This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json) Hash identifier: kq350w2dMWmctAeQ1bNq8AtVW83Qf9atSmdD31uPp5I= Subject key identifier: 9C:69:99:37:44:BF:E3:1C:99:38:DC:47:01:00:1B:37:14:AB:73:BD Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 552B4DCF101D7A51DBADB509275E8404ED0CFEC7 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa Signing time: Tue 25 Nov 2025 20:10:03 +0000 ROA not before: Tue 25 Nov 2025 20:10:03 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a01:578:13::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:2b:4d:cf:10:1d:7a:51:db:ad:b5:09:27:5e:84:04:ed:0c:fe:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:03 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=83486c8c6e14e99cf8d4b2f0be288fe3802b6770342801cf457c20084942f235, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:87:53:2a:9b:98:55:11:0a:55:c2:04:49:8e: 8f:16:ff:eb:b4:5e:42:aa:ba:69:86:b3:bd:6c:bd: e8:91:f8:61:51:78:19:fe:d9:0b:4f:e5:61:f5:4e: 28:be:bb:05:b9:53:3a:d6:6d:81:6d:f1:f8:c7:0a: d5:16:52:b7:38:f4:e0:eb:61:e8:2e:79:d5:38:ac: e7:5d:05:80:10:9a:2b:b1:d5:52:89:79:0f:ec:4f: 49:7f:c2:0b:27:30:d4:18:37:58:57:ff:c5:25:1b: 26:7c:d9:42:d6:d7:fc:16:8e:e8:bf:ba:83:4a:54: 04:9d:9f:2a:3f:38:ea:fd:f4:6e:70:6f:e0:a1:24: 27:45:dc:e6:97:b2:45:3e:17:db:84:ca:26:f0:03: 9c:77:20:74:37:c7:fa:bc:67:49:b5:81:02:6c:d5: ac:8a:92:0a:ef:f4:34:7a:0a:d3:02:02:60:05:8a: f7:94:eb:85:b6:65:dd:3d:80:33:a6:69:f0:38:e9: df:d4:77:48:7e:a9:13:ee:01:43:ca:f2:ab:02:9e: 12:e2:85:a0:5f:8d:99:a5:d0:1e:5e:b9:52:00:8e: 25:9f:ce:db:47:50:ea:01:ba:2c:06:2b:7b:bb:8e: f4:9c:fe:98:50:2b:52:30:dd:61:22:85:cc:7f:2d: e7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:69:99:37:44:BF:E3:1C:99:38:DC:47:01:00:1B:37:14:AB:73:BD X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:578:13::/48 Signature Algorithm: sha256WithRSAEncryption 59:96:8b:a2:e2:26:0c:f3:f8:46:36:38:19:db:c0:45:e8:11: 5c:78:4f:a4:05:a6:bb:aa:97:99:52:d0:9f:a5:17:4b:b0:94: 18:ec:4a:61:3e:3b:39:b8:32:0f:50:1f:a5:87:03:19:20:33: 9f:3c:64:0e:ae:b5:93:87:5b:97:51:6b:71:b5:b8:ff:5d:dc: 9c:26:f6:9f:1a:f5:67:e0:3a:1b:40:d1:15:bc:6d:b0:3e:bf: ec:63:29:1c:fb:c7:81:19:37:cb:6b:a7:f9:15:d5:54:ef:7d: 83:c6:e0:49:23:e2:dd:bc:de:ed:ad:44:f6:6f:d4:95:5b:c9: 08:33:39:f6:da:79:ee:7d:22:6f:fb:15:91:2e:fc:1b:e1:88: b2:0c:59:de:73:b4:ab:39:5c:7d:63:cf:90:6f:f8:0c:6f:a5: c2:07:f1:71:59:1e:d7:00:8f:17:e1:ac:38:58:bf:c2:2e:77: 9e:41:6f:96:0d:ff:1f:8e:3b:5b:a3:56:4c:60:4a:07:87:55: c4:57:f6:28:42:7f:f9:a3:2f:9e:7a:15:2d:c3:55:0f:0a:67: a6:d2:24:31:e5:4f:22:56:6b:19:59:ef:cb:7c:e8:a0:63:36: 1d:e9:27:71:ec:63:78:9b:25:de:68:f0:10:bc:94:2f:2e:64: 33:e3:6a:42 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUVStNzxAdelHbrbUJJ16EBO0M/scwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDNaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDgzNDg2YzhjNmUxNGU5OWNmOGQ0YjJmMGJlMjg4ZmUzODAyYjY3NzAzNDI4 MDFjZjQ1N2MyMDA4NDk0MmYyMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKaHUyqbmFURClXCBEmOjxb/67ReQqq6aYazvWy96JH4YVF4Gf7ZC0/lYfVO KL67BblTOtZtgW3x+McK1RZStzj04Oth6C551Tis510FgBCaK7HVUol5D+xPSX/C Cycw1Bg3WFf/xSUbJnzZQtbX/BaO6L+6g0pUBJ2fKj846v30bnBv4KEkJ0Xc5pey RT4X24TKJvADnHcgdDfH+rxnSbWBAmzVrIqSCu/0NHoK0wICYAWK95TrhbZl3T2A M6Zp8Djp39R3SH6pE+4BQ8ryqwKeEuKFoF+NmaXQHl65UgCOJZ/O20dQ6gG6LAYr e7uO9Jz+mFArUjDdYSKFzH8t580CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBScaZk3 RL/jHJk43EcBABs3FKtzvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA EzANBgkqhkiG9w0BAQsFAAOCAQEAWZaLouImDPP4RjY4GdvARegRXHhPpAWmu6qX mVLQn6UXS7CUGOxKYT47ObgyD1AfpYcDGSAznzxkDq61k4dbl1FrcbW4/13cnCb2 nxr1Z+A6G0DRFbxtsD6/7GMpHPvHgRk3y2un+RXVVO99g8bgSSPi3bze7a1E9m/U lVvJCDM59tp57n0ib/sVkS78G+GIsgxZ3nO0qzlcfWPPkG/4DG+lwgfxcVke1wCP F+GsOFi/wi53nkFvlg3/H447W6NWTGBKB4dVxFf2KEJ/+aMvnnoVLcNVDwpnptIk MeVPIlZrGVnvy3zooGM2HekncexjeJsl3mjwELyULy5kM+NqQg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:48:28 2025 by rpki-client