This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa File: 70bc7703-020e-4153-b340-cced3a436951.roa (raw, json) Hash identifier: nAcBlUEDyELxq1FsfdGwgBrnKX/BKmPUVkd/mnLAaFA= Subject key identifier: 5F:BB:CA:84:C0:7A:1E:EF:5F:DA:B4:1A:5A:8E:38:3C:94:37:D5:8E Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 288A9E38B16CD221BBECF3C325406E47CCD5544C Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa Signing time: Tue 18 Nov 2025 00:40:33 +0000 ROA not before: Tue 18 Nov 2025 00:40:33 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.96.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:8a:9e:38:b1:6c:d2:21:bb:ec:f3:c3:25:40:6e:47:cc:d5:54:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:33 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=1d53763b968e78fd1b7f0709b2e09ca2b421acf78e4217645d589d920e65bcfd, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:43:1a:29:23:a1:b5:be:1e:1b:83:b8:06:7c: 6a:ee:6d:01:88:c4:51:45:db:b2:81:0a:b8:ef:a3: d0:89:d4:5a:51:fd:2a:96:7f:1c:ad:cd:d9:39:c7: 92:19:8a:b4:2b:ce:fb:4a:fb:ef:4e:46:95:fc:3e: 3b:99:86:da:a7:69:5b:2d:f7:72:2b:52:16:d9:1b: 1c:0b:00:c7:d4:67:c6:40:13:50:bd:b9:e6:ec:73: a8:b8:e5:a9:0c:df:b9:58:31:60:0b:93:53:28:d9: b0:9d:8d:f0:8e:55:33:bb:58:8f:6f:79:1c:20:34: 2e:76:29:72:b8:91:85:8a:36:9d:87:dc:a9:5b:83: 44:01:81:bc:18:06:14:fb:4d:96:b0:97:5d:54:b8: b1:9e:fa:73:20:14:1b:cd:23:c9:39:95:90:13:52: c4:1e:a4:b5:dd:44:91:62:c0:4f:72:74:5a:88:92: 39:ef:6e:2b:48:da:a9:cf:fd:8c:0b:00:01:1e:99: ad:4c:f1:30:f1:be:9e:8d:da:b6:85:11:6e:4b:1b: f5:72:93:60:b7:0c:07:37:99:ed:f0:c2:1d:16:29: 89:fd:91:75:62:4f:19:06:1e:04:dc:25:5b:41:5b: 69:6b:24:3c:23:07:60:4d:9b:28:af:04:9d:40:2b: b1:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:BB:CA:84:C0:7A:1E:EF:5F:DA:B4:1A:5A:8E:38:3C:94:37:D5:8E X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.96.0.0/16 Signature Algorithm: sha256WithRSAEncryption 06:27:16:fe:80:27:a0:80:ed:79:ee:dd:eb:78:a1:c6:18:60: 84:fb:95:18:ef:94:e6:01:ea:cf:ff:db:8b:15:8a:17:f0:28: 77:69:31:da:e2:4e:39:f0:c5:92:83:c1:f3:cc:f7:4b:12:91: 56:44:6f:5d:af:13:11:16:c0:12:03:a0:56:fa:ff:e8:9d:ff: 9e:ca:b7:78:c7:2b:93:55:02:4d:40:57:f6:f7:7e:e4:d3:e2: 2a:b1:55:2b:84:22:ff:fb:0b:67:90:ea:b4:19:82:fe:d6:7e: 08:46:fe:ab:9c:b5:83:84:75:02:9f:94:2d:bc:a0:90:d9:07: 33:53:30:2b:88:be:a2:a9:9c:95:7a:de:ae:52:9b:db:6f:91: 78:84:95:51:34:5e:22:0a:d9:30:e2:36:c8:3e:75:3f:33:a6: f9:c2:32:40:b0:77:1b:4b:16:f5:54:c5:10:38:df:e0:26:ae: bd:b8:3b:a0:94:29:38:34:b7:32:00:7e:50:6a:57:1e:53:96: 45:9d:c8:0d:e7:c3:b0:25:9c:e4:e0:f5:1f:30:09:08:fe:87: 21:21:4a:a8:ca:61:0e:78:d6:4b:58:9f:8e:59:97:e2:5e:f4: 59:98:6d:ea:76:41:93:df:c4:76:8b:a6:f7:78:64:55:35:4e: fc:d0:72:ee -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUKIqeOLFs0iG77PPDJUBuR8zVVEwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMzNaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDFkNTM3NjNiOTY4ZTc4ZmQxYjdmMDcwOWIyZTA5Y2EyYjQyMWFjZjc4ZTQy MTc2NDVkNTg5ZDkyMGU2NWJjZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVDGikjobW+HhuDuAZ8au5tAYjEUUXbsoEKuO+j0InUWlH9KpZ/HK3N2TnH khmKtCvO+0r7705Glfw+O5mG2qdpWy33citSFtkbHAsAx9RnxkATUL255uxzqLjl qQzfuVgxYAuTUyjZsJ2N8I5VM7tYj295HCA0LnYpcriRhYo2nYfcqVuDRAGBvBgG FPtNlrCXXVS4sZ76cyAUG80jyTmVkBNSxB6ktd1EkWLAT3J0WoiSOe9uK0jaqc/9 jAsAAR6ZrUzxMPG+no3atoURbksb9XKTYLcMBzeZ7fDCHRYpif2RdWJPGQYeBNwl W0FbaWskPCMHYE2bKK8EnUArsQECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRfu8qE wHoe71/atBpajjg8lDfVjjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NzBiYzc3MDMtMDIwZS00MTUzLWIzNDAtY2NlZDNhNDM2OTUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G CSqGSIb3DQEBCwUAA4IBAQAGJxb+gCeggO157t3reKHGGGCE+5UY75TmAerP/9uL FYoX8Ch3aTHa4k458MWSg8HzzPdLEpFWRG9drxMRFsASA6BW+v/onf+eyrd4xyuT VQJNQFf2937k0+IqsVUrhCL/+wtnkOq0GYL+1n4IRv6rnLWDhHUCn5QtvKCQ2Qcz UzAriL6iqZyVet6uUpvbb5F4hJVRNF4iCtkw4jbIPnU/M6b5wjJAsHcbSxb1VMUQ ON/gJq69uDuglCk4NLcyAH5QalceU5ZFncgN58OwJZzk4PUfMAkI/ochIUqoymEO eNZLWJ+OWZfiXvRZmG3qdkGT38R2i6b3eGRVNU780HLu -----END CERTIFICATE-----Generated at Sat Dec 6 12:01:27 2025 by rpki-client