This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa File: 676cc479-c956-49aa-8372-560fd674c62c.roa (raw, json) Hash identifier: KNNX2neQMOLMZvtBymuV3YhVDh65+BPyQ+WTFPOd9oo= Subject key identifier: 20:79:9F:2B:1A:04:B8:42:D3:C5:F2:9F:7D:13:14:9C:03:03:F4:67 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 63ED721AA98813D6B965B777ADD9C25E3FB94CF5 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa Signing time: Tue 18 Nov 2025 00:40:28 +0000 ROA not before: Tue 18 Nov 2025 00:40:28 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.20.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:ed:72:1a:a9:88:13:d6:b9:65:b7:77:ad:d9:c2:5e:3f:b9:4c:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:28 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=cbbd1ae09b4d02d7b9f09043c7c80e4d53b187d2f5e058d5f6de05e980ffca5e, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:fd:6a:d3:af:d5:32:9c:1f:da:b1:21:a7:32: 54:39:78:6e:8b:0d:7f:d4:3a:0f:32:03:db:b8:34: 5a:76:ed:62:56:42:e2:05:21:bf:63:3d:1a:de:a8: 4e:ff:9c:00:02:d9:71:fd:54:bc:b7:60:3e:2c:39: b1:0d:5b:85:ee:dc:10:8b:74:51:bf:22:31:a5:a5: 65:44:13:8a:c2:63:2d:b6:2c:2a:df:4b:13:d8:11: 46:48:a6:32:99:45:0f:01:b5:9c:e8:1d:ba:a7:24: 75:2f:64:e9:e1:6c:25:4a:a6:33:42:c1:50:96:40: 21:a0:ce:0c:64:b0:4f:9f:65:b0:ae:1f:28:91:ed: 84:38:c9:56:69:41:ac:3f:3c:7b:98:d4:80:c1:03: e8:60:f9:91:f7:bf:a9:e2:30:dc:1c:21:2e:dc:1e: e2:d9:5d:cb:2f:67:67:53:9d:5e:6a:85:22:69:ab: 4d:7c:71:ec:66:c1:f9:9e:4f:20:af:e2:a2:99:82: 8f:23:af:4d:7e:9b:c3:56:7b:37:5a:f5:d6:a8:e6: 3d:5b:f5:7e:a3:ad:be:11:54:34:eb:c8:c1:fb:ad: 78:0a:3f:ae:c8:86:5c:0e:9b:39:2b:d4:82:66:63: a4:b0:de:54:34:47:aa:c1:dc:4f:99:c5:cd:ea:6e: 76:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:79:9F:2B:1A:04:B8:42:D3:C5:F2:9F:7D:13:14:9C:03:03:F4:67 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.20.0.0/16 Signature Algorithm: sha256WithRSAEncryption c1:d2:19:81:65:5f:3e:3c:78:0f:c9:be:0c:69:cc:c3:e3:af: 9b:44:91:6e:2c:4b:98:15:82:e3:e6:01:77:2d:14:64:c2:05: 33:57:c1:61:6c:ea:93:02:bd:f0:01:6a:70:89:c0:2d:93:f4: 1b:1d:e4:3b:a8:d2:13:b4:72:74:5f:e0:b8:e8:16:32:90:fa: a5:db:80:cb:fa:e9:6d:d8:8c:1e:37:80:1d:b8:94:ab:40:c0: 6f:60:5f:3c:5f:0f:7f:04:f4:61:32:4f:41:73:51:90:aa:11: 16:f0:fe:3c:eb:af:bb:45:d3:91:d3:45:41:65:d3:91:4f:a3: 25:d2:df:08:32:6c:53:96:c7:a5:58:fb:a4:80:26:ce:0f:4d: 1f:bb:cf:03:cc:34:71:81:dd:b6:b2:e7:dd:97:b4:9b:95:f4: a7:cc:85:b3:b8:02:1a:8c:ed:f9:64:44:7e:05:55:7c:90:c8: 09:ab:40:99:9b:c4:62:69:8a:fc:65:21:2e:13:50:3d:3e:c3: e2:84:19:00:c9:b5:dd:8c:6b:1a:f9:99:4e:cb:b5:2e:60:bb: c9:44:39:d5:b2:6f:c0:ca:51:50:de:9e:b1:cf:b9:e8:ae:4e: e4:87:dd:f6:cc:30:18:fb:98:29:c3:c6:95:3f:f2:b8:b6:bd: 8b:d4:ab:36 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUY+1yGqmIE9a5Zbd3rdnCXj+5TPUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMjhaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGNiYmQxYWUwOWI0ZDAyZDdiOWYwOTA0M2M3YzgwZTRkNTNiMTg3ZDJmNWUw NThkNWY2ZGUwNWU5ODBmZmNhNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKn9atOv1TKcH9qxIacyVDl4bosNf9Q6DzID27g0WnbtYlZC4gUhv2M9Gt6o Tv+cAALZcf1UvLdgPiw5sQ1bhe7cEIt0Ub8iMaWlZUQTisJjLbYsKt9LE9gRRkim MplFDwG1nOgduqckdS9k6eFsJUqmM0LBUJZAIaDODGSwT59lsK4fKJHthDjJVmlB rD88e5jUgMED6GD5kfe/qeIw3BwhLtwe4tldyy9nZ1OdXmqFImmrTXxx7GbB+Z5P IK/iopmCjyOvTX6bw1Z7N1r11qjmPVv1fqOtvhFUNOvIwfuteAo/rsiGXA6bOSvU gmZjpLDeVDRHqsHcT5nFzepudqsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgeZ8r GgS4QtPF8p99ExScAwP0ZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Njc2Y2M0NzktYzk1Ni00OWFhLTgzNzItNTYwZmQ2NzRjNjJjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G CSqGSIb3DQEBCwUAA4IBAQDB0hmBZV8+PHgPyb4MaczD46+bRJFuLEuYFYLj5gF3 LRRkwgUzV8FhbOqTAr3wAWpwicAtk/QbHeQ7qNITtHJ0X+C46BYykPql24DL+ult 2IweN4AduJSrQMBvYF88Xw9/BPRhMk9Bc1GQqhEW8P4866+7RdOR00VBZdORT6Ml 0t8IMmxTlselWPukgCbOD00fu88DzDRxgd22sufdl7SblfSnzIWzuAIajO35ZER+ BVV8kMgJq0CZm8RiaYr8ZSEuE1A9PsPihBkAybXdjGsa+ZlOy7UuYLvJRDnVsm/A ylFQ3p6xz7nork7kh932zDAY+5gpw8aVP/K4tr2L1Ks2 -----END CERTIFICATE-----Generated at Sat Dec 6 12:56:57 2025 by rpki-client