This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json) Hash identifier: 7UUWApG28IDVWSnRZ7uZYvQCovYEonaFJsOvCv2LNNo= Subject key identifier: 3E:30:0A:BB:40:F7:5D:6E:BB:2E:83:C8:48:E9:3D:46:03:23:6B:2C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 290C54BB2D291096589A919B1A40C471CDA6BC0B Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa Signing time: Wed 10 Dec 2025 06:40:04 +0000 ROA not before: Wed 10 Dec 2025 06:40:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 193.57.182.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:0c:54:bb:2d:29:10:96:58:9a:91:9b:1a:40:c4:71:cd:a6:bc:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=59479b07ef782666bb7ac7b4155e5585c203c7826da168ae77d3b16f126e53e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c2:c4:a6:5a:e1:32:79:f4:6d:0b:4b:69:65: a2:5a:c4:36:33:30:85:06:87:2c:a1:d0:9f:2b:a3: 3a:b8:92:cc:5d:32:0b:e7:ed:2a:d1:9f:14:bc:3c: 1c:b0:fd:85:bb:8b:17:11:da:03:12:40:7f:d0:3f: 38:ea:36:ea:68:3f:9e:bf:cf:4b:4c:69:d3:72:67: 95:67:9c:e9:f4:76:e4:c8:2f:c5:1a:40:31:72:c5: c2:19:e3:9b:a3:03:00:03:a0:78:ad:19:ab:a5:8e: 65:fd:e2:79:04:0c:36:4e:b3:21:e8:27:8e:91:96: 60:aa:8d:59:26:cc:61:16:f0:16:57:cc:c2:5b:61: 8d:a2:a0:69:af:e5:e7:29:42:fb:07:f9:13:26:b7: e2:10:3e:4e:b7:4b:69:e8:82:dd:30:56:43:7d:53: 41:ed:fa:9d:ad:ce:5a:20:6b:4b:74:83:f9:ee:8a: cf:40:7f:27:67:14:6a:51:c3:e9:72:1b:f3:3e:da: e0:10:9b:41:91:a8:5f:87:ff:ee:0d:59:50:27:8b: c4:e3:88:78:87:98:91:ef:fe:07:0d:34:c3:45:0d: 9c:f2:21:35:fb:f5:b8:1a:94:8f:df:f3:f3:ca:34: 2c:8b:06:ef:45:8b:e6:a9:d8:5f:ed:de:16:d8:20: 47:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:30:0A:BB:40:F7:5D:6E:BB:2E:83:C8:48:E9:3D:46:03:23:6B:2C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.57.182.0/23 Signature Algorithm: sha256WithRSAEncryption 63:2b:fa:e3:ca:53:c3:c6:d8:60:fe:65:e4:41:d0:fb:92:85: 74:e6:f2:d7:77:d0:6c:47:87:53:1b:3e:2a:38:17:ef:38:e9: 39:2c:54:ab:41:e6:5a:25:f3:3f:2c:be:55:b9:8e:39:6f:1c: 4c:ba:15:1f:18:2e:c2:72:9d:a4:5c:33:a5:83:78:55:d7:05: 3e:e9:2b:cd:37:6b:3b:0f:b7:8a:09:6d:cd:0e:ac:ef:28:7b: 92:ea:ae:2a:6d:b4:71:16:1e:2b:6c:0f:07:9c:7f:5f:cd:3d: 30:a7:f2:d1:75:13:a0:9b:95:93:79:34:f7:68:5a:d1:81:79: 3a:f1:f3:94:6e:59:2a:2a:21:f1:1e:f4:08:be:d4:12:72:ee: 8a:a5:b5:54:dc:cf:17:bb:9e:02:9e:0b:24:ef:77:dc:7b:8d: 32:ec:b7:b6:0a:01:54:d6:fd:5a:51:03:da:f9:f3:cc:fd:1f: c5:fd:2f:c0:6f:1a:2b:45:52:e5:5f:fb:d4:28:17:60:68:31: 57:d6:41:e5:23:1f:a1:44:53:d1:50:32:06:30:ed:25:7b:f6: 2b:ad:03:ee:e4:b2:3b:5d:3a:0c:8d:e1:29:74:58:c8:ab:e1: 5f:99:db:a9:c3:5f:de:b7:22:a8:ae:ac:3a:df:ab:da:e0:e3: 60:d9:a6:42 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUKQxUuy0pEJZYmpGbGkDEcc2mvAswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU5NDc5YjA3ZWY3ODI2NjZiYjdhYzdiNDE1NWU1NTg1YzIwM2M3ODI2ZGEx NjhhZTc3ZDNiMTZmMTI2ZTUzZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzCxKZa4TJ59G0LS2llolrENjMwhQaHLKHQnyujOriSzF0yC+ftKtGfFLw8 HLD9hbuLFxHaAxJAf9A/OOo26mg/nr/PS0xp03JnlWec6fR25MgvxRpAMXLFwhnj m6MDAAOgeK0Zq6WOZf3ieQQMNk6zIegnjpGWYKqNWSbMYRbwFlfMwlthjaKgaa/l 5ylC+wf5Eya34hA+TrdLaeiC3TBWQ31TQe36na3OWiBrS3SD+e6Kz0B/J2cUalHD 6XIb8z7a4BCbQZGoX4f/7g1ZUCeLxOOIeIeYke/+Bw00w0UNnPIhNfv1uBqUj9/z 88o0LIsG70WL5qnYX+3eFtggR1ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ+MAq7 QPddbrsug8hI6T1GAyNrLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN BgkqhkiG9w0BAQsFAAOCAQEAYyv648pTw8bYYP5l5EHQ+5KFdOby13fQbEeHUxs+ KjgX7zjpOSxUq0HmWiXzPyy+VbmOOW8cTLoVHxguwnKdpFwzpYN4VdcFPukrzTdr Ow+3igltzQ6s7yh7kuquKm20cRYeK2wPB5x/X809MKfy0XUToJuVk3k092ha0YF5 OvHzlG5ZKioh8R70CL7UEnLuiqW1VNzPF7ueAp4LJO933HuNMuy3tgoBVNb9WlED 2vnzzP0fxf0vwG8aK0VS5V/71CgXYGgxV9ZB5SMfoURT0VAyBjDtJXv2K60D7uSy O106DI3hKXRYyKvhX5nbqcNf3rciqK6sOt+r2uDjYNmmQg== -----END CERTIFICATE-----Generated at Wed Dec 17 17:06:41 2025 by rpki-client