This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa File: 695716ab-c4db-435d-95fe-4143be62030e.roa (raw, json) Hash identifier: To2fE3ohMomgDio5pHuACir8xaSKezcWuKugqUQ+INc= Subject key identifier: 52:8D:3D:D6:21:2B:64:86:82:26:B5:02:D3:2C:9F:A8:17:D2:F1:67 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 75D2D1979FEE8D2A4484B5234E65DB74AC010818 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa Signing time: Sun 16 Nov 2025 01:00:22 +0000 ROA not before: Sun 16 Nov 2025 01:00:22 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 139.79.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:d2:d1:97:9f:ee:8d:2a:44:84:b5:23:4e:65:db:74:ac:01:08:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:22 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=00a5dd4e1935dd689524fa40bc1870c85d8c3171213f485f112316cf9e64b896, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:c9:ed:8a:8d:65:aa:32:87:cd:03:b2:4b:f8: 88:ba:43:0c:f1:01:43:12:3a:b1:1d:f0:d3:95:26: 42:66:8f:24:48:16:fa:6c:68:90:a5:d3:7d:c7:f6: da:13:74:c2:46:dc:1c:9f:14:5f:b3:df:de:6d:56: aa:3c:a6:b3:1b:bf:52:45:1a:83:a0:86:8a:c6:45: 48:45:d4:b8:d2:19:10:6d:29:5f:50:97:bf:d3:86: c0:5b:40:7c:2e:b5:9b:ee:81:97:bc:57:c5:9c:96: 11:64:e6:5f:d1:f7:6f:25:42:ee:dd:54:80:d0:a4: f8:4f:0d:ca:e1:cb:4e:8f:c0:58:41:3e:32:b1:99: 20:66:1f:99:5e:ea:68:13:d8:d1:0a:8b:01:64:07: 98:4b:b3:a1:d8:64:26:a4:a8:39:ac:fc:5f:2c:f4: 91:24:9f:67:84:bf:c6:a8:19:05:a1:e8:ad:7c:72: 51:ae:6e:05:1f:1c:99:bc:eb:e7:b0:88:17:95:ac: 00:04:08:6f:be:03:57:ee:83:2f:3f:e0:00:ea:41: ba:ab:80:21:21:13:5d:04:78:6d:9a:4e:a4:4f:b4: b3:d5:91:c8:a0:d8:87:72:c3:ff:e2:88:29:73:1b: 62:6b:aa:ab:ea:a5:cb:a0:05:b4:c0:a1:38:11:47: 62:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:8D:3D:D6:21:2B:64:86:82:26:B5:02:D3:2C:9F:A8:17:D2:F1:67 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.79.0.0/16 Signature Algorithm: sha256WithRSAEncryption b1:35:79:c0:4e:86:67:10:90:ee:fe:08:b2:13:93:51:5b:19: 25:d0:03:fd:8b:2d:ab:ba:8d:80:09:32:d9:cd:55:9e:06:c8: 60:f2:1b:17:80:d5:06:d9:ea:5b:40:e3:92:5c:a7:b8:7b:ab: 41:98:4d:d3:54:1c:e3:af:0a:05:e4:83:8e:05:18:c2:00:c3: 3d:78:eb:6a:b5:98:e1:74:a8:bd:64:52:25:c5:c4:4e:6f:d5: bf:e0:ab:2a:b8:6a:78:b8:e5:c5:94:10:a3:23:b5:4a:31:75: c4:66:e5:8d:76:6f:f8:27:10:5a:3c:f7:a9:a9:0b:9a:f4:52: 9e:60:da:a7:cd:ed:16:94:a9:df:7d:fb:3d:7e:e3:32:c1:61: 41:a1:f4:d4:7d:c3:24:06:1b:38:f2:77:cd:38:61:6c:3e:01: 85:ab:ec:c1:be:fa:91:62:0c:41:1e:04:d3:b8:7d:2b:78:ec: be:f8:c9:ab:e3:59:53:23:cd:de:0c:68:d4:45:da:7c:a0:49: 0a:2a:02:6c:e0:0a:d9:5b:93:35:d0:16:f5:ae:df:0f:d0:6f: ef:5e:76:f2:3c:87:8b:6f:d7:dd:24:bc:23:25:16:39:d0:19: 67:25:6e:28:9a:43:c7:e3:bc:a9:e9:77:d0:d8:0c:76:b8:05: c0:ed:cf:87 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUddLRl5/ujSpEhLUjTmXbdKwBCBgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMjJaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDAwYTVkZDRlMTkzNWRkNjg5NTI0ZmE0MGJjMTg3MGM4NWQ4YzMxNzEyMTNm NDg1ZjExMjMxNmNmOWU2NGI4OTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJPJ7YqNZaoyh80Dskv4iLpDDPEBQxI6sR3w05UmQmaPJEgW+mxokKXTfcf2 2hN0wkbcHJ8UX7Pf3m1Wqjymsxu/UkUag6CGisZFSEXUuNIZEG0pX1CXv9OGwFtA fC61m+6Bl7xXxZyWEWTmX9H3byVC7t1UgNCk+E8NyuHLTo/AWEE+MrGZIGYfmV7q aBPY0QqLAWQHmEuzodhkJqSoOaz8Xyz0kSSfZ4S/xqgZBaHorXxyUa5uBR8cmbzr 57CIF5WsAAQIb74DV+6DLz/gAOpBuquAISETXQR4bZpOpE+0s9WRyKDYh3LD/+KI KXMbYmuqq+qly6AFtMChOBFHYtcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSjT3W IStkhoImtQLTLJ+oF9LxZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Njk1NzE2YWItYzRkYi00MzVkLTk1ZmUtNDE0M2JlNjIwMzBlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G CSqGSIb3DQEBCwUAA4IBAQCxNXnAToZnEJDu/giyE5NRWxkl0AP9iy2ruo2ACTLZ zVWeBshg8hsXgNUG2epbQOOSXKe4e6tBmE3TVBzjrwoF5IOOBRjCAMM9eOtqtZjh dKi9ZFIlxcROb9W/4KsquGp4uOXFlBCjI7VKMXXEZuWNdm/4JxBaPPepqQua9FKe YNqnze0WlKnfffs9fuMywWFBofTUfcMkBhs48nfNOGFsPgGFq+zBvvqRYgxBHgTT uH0reOy++Mmr41lTI83eDGjURdp8oEkKKgJs4ArZW5M10Bb1rt8P0G/vXnbyPIeL b9fdJLwjJRY50BlnJW4omkPH47yp6XfQ2Ax2uAXA7c+H -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:23 2025 by rpki-client