This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa File: 9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa (raw, json) Hash identifier: DJTZZZkrfUjmU45yXAbJCM69v1Yg33AbbaHhJVGYd0o= Subject key identifier: FA:4A:89:8F:87:2C:A9:D4:18:0E:57:50:E3:05:B0:F1:34:0C:A8:39 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0B4878E887F81A459D675B646036DA3AB55C2598 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa Signing time: Tue 18 Nov 2025 00:40:03 +0000 ROA not before: Tue 18 Nov 2025 00:40:03 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.84.0.0/14 maxlen: 14 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:48:78:e8:87:f8:1a:45:9d:67:5b:64:60:36:da:3a:b5:5c:25:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:03 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=0d9a305d21f9ae5baf8c3de00f5c349de675bc300422b07e5368de35d4fd6190, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:bb:7d:ba:12:66:ad:fe:c1:60:a3:0b:22:c8: 1e:03:3c:e0:58:ee:c4:22:cb:43:6e:6f:bd:c7:9e: 7f:c5:63:87:a7:24:7d:1d:5c:9d:51:ab:e5:67:2f: 31:e4:a7:02:7e:a0:a6:38:e9:3e:59:e7:e3:1f:77: a1:fd:ed:b2:58:81:a3:17:6c:26:ba:b5:c6:e9:34: b3:94:06:89:87:57:ce:59:27:b4:0a:85:47:9e:7c: 67:f3:02:0b:06:a2:30:7a:7a:14:ff:59:dc:42:0a: 3c:de:51:6f:81:91:40:72:77:ef:e1:ae:00:d7:9e: 56:34:29:45:01:4f:b7:e4:79:6e:c5:f4:5d:b4:60: 9c:b9:f1:f2:83:77:54:0b:67:01:9c:27:e7:b8:ba: 25:d3:dc:b3:6f:47:e4:07:ba:7f:c9:63:b0:a1:ab: 75:eb:dd:29:32:44:c3:c6:27:98:35:79:03:33:cf: 1b:8c:62:78:0a:95:f9:a1:70:2c:9e:c8:cf:7b:1f: 7a:70:09:43:79:c5:5d:8d:f8:e5:76:31:16:90:c2: 8d:a9:80:42:e4:cc:aa:6b:4e:e9:47:df:fb:bc:3b: bf:21:c5:ae:8c:5b:b3:58:2a:e7:41:f0:8e:89:ce: a4:24:d5:63:dd:30:93:de:ff:45:14:ef:c1:1d:07: 6f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:4A:89:8F:87:2C:A9:D4:18:0E:57:50:E3:05:B0:F1:34:0C:A8:39 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.84.0.0/14 Signature Algorithm: sha256WithRSAEncryption a1:6d:bf:1e:ba:fd:54:1b:41:36:54:eb:59:cc:ca:50:ad:0a: be:a4:56:c8:22:41:39:7f:7c:c5:a4:b1:b2:b0:f8:84:99:f7: 2e:81:57:c4:3a:e0:50:4b:08:0b:0f:8a:03:f4:96:e4:02:42: af:9e:b9:1b:63:3d:c3:98:ea:4f:53:7d:20:df:4a:07:2a:66: ae:c3:a6:6a:1b:5a:e4:48:01:6b:4d:15:a9:3e:87:59:8e:c9: b8:31:0f:78:95:f0:f2:28:a1:66:40:fd:b0:ef:fa:d0:5d:e8: 6e:b3:8f:07:0e:08:a9:89:65:a9:e2:d9:82:91:03:c8:95:f1: 07:c8:5d:be:7b:a6:41:9c:4f:d9:09:b4:a9:b9:27:5d:a7:1d: 84:c9:fa:2f:5a:33:df:3f:8c:05:42:ad:0a:78:56:b1:99:e4: 6e:18:db:2d:32:ce:6e:14:09:22:42:0f:71:e9:8d:05:7f:27: 86:a2:46:54:fa:71:ef:a6:bc:87:25:58:bc:fa:16:43:a7:b7: 93:6b:ec:15:ab:4d:ad:0f:47:8a:83:e3:6e:eb:0e:9c:fd:bd: 65:0a:fc:fb:ac:84:e4:ee:6e:9a:50:fa:18:a8:3e:3e:5c:08: ca:b7:1f:53:9e:e0:ec:50:73:f6:40:6e:dd:15:0f:5f:e2:78: 33:c9:0a:73 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUC0h46If4GkWdZ1tkYDbaOrVcJZgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDNaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDBkOWEzMDVkMjFmOWFlNWJhZjhjM2RlMDBmNWMzNDlkZTY3NWJjMzAwNDIy YjA3ZTUzNjhkZTM1ZDRmZDYxOTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOK7fboSZq3+wWCjCyLIHgM84FjuxCLLQ25vvceef8Vjh6ckfR1cnVGr5Wcv MeSnAn6gpjjpPlnn4x93of3tsliBoxdsJrq1xuk0s5QGiYdXzlkntAqFR558Z/MC CwaiMHp6FP9Z3EIKPN5Rb4GRQHJ37+GuANeeVjQpRQFPt+R5bsX0XbRgnLnx8oN3 VAtnAZwn57i6JdPcs29H5Ae6f8ljsKGrdevdKTJEw8YnmDV5AzPPG4xieAqV+aFw LJ7Iz3sfenAJQ3nFXY345XYxFpDCjamAQuTMqmtO6Uff+7w7vyHFroxbs1gq50Hw jonOpCTVY90wk97/RRTvwR0Hb/MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6SomP hyyp1BgOV1DjBbDxNAyoOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OWExZmEzOTEtNDM3Ny00NGJhLWE2YzctYzc4NWZjOWE3NzMzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G CSqGSIb3DQEBCwUAA4IBAQChbb8euv1UG0E2VOtZzMpQrQq+pFbIIkE5f3zFpLGy sPiEmfcugVfEOuBQSwgLD4oD9JbkAkKvnrkbYz3DmOpPU30g30oHKmauw6ZqG1rk SAFrTRWpPodZjsm4MQ94lfDyKKFmQP2w7/rQXehus48HDgipiWWp4tmCkQPIlfEH yF2+e6ZBnE/ZCbSpuSddpx2EyfovWjPfP4wFQq0KeFaxmeRuGNstMs5uFAkiQg9x 6Y0FfyeGokZU+nHvpryHJVi8+hZDp7eTa+wVq02tD0eKg+Nu6w6c/b1lCvz7rITk 7m6aUPoYqD4+XAjKtx9TnuDsUHP2QG7dFQ9f4ngzyQpz -----END CERTIFICATE-----Generated at Sat Dec 6 10:54:57 2025 by rpki-client