This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa File: b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa (raw, json) Hash identifier: CXsksb4JeZEQnSI34o6/Y87K/CvLqHyQO5kOy/GSZ+Y= Subject key identifier: E0:52:55:BE:6E:2E:3A:42:13:4B:E1:66:A9:2D:8F:D5:AD:73:40:69 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 61B312366AB3D0CAA525E4DF83DCDC93F6D7C7A3 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa Signing time: Wed 10 Dec 2025 06:30:12 +0000 ROA not before: Wed 10 Dec 2025 06:30:12 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 57.85.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:b3:12:36:6a:b3:d0:ca:a5:25:e4:df:83:dc:dc:93:f6:d7:c7:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:12 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=7d9e97d5ba27b52045eeee1d89c8d1227fb7d56088f5fceca32505563e2cfce2, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:48:e3:31:39:42:fc:0a:cf:9b:0b:3c:06:c6: 4a:0b:18:06:69:b8:1b:8f:cc:f0:01:00:e9:c0:ba: a6:28:db:66:96:de:64:bb:d6:1a:ea:d1:24:27:76: 70:76:fd:4a:c4:b6:6c:94:f7:9b:10:77:ee:bb:95: 57:66:e2:4b:1f:9e:43:45:01:d0:2c:4f:70:d5:42: 87:45:54:73:4c:82:f0:43:81:14:ce:c5:24:19:3d: 64:55:48:4a:97:36:b9:f3:b8:66:e3:47:79:c9:71: 87:85:37:b5:f0:1d:28:65:b2:19:86:96:d9:2d:0d: 4c:f7:88:0a:e4:d4:59:fa:58:06:0f:2c:39:0a:a8: fa:a9:80:d7:d5:51:8a:f6:5b:cb:43:b8:a3:1c:91: aa:11:2d:a8:7c:5b:2c:8f:b8:b7:3a:28:28:2b:37: 61:fa:93:89:9e:0f:1a:90:e7:66:7c:5e:a2:fc:05: 78:d9:2a:1d:8f:8a:55:5a:de:75:6d:a3:20:5c:7b: 30:cc:2a:b6:e3:d5:77:ac:cf:0a:89:a2:be:c4:df: a4:29:cc:69:40:9a:0f:1d:15:fd:ad:38:18:eb:75: 7a:81:70:2a:4d:c7:ef:38:5e:41:48:91:d7:69:eb: 4e:49:0e:63:6d:82:27:d3:15:6f:d1:57:c1:a9:bf: c7:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:52:55:BE:6E:2E:3A:42:13:4B:E1:66:A9:2D:8F:D5:AD:73:40:69 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.85.0.0/16 Signature Algorithm: sha256WithRSAEncryption 67:ac:2a:6a:b1:ce:a0:a4:2a:0a:17:0c:8e:4c:b6:17:24:ed: 85:94:3d:63:ad:0b:48:f4:28:0a:30:a3:01:0a:05:8e:92:6f: 4a:21:1a:6b:c2:90:26:6f:3d:8e:09:03:bd:ce:22:fd:fe:d2: b2:4d:76:55:25:ba:84:1a:af:71:c0:f3:b2:ed:bf:b3:5b:ab: 2f:c1:99:38:be:9f:4c:1a:61:67:0b:60:34:57:3b:0f:73:b5: 97:96:9a:63:8d:d6:2b:bc:90:bc:20:9b:51:31:e1:95:56:f8: 56:12:7a:45:52:f7:77:48:f0:e5:e4:15:9b:72:d1:dd:27:a4: 40:a4:17:79:de:88:25:97:8b:36:e9:5f:ec:b7:01:fb:a9:01: 13:4b:8b:55:69:ff:08:26:a4:66:dd:63:0b:5e:86:41:53:d2: 90:04:8b:ae:6b:45:a7:f3:00:cb:d3:d0:f3:f3:fe:da:9a:b5: 08:cb:16:8d:8b:b9:fe:e7:a5:10:62:5a:5d:1e:4e:14:c1:5a: 2c:cd:4d:55:69:e7:3c:cf:9c:40:95:39:35:16:1a:d2:5f:b2: f6:e9:3b:21:30:97:8f:e3:48:a7:4d:ee:59:00:9e:46:01:9d: 7e:b5:04:81:ee:8d:b3:f7:f5:85:89:e2:a0:8b:8e:d8:aa:96: 11:d7:c2:fb -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUYbMSNmqz0MqlJeTfg9zck/bXx6MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDdkOWU5N2Q1YmEyN2I1MjA0NWVlZWUxZDg5YzhkMTIyN2ZiN2Q1NjA4OGY1 ZmNlY2EzMjUwNTU2M2UyY2ZjZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKlI4zE5QvwKz5sLPAbGSgsYBmm4G4/M8AEA6cC6pijbZpbeZLvWGurRJCd2 cHb9SsS2bJT3mxB37ruVV2biSx+eQ0UB0CxPcNVCh0VUc0yC8EOBFM7FJBk9ZFVI Spc2ufO4ZuNHeclxh4U3tfAdKGWyGYaW2S0NTPeICuTUWfpYBg8sOQqo+qmA19VR ivZby0O4oxyRqhEtqHxbLI+4tzooKCs3YfqTiZ4PGpDnZnxeovwFeNkqHY+KVVre dW2jIFx7MMwqtuPVd6zPComivsTfpCnMaUCaDx0V/a04GOt1eoFwKk3H7zheQUiR 12nrTkkOY22CJ9MVb9FXwam/xzkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgUlW+ bi46QhNL4WapLY/VrXNAaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Yjk0YzAxYWItNzhjOS00ZGVhLTg2MDUtMjA2ZWRmNGY0YWMzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G CSqGSIb3DQEBCwUAA4IBAQBnrCpqsc6gpCoKFwyOTLYXJO2FlD1jrQtI9CgKMKMB CgWOkm9KIRprwpAmbz2OCQO9ziL9/tKyTXZVJbqEGq9xwPOy7b+zW6svwZk4vp9M GmFnC2A0VzsPc7WXlppjjdYrvJC8IJtRMeGVVvhWEnpFUvd3SPDl5BWbctHdJ6RA pBd53ogll4s26V/stwH7qQETS4tVaf8IJqRm3WMLXoZBU9KQBIuua0Wn8wDL09Dz 8/7amrUIyxaNi7n+56UQYlpdHk4UwVoszU1Vaec8z5xAlTk1FhrSX7L26TshMJeP 40inTe5ZAJ5GAZ1+tQSB7o2z9/WFieKgi47YqpYR18L7 -----END CERTIFICATE-----Generated at Fri Dec 19 21:49:27 2025 by rpki-client