This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json) Hash identifier: X+sgdf1vptm8sOFjP3yxRTyibvAr0eIAqjV1Tavv9ZI= Subject key identifier: 91:4C:C0:1E:B0:6C:D0:96:87:E1:66:92:62:96:4A:FA:FF:D9:FF:EA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1C0E9F01AC458BB58EF912989DA12C79E4328C8F Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa Signing time: Sat 15 Nov 2025 06:40:37 +0000 ROA not before: Sat 15 Nov 2025 06:40:37 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.34.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:0e:9f:01:ac:45:8b:b5:8e:f9:12:98:9d:a1:2c:79:e4:32:8c:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:37 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=4df3be338c1d43f41123ff392c91b80d1ef5fd77725e89b56823e15e57230cfa, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:62:47:46:b6:6f:d8:c3:04:ef:db:7b:a2:6b: d0:36:fa:61:e2:ad:6a:4e:02:d3:32:4b:3b:94:8e: dd:d5:45:9b:fc:5c:65:9a:9a:4f:37:c7:27:2d:c5: ba:9d:42:98:6a:13:ea:9d:69:8a:05:26:1c:d4:10: 96:9b:90:0c:6d:bc:26:b0:12:7d:e1:3e:9e:64:0a: 34:53:6b:6a:48:a4:f9:db:6a:11:13:2a:f6:bb:b4: d5:5b:3b:05:33:e0:2b:63:9a:bb:17:80:20:4b:40: a2:c7:c7:6b:fc:92:bc:b4:c8:20:99:70:1e:2f:46: d0:e8:f4:6a:a0:29:97:2b:94:ae:7d:5c:16:20:50: a9:5e:ac:0c:f0:85:1c:17:62:22:88:ac:54:00:3c: de:28:61:7f:74:3c:e1:ac:28:23:b5:ac:d2:7f:ca: c3:02:54:80:8e:f4:96:0c:38:58:ed:e4:26:ee:a5: 93:85:c1:0d:ca:d7:fc:c3:ed:19:9b:b5:d8:15:ec: 66:1f:09:b9:5b:88:e2:37:a0:af:f2:2d:f0:8c:38: 79:39:c0:7c:82:22:75:1c:40:3d:58:83:ed:d0:a3: 56:52:4e:dd:89:08:53:ed:9f:b9:91:82:30:c9:1f: 7c:6a:61:4f:fe:74:1d:c1:22:38:c8:0e:5b:44:52: f8:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:4C:C0:1E:B0:6C:D0:96:87:E1:66:92:62:96:4A:FA:FF:D9:FF:EA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.34.0.0/15 Signature Algorithm: sha256WithRSAEncryption 39:5d:18:a8:86:92:38:85:cc:77:ab:ef:fc:1a:7c:c5:c1:fc: f1:ff:71:b9:4c:b6:7d:6c:5d:d9:30:3e:16:aa:cb:06:0e:9b: 66:3d:46:41:7c:9f:56:c8:ff:d7:4e:50:eb:f9:a1:e7:a6:3e: e8:84:fe:fa:07:e9:63:08:0a:89:ee:cd:77:95:04:8e:db:ae: ad:91:48:ba:eb:52:b5:be:60:c6:a8:a4:7e:3d:d8:5e:1b:5c: a7:d6:1c:d5:e9:78:40:87:0d:c9:6c:b3:1a:84:e4:29:f5:4e: 3c:df:ce:f3:29:48:fa:99:2f:d8:db:5a:17:69:45:6d:63:d9: 2b:4b:98:3c:95:f6:59:ff:50:f4:a6:95:e9:6b:5f:7c:30:84: 6e:0a:2c:c9:70:8f:16:b8:ea:0d:66:2b:5a:27:37:8d:43:55: 5d:d0:54:ee:24:c6:32:d2:4e:2f:42:39:c2:71:5c:8d:53:bd: 95:83:5c:ce:11:de:6c:fa:eb:34:a8:af:ac:0a:42:29:ad:11: 37:e2:4a:e1:b8:86:f2:e5:56:50:58:88:3b:b4:6e:61:6b:b0: 98:26:4b:e2:29:9e:78:bc:e0:36:93:dc:ef:de:7d:68:10:b8: a1:f6:ee:50:42:40:8a:2b:b8:69:7e:a4:ff:15:6f:29:56:7f: fe:0d:6b:9f -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUHA6fAaxFi7WO+RKYnaEseeQyjI8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMzdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDRkZjNiZTMzOGMxZDQzZjQxMTIzZmYzOTJjOTFiODBkMWVmNWZkNzc3MjVl ODliNTY4MjNlMTVlNTcyMzBjZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1iR0a2b9jDBO/be6Jr0Db6YeKtak4C0zJLO5SO3dVFm/xcZZqaTzfHJy3F up1CmGoT6p1pigUmHNQQlpuQDG28JrASfeE+nmQKNFNrakik+dtqERMq9ru01Vs7 BTPgK2OauxeAIEtAosfHa/ySvLTIIJlwHi9G0Oj0aqAplyuUrn1cFiBQqV6sDPCF HBdiIoisVAA83ihhf3Q84awoI7Ws0n/KwwJUgI70lgw4WO3kJu6lk4XBDcrX/MPt GZu12BXsZh8JuVuI4jegr/It8Iw4eTnAfIIidRxAPViD7dCjVlJO3YkIU+2fuZGC MMkffGphT/50HcEiOMgOW0RS+JECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRTMAe sGzQlofhZpJilkr6/9n/6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G CSqGSIb3DQEBCwUAA4IBAQA5XRiohpI4hcx3q+/8GnzFwfzx/3G5TLZ9bF3ZMD4W qssGDptmPUZBfJ9WyP/XTlDr+aHnpj7ohP76B+ljCAqJ7s13lQSO266tkUi661K1 vmDGqKR+PdheG1yn1hzV6XhAhw3JbLMahOQp9U48387zKUj6mS/Y21oXaUVtY9kr S5g8lfZZ/1D0ppXpa198MIRuCizJcI8WuOoNZitaJzeNQ1Vd0FTuJMYy0k4vQjnC cVyNU72Vg1zOEd5s+us0qK+sCkIprRE34krhuIby5VZQWIg7tG5ha7CYJkviKZ54 vOA2k9zv3n1oELih9u5QQkCKK7hpfqT/FW8pVn/+DWuf -----END CERTIFICATE-----Generated at Sat Dec 6 19:53:07 2025 by rpki-client