This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json) Hash identifier: xKR49SKlIT//sDdjm1GpVlmrXkJxCc1YyH9vSep7cFo= Subject key identifier: 22:6D:FA:A3:74:F6:0F:BB:40:45:06:A9:44:6C:84:BF:09:2F:8F:1E Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 18627A76E189F7AF40A47FD10A11D1FDACFA1BE3 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa Signing time: Sat 15 Nov 2025 06:40:10 +0000 ROA not before: Sat 15 Nov 2025 06:40:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 194.52.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:62:7a:76:e1:89:f7:af:40:a4:7f:d1:0a:11:d1:fd:ac:fa:1b:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f9d4b049c0c8d1a7f89a51a548b60abc2f6c0cccd45d01a98e1c75c983858b77, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:4c:8b:1a:f7:ff:bd:3a:f5:83:ea:94:c2:18: 65:07:6d:1a:7e:58:4a:2a:c4:f4:1e:da:ee:cb:00: 59:64:58:cd:e4:4a:74:fa:b0:6c:f8:e6:3b:18:d0: 45:af:84:5d:a9:e5:4b:d0:df:c2:2d:ae:3b:15:0e: 8b:c2:03:58:7e:a5:34:f5:b6:ba:c8:d6:2d:88:09: f7:0a:b9:ab:f1:8e:b6:57:66:91:f6:70:30:97:9e: e7:cb:24:f1:12:d5:50:be:ca:4f:72:69:24:0f:15: d6:25:15:3c:71:81:aa:a1:dc:5d:0f:40:bc:62:ec: 1e:49:15:cd:10:33:3a:cb:6a:93:71:26:70:6c:c7: 1a:b3:a8:64:bf:55:7f:ed:11:89:6c:2f:2c:db:58: b0:97:28:0b:fc:2c:df:89:4f:f0:9c:37:49:59:01: 80:57:27:bb:3e:d2:72:03:e1:18:44:05:a5:7e:4a: 62:f9:6e:8e:fd:f3:3a:93:1c:34:d8:69:91:f6:7e: 5c:43:bf:aa:af:a3:a5:b4:bd:eb:bb:ac:f2:21:fa: 37:5d:dc:a6:c2:e4:94:eb:d3:65:a4:58:79:90:c0: 7d:6c:c5:ba:e2:9e:91:53:e4:f6:de:0e:50:61:48: 85:a7:22:a1:a8:1f:81:a4:a8:f0:9c:53:67:01:63: d0:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:6D:FA:A3:74:F6:0F:BB:40:45:06:A9:44:6C:84:BF:09:2F:8F:1E X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.52.0.0/16 Signature Algorithm: sha256WithRSAEncryption 95:7d:d4:28:e7:3c:7f:e5:58:d4:1a:f5:74:c9:ee:77:45:ab: 34:67:38:0d:d1:cc:c0:6a:fc:88:ef:fe:00:c3:52:e6:ee:fa: 65:e3:aa:ff:96:8a:17:2d:d7:e4:c4:0b:3a:25:9a:a4:ae:50: 79:d3:5e:06:a9:f9:20:9e:5b:8e:31:86:1e:a7:36:2e:65:31: ca:db:5e:b2:70:c6:2e:b6:c0:db:af:9e:a0:d7:91:1a:00:aa: c3:99:cd:62:ea:84:83:bb:b3:88:23:a2:f7:ba:51:2d:c3:e7: cc:56:a4:02:47:ba:83:73:de:52:90:2f:38:d5:d9:3f:02:2d: dd:03:ba:0c:e9:be:3e:47:65:96:ce:33:03:0f:67:17:8b:d3: 24:d5:3a:c3:3d:a1:c1:76:d9:b5:b6:a8:7e:d1:d2:29:86:24: ff:39:bd:b1:ed:c9:f4:ea:10:0a:5b:f7:84:82:92:58:3f:9d: 9d:60:32:05:b0:6d:82:df:54:ff:04:d6:68:c2:00:5b:f7:a1: 75:f9:db:8d:0d:8f:da:56:ac:09:9f:68:02:96:54:c8:a3:ba: 14:96:0e:9d:6e:9b:4e:c9:53:0e:82:37:95:09:06:2b:3c:de: e4:a0:d3:45:4c:5a:15:9f:f9:a7:1c:39:91:6b:63:bc:c3:74: 43:e9:a8:3d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUGGJ6duGJ969ApH/RChHR/az6G+MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGY5ZDRiMDQ5YzBjOGQxYTdmODlhNTFhNTQ4YjYwYWJjMmY2YzBjY2NkNDVk MDFhOThlMWM3NWM5ODM4NThiNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN1Mixr3/7069YPqlMIYZQdtGn5YSirE9B7a7ssAWWRYzeRKdPqwbPjmOxjQ Ra+EXanlS9Dfwi2uOxUOi8IDWH6lNPW2usjWLYgJ9wq5q/GOtldmkfZwMJee58sk 8RLVUL7KT3JpJA8V1iUVPHGBqqHcXQ9AvGLsHkkVzRAzOstqk3EmcGzHGrOoZL9V f+0RiWwvLNtYsJcoC/ws34lP8Jw3SVkBgFcnuz7ScgPhGEQFpX5KYvlujv3zOpMc NNhpkfZ+XEO/qq+jpbS967us8iH6N13cpsLklOvTZaRYeZDAfWzFuuKekVPk9t4O UGFIhacioagfgaSo8JxTZwFj0E8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQibfqj dPYPu0BFBqlEbIS/CS+PHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G CSqGSIb3DQEBCwUAA4IBAQCVfdQo5zx/5VjUGvV0ye53Ras0ZzgN0czAavyI7/4A w1Lm7vpl46r/looXLdfkxAs6JZqkrlB5014GqfkgnluOMYYepzYuZTHK216ycMYu tsDbr56g15EaAKrDmc1i6oSDu7OII6L3ulEtw+fMVqQCR7qDc95SkC841dk/Ai3d A7oM6b4+R2WWzjMDD2cXi9Mk1TrDPaHBdtm1tqh+0dIphiT/Ob2x7cn06hAKW/eE gpJYP52dYDIFsG2C31T/BNZowgBb96F1+duNDY/aVqwJn2gCllTIo7oUlg6dbptO yVMOgjeVCQYrPN7koNNFTFoVn/mnHDmRa2O8w3RD6ag9 -----END CERTIFICATE-----Generated at Sat Dec 6 19:19:59 2025 by rpki-client