This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa File: 94c2a36e-245b-439a-bf61-04132c5df5a4.roa (raw, json) Hash identifier: 8XTa2pBSRSkZOzJEfCD+UQTYfT31DczyrPj/05fr8F8= Subject key identifier: E9:AC:60:0A:F1:9E:88:2E:37:E7:73:15:B6:2B:36:16:9B:ED:32:50 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 703EC0B006C6745BB95E091A603FDCCC3D992686 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa Signing time: Sat 15 Nov 2025 06:40:30 +0000 ROA not before: Sat 15 Nov 2025 06:40:30 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.35.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:3e:c0:b0:06:c6:74:5b:b9:5e:09:1a:60:3f:dc:cc:3d:99:26:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:30 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=43243831db43b7f9ad23a4ba42850190950513941838832c9d1e4aee05158647, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:01:30:c7:db:8a:ed:60:2b:f8:cf:35:32:ae: 55:dd:2e:a9:25:87:81:fa:d1:d9:48:f2:d3:b9:8e: 7d:85:f3:f3:8e:0e:8e:b9:6e:03:98:ef:0c:13:8a: 3b:85:6d:88:42:47:1b:a3:0e:15:bb:2c:31:39:f0: 5a:3b:f9:bc:d3:96:61:7e:59:25:00:84:09:a8:71: ae:45:7a:ab:e8:f9:de:22:bf:4b:83:3a:8d:60:28: 52:d8:32:92:4c:08:f3:0c:e0:6c:84:06:57:e6:b0: 08:c2:e8:3c:03:c4:06:13:6f:d1:ea:9b:63:92:5b: d2:f9:ce:b2:56:6f:f1:40:4a:c2:43:21:13:dc:21: 9f:9f:b9:45:d0:99:52:02:47:4d:cd:d9:a3:0f:90: a2:20:4a:ce:9a:aa:69:5a:54:76:20:0e:8b:1c:71: a5:cb:58:9c:b9:5f:16:cd:7e:fc:d1:1e:7f:25:21: 01:96:29:5b:fc:48:12:d1:5c:41:f1:84:a5:db:b3: d2:4f:99:d6:68:08:d3:11:c2:5c:1a:da:ad:92:5d: 45:6d:8a:84:2c:2c:7b:9a:11:a7:3b:b1:fa:81:20: 23:2b:58:04:df:7c:0f:37:98:9c:65:5f:fd:20:3a: 32:b2:8b:f1:8a:a3:60:ae:b0:59:b6:2d:43:0b:88: 25:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:AC:60:0A:F1:9E:88:2E:37:E7:73:15:B6:2B:36:16:9B:ED:32:50 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.35.0.0/16 Signature Algorithm: sha256WithRSAEncryption 08:8a:fb:39:b5:4f:3e:c7:4b:35:95:18:bc:84:fc:99:19:10: 6a:5c:1f:70:d4:0b:e7:be:e4:50:86:30:fb:b1:9e:80:99:a9: c8:fa:72:8f:a8:90:1d:ab:2e:15:e7:f2:ab:4e:b9:e8:35:ba: 10:d4:8f:68:34:28:6b:9d:a5:a8:bf:70:ed:82:a1:29:15:5e: 4e:c7:83:76:48:5f:ea:d1:08:25:fd:6a:30:c2:55:61:18:2f: 61:6b:85:36:00:7f:44:7b:16:90:4b:85:b1:62:a8:7d:11:82: 6e:c5:f4:41:2d:00:8d:fc:88:6f:cb:f4:0b:b6:dc:03:31:e7: 82:49:fb:0f:44:dc:b2:89:8e:79:05:25:5a:05:e4:f3:3a:ce: 09:c7:ff:4e:34:16:5e:2d:5b:31:36:17:1b:fd:b4:5a:83:88: 68:5a:0d:79:45:b1:b1:2f:d1:65:17:ac:3a:cc:76:50:db:e5: 70:39:4b:c9:54:e4:4d:31:b6:67:52:74:83:a4:49:85:91:c8: 2d:7c:03:35:e0:91:b2:32:a8:8d:c5:8e:9f:e3:57:a7:15:07: 3f:7b:67:7a:91:ad:74:7a:5d:ab:a1:fb:f0:be:a6:c7:62:b0: 54:45:a8:02:cb:10:0a:ff:93:e8:67:f5:de:98:ff:67:17:16: 4c:6d:0b:bf -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUcD7AsAbGdFu5XgkaYD/czD2ZJoYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMzBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQzMjQzODMxZGI0M2I3ZjlhZDIzYTRiYTQyODUwMTkwOTUwNTEzOTQxODM4 ODMyYzlkMWU0YWVlMDUxNTg2NDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0BMMfbiu1gK/jPNTKuVd0uqSWHgfrR2Ujy07mOfYXz844OjrluA5jvDBOK O4VtiEJHG6MOFbssMTnwWjv5vNOWYX5ZJQCECahxrkV6q+j53iK/S4M6jWAoUtgy kkwI8wzgbIQGV+awCMLoPAPEBhNv0eqbY5Jb0vnOslZv8UBKwkMhE9whn5+5RdCZ UgJHTc3Zow+QoiBKzpqqaVpUdiAOixxxpctYnLlfFs1+/NEefyUhAZYpW/xIEtFc QfGEpduz0k+Z1mgI0xHCXBrarZJdRW2KhCwse5oRpzux+oEgIytYBN98DzeYnGVf /SA6MrKL8YqjYK6wWbYtQwuIJWcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTprGAK 8Z6ILjfncxW2KzYWm+0yUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTRjMmEzNmUtMjQ1Yi00MzlhLWJmNjEtMDQxMzJjNWRmNWE0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G CSqGSIb3DQEBCwUAA4IBAQAIivs5tU8+x0s1lRi8hPyZGRBqXB9w1AvnvuRQhjD7 sZ6AmanI+nKPqJAdqy4V5/KrTrnoNboQ1I9oNChrnaWov3DtgqEpFV5Ox4N2SF/q 0Qgl/WowwlVhGC9ha4U2AH9EexaQS4WxYqh9EYJuxfRBLQCN/Ihvy/QLttwDMeeC SfsPRNyyiY55BSVaBeTzOs4Jx/9ONBZeLVsxNhcb/bRag4hoWg15RbGxL9FlF6w6 zHZQ2+VwOUvJVORNMbZnUnSDpEmFkcgtfAM14JGyMqiNxY6f41enFQc/e2d6ka10 el2rofvwvqbHYrBURagCyxAK/5PoZ/XemP9nFxZMbQu/ -----END CERTIFICATE-----Generated at Sat Dec 6 12:46:51 2025 by rpki-client