This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json) Hash identifier: lijMJq5xotPCJjRbGl1/2PT0KW+eBVrmAtXmXIraCNU= Subject key identifier: 8A:3F:A7:66:68:E7:DB:A6:4F:B1:23:DF:8E:E8:F6:45:1F:E5:8E:D7 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2A7442292B44757879640E4F543869D84A5BBD43 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa Signing time: Sun 16 Nov 2025 01:00:19 +0000 ROA not before: Sun 16 Nov 2025 01:00:19 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.96.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:74:42:29:2b:44:75:78:79:64:0e:4f:54:38:69:d8:4a:5b:bd:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:19 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=f35a23b5fe309f1041bd70d0563e7137920975af05a9e823f2b3d765393f6061, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:64:58:9f:d2:16:5d:14:6b:fe:5a:02:0b:5f: 4e:0d:f3:4b:08:51:9c:9f:22:04:38:a3:c6:c4:20: c8:f1:ff:dd:be:3d:3b:5f:41:5b:9e:be:e5:24:05: 1b:aa:fd:51:50:19:b3:09:fc:9e:b5:00:04:b1:7c: d7:f4:9d:86:a2:30:03:40:26:0c:e1:e1:5c:5e:b3: 4b:fc:35:6c:56:5e:b0:16:4e:65:a1:cc:c9:3b:b0: 42:28:b1:20:d6:38:d3:66:9d:02:87:ac:40:5f:7f: dd:24:19:53:dd:c0:e3:54:fe:bf:a3:02:09:bf:c6: ca:1e:71:b7:82:9c:42:e9:d8:4a:f7:26:cd:7a:27: cf:69:8f:5e:c6:d5:9b:54:eb:4e:fe:e5:96:5f:a5: a4:b8:f8:11:29:40:39:82:f8:6e:63:ca:17:e7:34: 6e:35:02:e0:dc:e7:66:2b:0b:4c:ec:42:f5:77:ff: c2:9f:42:b3:ae:0b:7f:72:bb:e7:ca:81:92:fb:3d: cc:17:dc:0e:dd:e8:de:71:04:2e:63:ef:da:9a:73: 0a:ed:3f:a7:e6:3c:60:2a:7f:a7:fd:6f:81:80:78: a1:4a:c4:46:9f:b9:16:8e:7b:b5:9a:ff:ab:29:fa: 16:16:2f:7f:82:a4:fc:84:28:da:19:f2:6c:57:98: 0a:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:3F:A7:66:68:E7:DB:A6:4F:B1:23:DF:8E:E8:F6:45:1F:E5:8E:D7 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.96.0/21 Signature Algorithm: sha256WithRSAEncryption 8c:30:0b:6a:5f:75:dc:08:de:96:78:a7:31:25:9a:a7:57:39: ac:63:ff:61:7c:52:64:aa:79:3f:ab:36:e0:73:ad:59:1b:ba: 71:18:64:73:9f:40:86:bb:e3:7f:48:50:4f:31:03:a1:a1:c0: e9:46:a0:ee:61:e4:12:ab:df:fb:4f:f3:8f:10:58:b1:d2:02: 13:3a:ef:c8:52:f4:7e:10:fa:9f:3b:c8:ed:e2:80:11:50:02: 33:2b:4f:57:9d:1b:07:df:aa:0c:bd:d8:c4:ae:00:e2:a7:33: e7:01:7b:b9:88:5c:50:3b:7f:d5:30:c1:b7:04:e9:a1:a1:7b: 64:3c:6e:99:30:c7:03:d6:1e:18:33:aa:3a:12:d1:a1:ec:73: 03:6d:2e:49:90:52:05:a3:a7:78:d7:bf:4a:b3:71:b3:9e:fa: 99:da:b7:6a:d6:5f:fb:71:72:cb:ff:07:3c:c8:45:1a:e0:27: 61:55:d0:05:d7:f6:85:0b:1b:a2:d8:b4:93:a3:79:26:7a:6b: 8f:08:41:7e:d8:5d:d7:ad:94:78:0c:c1:38:0a:4d:3e:dd:7d: 65:77:c1:96:78:40:81:26:41:c7:5a:d6:16:ed:20:76:f4:26: e2:85:c4:fc:08:25:eb:e2:7c:b1:5c:68:9e:42:20:04:df:b0: 2d:c1:fc:5e -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUKnRCKStEdXh5ZA5PVDhp2EpbvUMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMTlaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGYzNWEyM2I1ZmUzMDlmMTA0MWJkNzBkMDU2M2U3MTM3OTIwOTc1YWYwNWE5 ZTgyM2YyYjNkNzY1MzkzZjYwNjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVkWJ/SFl0Ua/5aAgtfTg3zSwhRnJ8iBDijxsQgyPH/3b49O19BW56+5SQF G6r9UVAZswn8nrUABLF81/SdhqIwA0AmDOHhXF6zS/w1bFZesBZOZaHMyTuwQiix INY402adAoesQF9/3SQZU93A41T+v6MCCb/Gyh5xt4KcQunYSvcmzXonz2mPXsbV m1TrTv7lll+lpLj4ESlAOYL4bmPKF+c0bjUC4NznZisLTOxC9Xf/wp9Cs64Lf3K7 58qBkvs9zBfcDt3o3nEELmPv2ppzCu0/p+Y8YCp/p/1vgYB4oUrERp+5Fo57tZr/ qyn6FhYvf4Kk/IQo2hnybFeYCtsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSKP6dm aOfbpk+xI9+O6PZFH+WO1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN BgkqhkiG9w0BAQsFAAOCAQEAjDALal913AjelninMSWap1c5rGP/YXxSZKp5P6s2 4HOtWRu6cRhkc59Ahrvjf0hQTzEDoaHA6Uag7mHkEqvf+0/zjxBYsdICEzrvyFL0 fhD6nzvI7eKAEVACMytPV50bB9+qDL3YxK4A4qcz5wF7uYhcUDt/1TDBtwTpoaF7 ZDxumTDHA9YeGDOqOhLRoexzA20uSZBSBaOneNe/SrNxs576mdq3atZf+3Fyy/8H PMhFGuAnYVXQBdf2hQsboti0k6N5JnprjwhBfthd162UeAzBOApNPt19ZXfBlnhA gSZBx1rWFu0gdvQm4oXE/Agl6+J8sVxonkIgBN+wLcH8Xg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:35 2025 by rpki-client