This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json) Hash identifier: B1njhtLTiefiBZZRZuoQUtqkBWlKq2EiiFevz6/1t2Y= Subject key identifier: B8:FF:CF:6F:DC:5D:DE:78:95:A2:21:04:1C:1C:F3:71:0A:E8:4E:B9 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 412C675686D87EF6BAB2886C6C6E5A738221D32E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa Signing time: Sat 15 Nov 2025 06:40:33 +0000 ROA not before: Sat 15 Nov 2025 06:40:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.220.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:2c:67:56:86:d8:7e:f6:ba:b2:88:6c:6c:6e:5a:73:82:21:d3:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=c754eaaafa0af7fe0b25c6144077180a96de69aad4d8312a47848028236fd147, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:67:96:63:6a:14:71:59:56:56:1d:8e:95:2f: 03:a7:e9:6c:a0:18:d5:43:7a:29:f6:14:b5:2d:06: db:2a:df:93:ac:36:c5:e7:8a:01:86:2b:59:99:61: 4a:ad:5e:dc:42:3a:6a:30:85:0b:a9:8e:3a:07:66: 23:7a:10:08:92:9a:90:7b:4a:03:95:3b:cd:9a:f2: ef:14:c4:93:f4:72:48:39:89:d9:21:4b:f2:46:f4: 17:da:ee:b3:47:7c:e3:69:c3:af:25:16:2a:b0:14: cb:38:01:56:57:b0:bf:f5:2d:7e:d1:b7:68:ae:04: 0d:67:fd:5d:7b:dc:23:34:c8:3c:bb:27:72:c3:a6: 5b:82:ff:c5:bf:36:09:0d:b5:c8:96:c6:20:0c:6a: be:5a:13:eb:5c:da:1f:0a:92:02:cf:29:1c:75:a6: b1:54:90:f7:b0:43:7e:f0:2b:83:88:5d:42:00:bd: 1c:c2:a6:3b:fa:b5:39:2c:9d:eb:90:89:1d:5c:83: e2:a3:ec:e1:8e:26:67:d1:1b:32:66:32:7f:2d:f6: 39:db:d3:bf:e2:5a:49:9e:15:24:02:8b:4b:dd:47: 11:02:7e:78:4a:19:e9:46:f8:36:65:d9:9f:8c:ba: 91:b7:15:16:ae:39:97:c6:25:8b:9f:82:05:b6:12: 44:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:FF:CF:6F:DC:5D:DE:78:95:A2:21:04:1C:1C:F3:71:0A:E8:4E:B9 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.220.0.0/15 Signature Algorithm: sha256WithRSAEncryption 05:53:b9:62:c7:4b:06:2a:82:47:cd:cd:d6:55:b9:9b:1b:1d: f1:b2:79:eb:f0:cf:99:f0:36:38:8c:18:44:7c:91:20:f6:63: e8:d6:13:83:eb:42:1d:ad:6f:65:97:b1:99:11:18:4d:a8:41: 7a:fb:9a:11:06:ea:32:0e:54:ca:42:51:8f:57:51:92:2a:90: 39:0b:06:36:e4:01:ba:9a:bf:a4:c6:ac:c0:61:65:bc:2b:cb: 6b:0a:76:0c:0e:97:1c:2f:3a:c8:2b:d9:86:9d:2c:c9:d5:2b: 83:67:76:40:9d:94:0f:54:8d:ee:e9:87:6d:8e:8e:61:27:28: 3d:87:2f:53:c9:3e:7f:76:dc:4e:93:75:64:03:de:f9:f1:a2: ab:2c:57:aa:e1:eb:fb:70:10:b4:8d:9a:48:4f:e6:dc:e3:0d: a8:53:1e:6d:41:95:9d:b6:b2:24:1d:c4:80:db:17:ee:ec:e7: 96:67:dd:59:7f:85:da:75:c1:be:70:ad:28:7d:b3:b5:be:98: 78:49:35:0b:c1:ce:38:6e:c8:35:59:27:8b:ec:87:d5:d4:0d: da:a4:0a:ac:2a:a6:b1:7a:88:0d:6a:48:c7:8e:94:16:28:6f: 4c:36:99:97:b6:0e:b2:a5:fa:ab:40:40:a5:e4:68:44:d1:02: 0c:83:fc:0d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUQSxnVobYfva6sohsbG5ac4Ih0y4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGM3NTRlYWFhZmEwYWY3ZmUwYjI1YzYxNDQwNzcxODBhOTZkZTY5YWFkNGQ4 MzEyYTQ3ODQ4MDI4MjM2ZmQxNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAONnlmNqFHFZVlYdjpUvA6fpbKAY1UN6KfYUtS0G2yrfk6w2xeeKAYYrWZlh Sq1e3EI6ajCFC6mOOgdmI3oQCJKakHtKA5U7zZry7xTEk/RySDmJ2SFL8kb0F9ru s0d842nDryUWKrAUyzgBVlewv/UtftG3aK4EDWf9XXvcIzTIPLsncsOmW4L/xb82 CQ21yJbGIAxqvloT61zaHwqSAs8pHHWmsVSQ97BDfvArg4hdQgC9HMKmO/q1OSyd 65CJHVyD4qPs4Y4mZ9EbMmYyfy32OdvTv+JaSZ4VJAKLS91HEQJ+eEoZ6Ub4NmXZ n4y6kbcVFq45l8Yli5+CBbYSRP8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4/89v 3F3eeJWiIQQcHPNxCuhOuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G CSqGSIb3DQEBCwUAA4IBAQAFU7lix0sGKoJHzc3WVbmbGx3xsnnr8M+Z8DY4jBhE fJEg9mPo1hOD60IdrW9ll7GZERhNqEF6+5oRBuoyDlTKQlGPV1GSKpA5CwY25AG6 mr+kxqzAYWW8K8trCnYMDpccLzrIK9mGnSzJ1SuDZ3ZAnZQPVI3u6Ydtjo5hJyg9 hy9TyT5/dtxOk3VkA9758aKrLFeq4ev7cBC0jZpIT+bc4w2oUx5tQZWdtrIkHcSA 2xfu7OeWZ91Zf4XadcG+cK0ofbO1vph4STULwc44bsg1WSeL7IfV1A3apAqsKqax eogNakjHjpQWKG9MNpmXtg6ypfqrQECl5GhE0QIMg/wN -----END CERTIFICATE-----Generated at Sat Dec 6 09:58:00 2025 by rpki-client