This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json) Hash identifier: 1R+HozCcNVJQaxsW7NO9Kgoe5dSzHCQim4ad7aauauw= Subject key identifier: 8C:10:3F:45:7D:46:F5:66:6B:1F:B7:3B:ED:48:16:21:3F:18:21:AF Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 340C1AE791FED564D989ACC0BDDEB59C982DB097 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa Signing time: Tue 18 Nov 2025 00:40:32 +0000 ROA not before: Tue 18 Nov 2025 00:40:32 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.20.0.0/14 maxlen: 14 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:0c:1a:e7:91:fe:d5:64:d9:89:ac:c0:bd:de:b5:9c:98:2d:b0:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:32 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=ac758f6985125d729051a8f7a9261867215c71fe9dc6fc0535571469057bc274, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b5:72:8e:a3:32:39:f8:d1:3e:55:fa:11:cd: b0:b2:00:6e:bd:bc:8c:44:24:16:61:8e:2f:8c:a8: 08:42:dc:c6:46:bc:fd:f7:ff:33:5b:5a:e2:15:4f: f4:f5:84:b5:a3:8a:da:1a:a0:12:0e:d6:d6:46:11: 28:31:5b:0b:ee:da:22:85:92:54:db:e5:05:c3:5e: f5:fd:d7:1d:9d:76:89:50:da:c6:b2:0f:09:c4:12: 2e:55:b7:63:72:d1:db:cb:6a:af:68:e0:aa:84:cb: 96:b1:6a:9c:18:8b:2c:76:64:77:5f:20:fc:b6:e5: 53:fa:97:68:1e:f8:2c:10:60:fa:58:01:c2:3c:c9: 58:85:98:2e:b9:fb:91:a9:cd:5c:a7:da:40:bf:ff: 25:75:a1:0f:f7:88:2f:7b:67:87:5e:b9:96:01:14: 02:fb:f0:e6:c3:86:32:77:f1:2f:f4:d5:34:5f:a3: d7:38:bc:1d:9c:c7:d3:b0:2f:ac:7e:1d:0a:7e:b7: b2:7e:7c:f1:45:d9:ba:05:cd:47:69:a8:81:9a:1c: 99:dd:bf:09:03:da:67:40:25:75:53:ec:6d:61:7c: 0b:3b:98:d2:22:ee:ad:d3:2f:fe:11:cb:8e:55:0a: 4e:37:03:27:e0:a6:b6:46:8b:cd:99:d0:37:a4:61: 1b:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:10:3F:45:7D:46:F5:66:6B:1F:B7:3B:ED:48:16:21:3F:18:21:AF X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.20.0.0/14 Signature Algorithm: sha256WithRSAEncryption 6e:4e:78:3d:67:17:ba:49:50:7b:80:b2:f1:07:65:3a:31:76: 79:c7:bf:d8:08:f6:1d:9c:0d:00:26:3a:3d:c3:37:6a:07:01: 16:7d:75:32:ad:cd:e6:7a:4b:68:f4:e3:63:c4:25:6b:39:8f: 42:74:ec:db:52:54:9f:8c:be:b0:17:51:b0:dd:82:b6:41:6d: c7:68:c7:7c:f3:69:ca:fc:84:4e:6f:57:05:ef:51:86:eb:4a: 8b:dd:a3:b3:31:94:32:1b:7f:70:d9:0a:91:d3:d2:9a:8e:1d: 1f:ff:a9:21:55:7e:62:13:48:a1:4c:32:8b:a1:f8:f8:fa:18: 33:56:4c:9e:c4:88:2c:52:a7:73:e8:7a:8c:11:c4:99:79:6a: c0:91:56:6e:06:b9:19:77:d1:53:7e:0d:8f:6e:20:62:ac:18: e5:73:01:a3:b2:bb:5d:a5:73:3d:7c:f7:1b:e7:8d:af:b6:b7: c0:d1:33:74:d4:a6:c4:c1:b6:f6:a9:b4:af:2b:fc:1d:8c:d1: e5:d2:63:5b:d2:04:30:90:73:8e:ac:9e:64:b9:1a:d6:29:c1: 04:4a:cc:94:9f:c8:67:7a:89:2f:3a:6e:89:f4:e6:68:54:1d: 79:45:27:bc:ef:a5:80:6b:86:32:ca:52:10:c4:84:13:c9:86: 93:e2:18:f8 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUNAwa55H+1WTZiazAvd61nJgtsJcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMzJaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGFjNzU4ZjY5ODUxMjVkNzI5MDUxYThmN2E5MjYxODY3MjE1YzcxZmU5ZGM2 ZmMwNTM1NTcxNDY5MDU3YmMyNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALe1co6jMjn40T5V+hHNsLIAbr28jEQkFmGOL4yoCELcxka8/ff/M1ta4hVP 9PWEtaOK2hqgEg7W1kYRKDFbC+7aIoWSVNvlBcNe9f3XHZ12iVDaxrIPCcQSLlW3 Y3LR28tqr2jgqoTLlrFqnBiLLHZkd18g/LblU/qXaB74LBBg+lgBwjzJWIWYLrn7 kanNXKfaQL//JXWhD/eIL3tnh165lgEUAvvw5sOGMnfxL/TVNF+j1zi8HZzH07Av rH4dCn63sn588UXZugXNR2mogZocmd2/CQPaZ0AldVPsbWF8CzuY0iLurdMv/hHL jlUKTjcDJ+CmtkaLzZnQN6RhGycCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSMED9F fUb1ZmsftzvtSBYhPxghrzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G CSqGSIb3DQEBCwUAA4IBAQBuTng9Zxe6SVB7gLLxB2U6MXZ5x7/YCPYdnA0AJjo9 wzdqBwEWfXUyrc3mekto9ONjxCVrOY9CdOzbUlSfjL6wF1Gw3YK2QW3HaMd882nK /IROb1cF71GG60qL3aOzMZQyG39w2QqR09Kajh0f/6khVX5iE0ihTDKLofj4+hgz VkyexIgsUqdz6HqMEcSZeWrAkVZuBrkZd9FTfg2PbiBirBjlcwGjsrtdpXM9fPcb 542vtrfA0TN01KbEwbb2qbSvK/wdjNHl0mNb0gQwkHOOrJ5kuRrWKcEESsyUn8hn eokvOm6J9OZoVB15RSe876WAa4YyylIQxIQTyYaT4hj4 -----END CERTIFICATE-----Generated at Sat Dec 6 09:57:52 2025 by rpki-client