This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json) Hash identifier: 9LJV6p8WKUcBAUVRwXJ60bOxAqEfoppXaN/otDM0KOE= Subject key identifier: D1:42:92:86:C5:1F:22:8D:30:82:48:A8:45:7A:86:42:A3:C5:BC:B8 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3023478B55A42763A38711E56726425FB1BA61AB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa Signing time: Wed 10 Dec 2025 06:40:41 +0000 ROA not before: Wed 10 Dec 2025 06:40:41 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 194.52.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:23:47:8b:55:a4:27:63:a3:87:11:e5:67:26:42:5f:b1:ba:61:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:41 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2933834dcbaac9f43a490a2f3b6e2c6ced61277dab3514ff60991a777727f8e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:3a:1f:1c:68:ab:87:0c:61:6f:33:b4:19:b0: d1:d5:70:16:21:83:ba:cd:7b:fc:bc:10:6b:8d:af: cf:0f:5e:4c:ca:7d:f8:cf:72:76:86:7c:5a:fb:d7: a1:ee:07:64:1d:e6:33:21:e9:25:e4:95:09:51:12: 65:74:be:17:62:90:45:38:dc:16:f3:f5:eb:3b:0b: fa:e2:9f:7b:4b:ef:c9:91:4e:39:fe:55:9c:37:73: 49:18:9f:85:f5:3b:bb:b2:46:01:99:e1:e0:a1:c0: 41:dd:46:e5:65:51:31:d8:d0:ec:50:95:8b:17:f5: aa:bb:80:e8:75:61:b3:eb:5a:49:05:5b:58:da:88: f1:b5:0a:78:ca:40:b6:df:b6:00:5d:52:14:0e:4d: 11:d2:24:25:59:56:ea:d6:41:ec:0b:2a:d2:34:ef: a5:20:00:95:66:c5:ea:4f:a3:df:27:d3:ba:be:02: c1:df:a1:3c:ae:37:bc:48:ce:cf:e4:bb:9e:91:74: 0a:a2:0c:60:3e:d3:1d:b5:af:98:7b:24:bb:52:42: 20:c1:70:c1:13:60:f8:5a:51:3e:69:1f:ef:8f:be: 40:f4:21:d4:fd:59:c6:b0:27:bb:3d:cf:22:40:18: b3:7d:47:be:1e:61:47:05:6e:76:76:8f:3f:4e:2c: 0a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:42:92:86:C5:1F:22:8D:30:82:48:A8:45:7A:86:42:A3:C5:BC:B8 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.52.0.0/16 Signature Algorithm: sha256WithRSAEncryption 2e:5e:fa:fd:c8:f7:03:d6:3a:e3:86:a6:a4:73:d0:df:68:97: f7:5c:dc:64:49:2a:ed:54:19:3f:ef:bd:40:34:14:f1:1a:71: 1a:4e:bc:9a:b3:47:03:03:c4:d7:45:e4:52:0e:a8:5d:b7:38: 69:d0:ec:32:60:47:c0:f6:10:48:f6:45:93:b2:1c:51:2d:0c: 08:d3:a9:86:32:98:13:83:33:df:e9:2c:f8:ba:4f:b4:7a:98: 18:a5:8d:3d:be:8c:50:a3:19:14:df:b3:1a:1d:8d:7e:09:e9: bb:7f:83:53:98:14:5b:1a:fd:21:74:d1:97:35:08:e6:bc:10: 84:6a:36:a1:0e:54:47:dc:40:b6:4e:c2:81:0a:fb:13:dd:72: 98:6d:1c:73:f5:c7:2f:eb:1a:7d:75:72:a3:83:95:3f:ef:01: c1:c5:79:15:33:9d:48:a0:db:7f:84:1e:e4:8b:90:47:3f:a5: a8:c7:0e:68:cf:8b:03:9d:3c:62:66:44:e1:89:fa:d4:da:c9: 68:85:1a:d5:b4:2e:1d:15:02:93:5b:09:28:a8:2e:96:af:96: a8:f5:3d:96:b8:b6:a1:19:f4:08:93:8a:38:33:e9:1c:52:e0: c0:5f:c3:b2:65:3c:98:f6:52:5b:d4:c5:c1:77:57:c2:72:c1: f7:b9:2c:12 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUMCNHi1WkJ2OjhxHlZyZCX7G6YaswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwNDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI5MzM4MzRkY2JhYWM5ZjQzYTQ5MGEyZjNiNmUyYzZjZWQ2MTI3N2RhYjM1 MTRmZjYwOTkxYTc3NzcyN2Y4ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJc6Hxxoq4cMYW8ztBmw0dVwFiGDus17/LwQa42vzw9eTMp9+M9ydoZ8WvvX oe4HZB3mMyHpJeSVCVESZXS+F2KQRTjcFvP16zsL+uKfe0vvyZFOOf5VnDdzSRif hfU7u7JGAZnh4KHAQd1G5WVRMdjQ7FCVixf1qruA6HVhs+taSQVbWNqI8bUKeMpA tt+2AF1SFA5NEdIkJVlW6tZB7Asq0jTvpSAAlWbF6k+j3yfTur4Cwd+hPK43vEjO z+S7npF0CqIMYD7THbWvmHsku1JCIMFwwRNg+FpRPmkf74++QPQh1P1ZxrAnuz3P IkAYs31Hvh5hRwVudnaPP04sCqkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTRQpKG xR8ijTCCSKhFeoZCo8W8uDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G CSqGSIb3DQEBCwUAA4IBAQAuXvr9yPcD1jrjhqakc9DfaJf3XNxkSSrtVBk/771A NBTxGnEaTryas0cDA8TXReRSDqhdtzhp0OwyYEfA9hBI9kWTshxRLQwI06mGMpgT gzPf6Sz4uk+0epgYpY09voxQoxkU37MaHY1+Cem7f4NTmBRbGv0hdNGXNQjmvBCE ajahDlRH3EC2TsKBCvsT3XKYbRxz9ccv6xp9dXKjg5U/7wHBxXkVM51IoNt/hB7k i5BHP6Woxw5oz4sDnTxiZkThifrU2slohRrVtC4dFQKTWwkoqC6Wr5ao9T2WuLah GfQIk4o4M+kcUuDAX8OyZTyY9lJb1MXBd1fCcsH3uSwS -----END CERTIFICATE-----Generated at Tue Dec 16 00:31:57 2025 by rpki-client