This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json) Hash identifier: ObzI/wDp8IZgEPal2E7QWxNsDblntUovCMEgwuhT4JM= Subject key identifier: CD:6D:FB:27:E6:C8:59:84:13:08:EA:0B:4B:EB:33:09:65:43:F6:2B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 52C911E1B1B1DD8D9742BDB5EF8B2EC321B469F2 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa Signing time: Sat 15 Nov 2025 06:50:20 +0000 ROA not before: Sat 15 Nov 2025 06:50:20 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.212.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:c9:11:e1:b1:b1:dd:8d:97:42:bd:b5:ef:8b:2e:c3:21:b4:69:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:20 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=93f7039de81720166baaeec0e0a2d01091f7bb96549b1bdaee1b1e0f0d71b95a, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:70:b1:ea:03:a5:b3:5b:0e:52:67:71:60:99: 8c:a0:70:2d:32:73:d2:72:86:19:90:e2:ed:cb:40: f5:69:25:15:e1:09:26:19:51:12:de:ae:e3:12:f0: 16:8c:76:d5:9b:d7:e1:ef:a6:5b:ba:e5:e1:05:f2: 47:c0:07:15:d2:60:e2:40:fd:a6:9e:0d:05:c5:19: 0a:7a:ca:cf:b3:49:75:b8:e7:8c:ff:b8:05:f0:24: 5d:ac:7c:85:6d:96:e0:02:bd:7b:c5:94:37:06:44: f8:18:cb:1c:d7:bb:59:98:06:1a:ef:89:6a:f0:b9: 5a:b2:33:9d:09:4e:91:24:a8:f6:41:a0:0b:f8:04: d4:b5:cc:95:89:9a:d7:09:36:f0:dc:8d:1a:e4:f1: 99:6f:97:77:1a:f1:f0:e8:6a:d4:8b:78:84:13:54: 4b:6e:c4:75:1a:3a:34:6e:c3:4d:01:85:4c:1a:32: 2f:d4:1c:4f:b6:94:98:02:82:65:9a:09:6a:5c:fe: a6:17:b6:e4:cd:4a:6d:2f:e1:ab:b2:09:6e:f4:73: a5:45:5a:79:81:3b:96:83:1f:f7:d5:29:73:08:b9: 82:65:1c:74:5a:15:73:8f:67:b7:13:2e:29:0e:2a: 20:c6:b9:c4:1a:e9:63:83:08:a9:cf:35:c9:39:c4: c4:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:6D:FB:27:E6:C8:59:84:13:08:EA:0B:4B:EB:33:09:65:43:F6:2B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.212.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7f:5e:f8:47:e0:2a:bb:ac:c9:9a:52:4a:ad:77:a4:15:5c:f3: 05:df:ba:ca:55:b5:ba:b8:52:17:e4:b8:ee:0d:c0:ae:b8:27: 67:e8:c0:c7:5c:8d:5d:ff:79:59:df:31:75:07:36:62:fd:b6: 49:89:d7:73:43:8c:f9:93:73:e1:96:a8:e3:a3:9c:e0:e7:aa: 4f:d2:47:3d:3b:69:97:22:b3:e7:ab:55:2a:c4:83:ba:88:f0: e3:d9:b9:e3:ce:da:f0:46:f0:83:1a:7a:0f:59:29:ba:92:a6: 3d:18:bf:b7:0c:91:c9:ac:fd:da:9c:a9:b4:e5:09:70:a2:07: 45:6d:42:e7:0c:48:42:b1:f0:48:18:76:e8:64:8a:19:0d:48: 41:ca:20:f4:5d:35:17:18:20:62:bb:a1:72:ef:9a:f2:76:eb: f8:9a:aa:9d:a9:0f:ab:26:47:08:42:9f:79:c4:0b:9e:18:ac: fb:41:ec:36:9d:6b:fe:cf:76:c0:cc:4a:4a:76:af:f9:02:c8: cd:33:56:e5:53:ab:8f:16:18:8d:fe:fc:5c:5f:a8:6b:2e:a6: 85:c1:5d:4f:69:10:74:68:ba:ef:c7:cd:cb:68:91:67:94:15: 00:cf:1e:66:06:21:0e:b5:72:54:4b:b9:8a:73:55:80:3c:ca: 8f:be:5f:08 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUUskR4bGx3Y2XQr2174suwyG0afIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMjBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDkzZjcwMzlkZTgxNzIwMTY2YmFhZWVjMGUwYTJkMDEwOTFmN2JiOTY1NDli MWJkYWVlMWIxZTBmMGQ3MWI5NWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL5wseoDpbNbDlJncWCZjKBwLTJz0nKGGZDi7ctA9WklFeEJJhlREt6u4xLw Fox21ZvX4e+mW7rl4QXyR8AHFdJg4kD9pp4NBcUZCnrKz7NJdbjnjP+4BfAkXax8 hW2W4AK9e8WUNwZE+BjLHNe7WZgGGu+JavC5WrIznQlOkSSo9kGgC/gE1LXMlYma 1wk28NyNGuTxmW+Xdxrx8Ohq1It4hBNUS27EdRo6NG7DTQGFTBoyL9QcT7aUmAKC ZZoJalz+phe25M1KbS/hq7IJbvRzpUVaeYE7loMf99Upcwi5gmUcdFoVc49ntxMu KQ4qIMa5xBrpY4MIqc81yTnExA8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNbfsn 5shZhBMI6gtL6zMJZUP2KzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G CSqGSIb3DQEBCwUAA4IBAQB/XvhH4Cq7rMmaUkqtd6QVXPMF37rKVbW6uFIX5Lju DcCuuCdn6MDHXI1d/3lZ3zF1BzZi/bZJiddzQ4z5k3Phlqjjo5zg56pP0kc9O2mX IrPnq1UqxIO6iPDj2bnjztrwRvCDGnoPWSm6kqY9GL+3DJHJrP3anKm05QlwogdF bULnDEhCsfBIGHboZIoZDUhByiD0XTUXGCBiu6Fy75ryduv4mqqdqQ+rJkcIQp95 xAueGKz7Qew2nWv+z3bAzEpKdq/5AsjNM1blU6uPFhiN/vxcX6hrLqaFwV1PaRB0 aLrvx83LaJFnlBUAzx5mBiEOtXJUS7mKc1WAPMqPvl8I -----END CERTIFICATE-----Generated at Sat Dec 6 10:55:05 2025 by rpki-client