This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa File: 1daf6597-c039-470d-a015-f42507e1afef.roa (raw, json) Hash identifier: 2EjksJSBTUhj5wtlk/IWsu89wxaVER9LxJ5uYs4cf3E= Subject key identifier: 90:93:47:DA:FA:CE:78:76:72:E8:F9:5E:01:53:A1:B2:13:67:25:2F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 391F3CA87658D765F6E68DF0DFBE4B4FF6753AF9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa Signing time: Sat 15 Nov 2025 06:50:30 +0000 ROA not before: Sat 15 Nov 2025 06:50:30 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.172.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:1f:3c:a8:76:58:d7:65:f6:e6:8d:f0:df:be:4b:4f:f6:75:3a:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:30 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=29bfa582815fbe965c085061f6e1692461fc247daeb7b78d90772e4f6948da9d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e2:3b:b2:2a:c7:0a:df:3c:da:d2:e5:0c:83: 90:bb:2b:1a:86:9d:d6:f9:f9:87:82:cd:de:4b:13: 53:8f:f6:25:c3:e7:28:af:d2:bc:94:12:96:56:a8: 80:7a:80:0c:fe:f7:9a:ff:fb:79:5e:a4:a6:d6:99: 81:31:bb:5f:f2:c1:e7:5a:25:f6:b5:92:23:5e:a6: 22:f2:cf:fa:f6:37:26:95:07:b9:a5:d8:50:54:3a: 35:ba:32:18:55:69:e1:8f:a8:6c:c4:27:17:47:35: 71:d7:1f:fa:57:9f:b7:bb:bd:a7:0a:67:3d:73:4f: 86:35:db:d1:86:20:e6:9b:02:1c:65:07:e0:6b:02: f0:37:41:94:84:89:13:0c:ea:1a:35:aa:3c:b9:a8: a6:c6:58:09:c3:0b:88:67:56:b5:1a:1e:e9:18:d1: 5d:6e:6d:f4:b8:28:24:b0:2b:12:01:86:40:22:39: 18:00:11:38:02:46:a2:97:df:97:47:7d:10:48:1e: 26:94:76:b4:48:0d:69:27:08:e0:b7:ad:65:61:59: 37:f3:d6:ea:7d:80:cb:f0:7b:08:ef:ac:3a:3d:69: 6c:bd:d0:b1:8a:62:f8:31:1c:8f:fd:50:3c:45:21: 01:64:89:03:a7:b9:35:e9:5d:e1:81:42:73:13:51: a3:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:93:47:DA:FA:CE:78:76:72:E8:F9:5E:01:53:A1:B2:13:67:25:2F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.172.0.0/15 Signature Algorithm: sha256WithRSAEncryption 8e:4b:6e:03:b2:e9:61:95:03:49:62:fd:08:88:58:8b:aa:6d: 2c:2c:65:d3:54:3a:5c:56:0f:56:15:0e:cd:85:13:b4:a1:31: 11:2b:d9:46:8d:56:2e:4a:d4:fe:80:f0:66:5f:e7:8e:c3:a4: 58:9a:63:11:e6:8b:58:d0:d8:a9:6f:7d:f5:97:db:13:f4:ec: 53:38:b6:a5:16:0b:f0:78:26:d7:42:8d:f9:32:e4:1c:26:6d: ce:60:aa:9c:00:7a:fb:04:c2:6d:49:68:ff:ed:e2:be:8e:b8: 49:43:37:c3:49:6e:d7:f3:41:af:4d:dd:89:44:27:6f:fd:47: fa:b8:3c:09:71:71:10:80:2f:7b:62:36:0e:bc:16:90:b4:66: 3c:8b:d3:13:7e:18:78:f3:0c:c3:59:e5:67:83:80:93:9b:c1: 5b:a2:e4:c8:c7:aa:64:7d:d3:18:f7:d9:08:7b:0f:78:0f:6b: 38:ce:16:a0:06:e8:a3:eb:b7:c9:f7:20:65:fd:7c:87:91:47: b5:ca:df:3d:23:d8:58:3c:86:d8:0c:6e:7e:84:a1:3b:8a:36: fd:c1:ab:10:1a:bd:21:87:2b:53:00:70:c8:65:d7:13:23:43: 31:ca:01:a9:d8:18:24:52:22:93:55:ba:51:7c:f1:ab:95:cc: 22:b1:90:ed -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUOR88qHZY12X25o3w375LT/Z1OvkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMzBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDI5YmZhNTgyODE1ZmJlOTY1YzA4NTA2MWY2ZTE2OTI0NjFmYzI0N2RhZWI3 Yjc4ZDkwNzcyZTRmNjk0OGRhOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPiO7IqxwrfPNrS5QyDkLsrGoad1vn5h4LN3ksTU4/2JcPnKK/SvJQSllao gHqADP73mv/7eV6kptaZgTG7X/LB51ol9rWSI16mIvLP+vY3JpUHuaXYUFQ6Nboy GFVp4Y+obMQnF0c1cdcf+left7u9pwpnPXNPhjXb0YYg5psCHGUH4GsC8DdBlISJ EwzqGjWqPLmopsZYCcMLiGdWtRoe6RjRXW5t9LgoJLArEgGGQCI5GAAROAJGopff l0d9EEgeJpR2tEgNaScI4LetZWFZN/PW6n2Ay/B7CO+sOj1pbL3QsYpi+DEcj/1Q PEUhAWSJA6e5Neld4YFCcxNRo+cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQk0fa +s54dnLo+V4BU6GyE2clLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MWRhZjY1OTctYzAzOS00NzBkLWEwMTUtZjQyNTA3ZTFhZmVmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G CSqGSIb3DQEBCwUAA4IBAQCOS24DsulhlQNJYv0IiFiLqm0sLGXTVDpcVg9WFQ7N hRO0oTERK9lGjVYuStT+gPBmX+eOw6RYmmMR5otY0Nipb331l9sT9OxTOLalFgvw eCbXQo35MuQcJm3OYKqcAHr7BMJtSWj/7eK+jrhJQzfDSW7X80GvTd2JRCdv/Uf6 uDwJcXEQgC97YjYOvBaQtGY8i9MTfhh48wzDWeVng4CTm8FbouTIx6pkfdMY99kI ew94D2s4zhagBuij67fJ9yBl/XyHkUe1yt89I9hYPIbYDG5+hKE7ijb9wasQGr0h hytTAHDIZdcTI0MxygGp2BgkUiKTVbpRfPGrlcwisZDt -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:18 2025 by rpki-client