This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json) Hash identifier: QmyGFjRUNGgJZfnaUjyEzg4QsSUxgfIrNy6Wf1/uL8U= Subject key identifier: 51:14:EE:B0:F1:F1:4E:05:8E:34:55:20:7B:CE:A3:54:03:24:F8:3C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2FDA7577FD2079C182C75646FB4F0CF691348436 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa Signing time: Wed 10 Dec 2025 06:40:38 +0000 ROA not before: Wed 10 Dec 2025 06:40:38 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.109.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:da:75:77:fd:20:79:c1:82:c7:56:46:fb:4f:0c:f6:91:34:84:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:38 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a1ee1b1d7a5e8815d3f72ac0fa53de2f823cca830a48fdc808bff212ef984389, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7d:19:e2:62:6e:a4:28:3e:45:33:b9:85:9d: a3:81:32:6f:4a:76:9a:7b:b6:6c:7c:b2:cf:4c:9f: 65:44:02:45:fb:75:3c:95:e2:0d:16:bc:45:bb:21: df:81:4a:02:35:10:1b:35:ca:e2:b5:5f:75:64:af: 19:66:a4:60:3a:86:4b:ee:5a:92:dd:80:40:87:c6: 26:bf:3a:91:2f:2d:df:66:46:37:e7:f4:38:48:cd: 5e:a3:c1:e4:a2:64:23:5f:1b:58:11:a8:ad:38:6e: c6:35:a3:07:6d:be:5c:8d:56:fa:9d:11:c2:f5:47: a7:0f:9c:33:f6:21:fd:e8:c3:78:70:43:95:f6:d9: a9:5a:5b:d6:87:ce:bc:45:ee:a5:f5:76:44:8b:b0: eb:c1:48:ae:77:12:2a:2d:bd:11:a2:c3:49:67:14: df:98:bf:db:46:10:d5:c3:13:80:43:39:78:fb:3c: a2:10:fa:43:c0:04:d9:f0:12:34:95:18:63:03:be: b6:cd:8f:e0:85:ec:bb:bc:5d:66:0e:32:34:f5:30: 21:05:72:eb:85:cf:d8:52:5c:a8:ac:92:a0:25:95: 3c:2f:3f:1d:52:a5:71:97:bf:98:ab:c1:4a:43:cf: 07:8f:50:32:82:cd:3b:fb:1b:4d:af:1e:94:fb:68: 7d:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:14:EE:B0:F1:F1:4E:05:8E:34:55:20:7B:CE:A3:54:03:24:F8:3C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.109.0.0/16 Signature Algorithm: sha256WithRSAEncryption b0:6f:b5:67:69:0e:85:80:09:32:8e:4e:df:8f:64:3d:df:6a: 7b:a7:a3:76:e8:fb:f1:6d:43:8a:97:4a:ba:ac:61:b8:f2:18: 4b:37:9e:52:6e:15:9a:53:bc:c7:91:d7:25:62:51:0f:95:06: 3a:50:cd:ed:38:eb:68:fa:a5:68:6e:66:65:09:65:a1:7d:5d: 4b:15:40:e5:d2:7b:3f:a2:ab:c0:7d:e6:e2:65:4a:ad:b4:ba: 15:17:be:b2:cc:b5:4e:41:36:c9:69:19:89:82:28:87:ab:7b: cf:db:be:a0:c0:a3:d4:45:60:af:c7:ae:bb:9a:cc:04:9d:a7: 32:52:c7:19:80:df:eb:5b:af:91:2b:30:c8:ef:4e:ce:1a:e0: 1a:3a:b5:e2:d8:d6:05:38:ed:42:b0:24:c5:69:19:e4:db:8d: 99:8d:85:71:fd:5f:11:03:7a:63:5c:fc:c4:df:bf:3c:a1:6a: 04:fa:b3:93:98:56:99:ee:10:e7:45:de:36:fb:f6:95:93:b7: e2:31:80:9c:7c:72:01:1f:a4:62:12:ea:43:4f:42:75:0d:73: f0:5c:4c:7d:75:eb:ad:ec:c6:b5:c4:26:0d:92:6b:cb:bb:f8: e4:1f:2f:23:90:79:8f:e9:d6:eb:0e:af:df:b8:7d:72:5d:34: 9e:11:a2:f9 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUL9p1d/0gecGCx1ZG+08M9pE0hDYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMzhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGExZWUxYjFkN2E1ZTg4MTVkM2Y3MmFjMGZhNTNkZTJmODIzY2NhODMwYTQ4 ZmRjODA4YmZmMjEyZWY5ODQzODkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALp9GeJibqQoPkUzuYWdo4Eyb0p2mnu2bHyyz0yfZUQCRft1PJXiDRa8Rbsh 34FKAjUQGzXK4rVfdWSvGWakYDqGS+5akt2AQIfGJr86kS8t32ZGN+f0OEjNXqPB 5KJkI18bWBGorThuxjWjB22+XI1W+p0RwvVHpw+cM/Yh/ejDeHBDlfbZqVpb1ofO vEXupfV2RIuw68FIrncSKi29EaLDSWcU35i/20YQ1cMTgEM5ePs8ohD6Q8AE2fAS NJUYYwO+ts2P4IXsu7xdZg4yNPUwIQVy64XP2FJcqKySoCWVPC8/HVKlcZe/mKvB SkPPB49QMoLNO/sbTa8elPtofQUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRRFO6w 8fFOBY40VSB7zqNUAyT4PDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G CSqGSIb3DQEBCwUAA4IBAQCwb7VnaQ6FgAkyjk7fj2Q932p7p6N26PvxbUOKl0q6 rGG48hhLN55SbhWaU7zHkdclYlEPlQY6UM3tOOto+qVobmZlCWWhfV1LFUDl0ns/ oqvAfebiZUqttLoVF76yzLVOQTbJaRmJgiiHq3vP276gwKPURWCvx667mswEnacy UscZgN/rW6+RKzDI707OGuAaOrXi2NYFOO1CsCTFaRnk242ZjYVx/V8RA3pjXPzE 3788oWoE+rOTmFaZ7hDnRd42+/aVk7fiMYCcfHIBH6RiEupDT0J1DXPwXEx9deut 7Ma1xCYNkmvLu/jkHy8jkHmP6dbrDq/fuH1yXTSeEaL5 -----END CERTIFICATE-----Generated at Fri Dec 19 21:49:24 2025 by rpki-client