This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json) Hash identifier: WnK201CbsvpfskwaZ81HIbfQSjTwHXGAe6OYy4Oggdg= Subject key identifier: F3:47:23:6E:D9:73:0C:34:5B:A6:01:08:15:34:83:52:D4:76:3C:D6 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4AFACB3F96BD231D10924B4953EEB4536C15EEBB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa Signing time: Sat 15 Nov 2025 06:40:53 +0000 ROA not before: Sat 15 Nov 2025 06:40:53 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.117.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:fa:cb:3f:96:bd:23:1d:10:92:4b:49:53:ee:b4:53:6c:15:ee:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:53 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a16fafc2bbfc211fb7ab581f8b607289571a9c996f74ab3e33d361a962d3370f, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:8e:70:b6:05:51:b1:8d:0f:e0:8f:7c:ef:9c: c1:c2:a0:37:f1:56:c9:00:69:ae:8f:b7:82:f7:71: 03:26:c5:c5:b2:df:b9:18:25:41:11:09:3f:e0:f0: 11:e6:4d:f5:d0:c7:38:dd:ee:00:6a:ff:b0:02:41: e6:ee:16:6b:8b:28:1b:e9:55:9d:65:f5:55:71:73: f4:ff:e9:3f:71:63:e5:0f:1a:e5:a0:b0:d1:46:2e: 7a:ec:64:df:36:93:b7:f8:54:de:92:fb:6d:18:cf: c5:fd:89:ca:ab:41:60:22:4d:14:86:e0:1d:6b:ba: 95:7e:ef:7e:20:cf:d4:95:9a:6a:e7:6f:38:35:21: 82:1d:e6:26:3c:8f:4e:5a:a7:0c:26:ba:30:af:76: fb:a3:ed:e9:0f:8c:21:10:4f:c6:2b:c6:99:e7:2b: c5:d0:84:cb:2a:44:03:c4:df:d1:92:98:e8:41:64: db:6b:d3:ac:22:ea:7a:53:a4:94:63:26:40:32:17: 02:fd:7b:94:6c:c0:fc:c1:59:c7:c4:a5:b9:ef:df: ba:8f:e6:3e:27:8f:04:26:86:72:5e:7b:2b:11:e2: bf:6f:97:75:9a:b8:85:dd:09:40:d2:e7:be:f6:f1: cb:3d:6d:83:89:c1:18:10:f5:f1:06:0d:09:4b:a8: be:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:47:23:6E:D9:73:0C:34:5B:A6:01:08:15:34:83:52:D4:76:3C:D6 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.117.0.0/16 Signature Algorithm: sha256WithRSAEncryption 86:f2:13:3d:9a:9a:3b:12:00:00:98:12:30:8a:d4:9a:34:0b: c1:39:d8:15:f2:08:a2:b9:b9:55:7d:3e:fb:1c:70:e6:ba:25: 9a:74:39:e1:7d:48:b8:42:77:79:37:e2:71:74:ef:3c:cb:7b: b7:33:7b:81:c3:05:be:84:b8:73:e9:70:ca:65:e4:0f:8f:60: a6:1a:de:ab:da:ad:fc:ea:2c:33:94:71:c6:b9:ee:2f:95:ef: 6e:14:fe:09:86:27:28:30:f6:88:70:d0:0c:b9:bc:cc:e7:be: 6b:d2:5c:bf:0e:60:3f:69:d9:b2:38:f8:c8:97:c7:43:a6:84: ba:3d:dd:71:96:78:6f:43:43:35:84:5a:3a:94:8c:de:76:ae: 04:4a:9e:f2:53:18:ba:b7:2f:a1:86:2b:fe:ef:74:e8:83:b0: 25:aa:62:04:06:cb:fc:12:ad:c9:dd:11:e5:c6:45:fa:bb:1a: 94:aa:08:31:42:4b:84:e9:77:52:1a:db:31:cc:4b:8f:23:ea: 5b:c7:ad:3a:77:f7:f9:d5:51:1b:d8:10:f8:50:14:41:35:e6: c1:a3:35:02:f9:65:a6:92:25:c7:3e:66:2a:d1:c6:5b:a3:d7: 96:9e:58:e7:e0:59:95:c8:24:cc:46:9d:ef:c2:55:1e:ee:8b: 9e:f6:06:4a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUSvrLP5a9Ix0QkktJU+60U2wV7rswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwNTNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGExNmZhZmMyYmJmYzIxMWZiN2FiNTgxZjhiNjA3Mjg5NTcxYTljOTk2Zjc0 YWIzZTMzZDM2MWE5NjJkMzM3MGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOqOcLYFUbGND+CPfO+cwcKgN/FWyQBpro+3gvdxAybFxbLfuRglQREJP+Dw EeZN9dDHON3uAGr/sAJB5u4Wa4soG+lVnWX1VXFz9P/pP3Fj5Q8a5aCw0UYueuxk 3zaTt/hU3pL7bRjPxf2JyqtBYCJNFIbgHWu6lX7vfiDP1JWaaudvODUhgh3mJjyP TlqnDCa6MK92+6Pt6Q+MIRBPxivGmecrxdCEyypEA8Tf0ZKY6EFk22vTrCLqelOk lGMmQDIXAv17lGzA/MFZx8Slue/fuo/mPiePBCaGcl57KxHiv2+XdZq4hd0JQNLn vvbxyz1tg4nBGBD18QYNCUuovgkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTzRyNu 2XMMNFumAQgVNINS1HY81jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G CSqGSIb3DQEBCwUAA4IBAQCG8hM9mpo7EgAAmBIwitSaNAvBOdgV8giiublVfT77 HHDmuiWadDnhfUi4Qnd5N+JxdO88y3u3M3uBwwW+hLhz6XDKZeQPj2CmGt6r2q38 6iwzlHHGue4vle9uFP4JhicoMPaIcNAMubzM575r0ly/DmA/admyOPjIl8dDpoS6 Pd1xlnhvQ0M1hFo6lIzedq4ESp7yUxi6ty+hhiv+73Tog7AlqmIEBsv8Eq3J3RHl xkX6uxqUqggxQkuE6XdSGtsxzEuPI+pbx606d/f51VEb2BD4UBRBNebBozUC+WWm kiXHPmYq0cZbo9eWnljn4FmVyCTMRp3vwlUe7oue9gZK -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:58 2025 by rpki-client