12:6e:7f:f4:17:4e:10:a0:8c:76:bd:b3:ea:8d: 93:30:cc:67:03:f6:15:02:05:87:e2:82:21:5e:c2:5d:cb:63: 75:5e:31:63:39:af:b9:0b:2f:4f:94:40:f5:ec:1a:0c:3c:f0: ef:0c:d6:a2:3e:d6:5c:19:0b:b6:c3:6d:0c:42:6e:d5:95:cd: c0:cc:13:97 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIURykZLOWf3vwKE/zE8y6PnvwtjlAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDVaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGRlYWU3YTI1MWI1ZWE2NmFhMTE4MDk2NGZiNmM5MDNhNTFiNTdlZmQ5M2E2 NDJkMWU0YjgxZDY1OGQ4ZDRjZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7YKzUNZX6lHo5HmZtsXCZAg2T2GH+q4wtdsqPyOUjjlijJsLupxbzsrErw zaUx1zykn8RcGWEKMT54WEB8zQQMC1L0s/6DZ1VlxeDKGVj3MApTCJ/EFw9VJvAF qZQy8bGRItnHlyORKDbI99Qle9s3qz5OTjYYkTHygIQ26tXwGD8rD30FaFUv0EUb 1sV2WbiPmGxmyiEzUOIN6cO3ybhgostrqP9sVwnTZuM0bBe+jCe6ohXif5E+OPu9 3GvpzTYxfKyWNXbjp5W3c7lYsk1x+FiF/UeDEZ50k05rPapR1S5HjvB9zm+6hgV9 vNdnqTbiGWUBEPAMmh4tGSM7t9sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRiMb/6 WhmTCEpGVBEy8PzgjbK7FzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G CSqGSIb3DQEBCwUAA4IBAQCpOOMpUGcQYbpi0tX7y7/96N/P5259HEo9+udHC+rX NCIzWfp7zAl5PaZhk9lzI/OL/gF2kayTsQbkrFXAKfiMyzWtIVMzQzR8G5SsBYuz /dTfGYe8+Z1Y+iAIOF8p/ytfiwdYsQWGMfwWqkvdPMyF9QHo8iOBLABeIxHn4kIY oui+NBmNXGxykM7d6Esi2hmpgBLMEmfrI+gfy5wdmkIdQIgpWdl9le4m0wq72KsR CrCVKse8jC7lEm5/9BdOEKCMdr2z6o2TMMxnA/YVAgWH4oIhXsJdy2N1XjFjOa+5 Cy9PlED17BoMPPDvDNaiPtZcGQu2w20MQm7Vlc3AzBOX -----END CERTIFICATE-----Generated at Sat Dec 6 10:55:46 2025 by rpki-client