This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json) Hash identifier: hTF+rmHUrot/acnp8Hu5my5HKDQOqWpKoN64G+9ngBI= Subject key identifier: 5D:5F:61:CA:F5:89:1D:8B:6A:A9:3B:D1:97:0D:98:BE:A2:F7:65:0E Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2D4F1E85C6BBFDFA8E7609DB449C182C66ECB9D3 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa Signing time: Tue 18 Nov 2025 00:40:30 +0000 ROA not before: Tue 18 Nov 2025 00:40:30 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.93.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:4f:1e:85:c6:bb:fd:fa:8e:76:09:db:44:9c:18:2c:66:ec:b9:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:30 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=7f9f5be5e88c5b783e1302a4f016430353b74a633e34039de267e6e0a9ea0506, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:9e:09:9b:84:fb:da:c3:4f:6b:be:51:10:ee: 32:81:fc:f2:ab:fb:92:46:71:91:98:25:75:4a:74: 0a:c0:58:6f:b5:84:19:b7:64:72:cc:6d:30:e8:81: 6e:28:b8:a6:7e:73:26:db:7e:fe:f0:fd:8b:89:f6: 37:de:8b:f7:65:58:0b:71:7e:8d:9e:a4:5c:04:5e: 13:2a:44:a3:19:27:ed:5c:19:5d:ab:6f:c0:1a:c5: 58:5a:6f:52:dd:11:75:f4:27:90:9d:bf:d8:46:26: 52:ba:22:10:f8:0b:53:2a:ec:47:66:9c:38:4d:0b: 59:36:0c:c5:62:a8:81:c1:a1:5f:14:ed:9c:21:db: 0d:2d:28:0e:6b:02:1d:54:f4:dd:a0:11:cc:ac:73: fb:30:9a:3d:b9:53:16:85:2d:1d:1a:68:34:59:b9: f7:33:6a:6c:99:b9:00:dd:61:a9:b7:b7:cf:c8:a8: 09:94:89:bd:80:bf:c1:79:e4:c7:9d:59:ed:1c:ad: 3c:02:5b:d2:4b:de:94:1e:89:7f:08:f8:13:52:62: ba:ab:03:b6:aa:1b:66:20:06:cf:e3:1c:f2:a8:1b: 80:5e:ff:ea:47:ac:00:dc:d4:7f:fb:34:e7:00:97: 7c:39:ad:db:71:71:cb:8b:44:0f:07:68:2b:9c:95: 74:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:5F:61:CA:F5:89:1D:8B:6A:A9:3B:D1:97:0D:98:BE:A2:F7:65:0E X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.93.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1c:e2:3a:05:df:ae:fb:01:ca:b2:1d:1a:37:6b:4e:c1:99:97: 11:6d:9f:36:9c:9d:68:64:ab:ff:eb:be:ff:bb:ec:4f:97:2b: c3:6d:be:24:65:3e:da:56:9d:ff:22:27:e0:1d:20:6d:0d:1f: f4:7a:15:e2:50:6a:2e:a4:bb:27:05:4b:02:ec:db:6d:98:c1: a8:3a:d1:9d:ee:4c:4d:a4:fb:d8:99:55:2c:0b:b7:8d:77:8e: 25:b6:8e:0b:4f:15:96:e0:98:8a:20:e6:0d:47:d3:6b:4f:d3: c1:06:d1:69:ce:ee:c5:5b:21:ee:de:2e:c2:35:34:25:98:31: 65:f9:ef:db:1b:c2:4a:ca:e0:aa:34:d2:ab:d4:c8:dc:b5:f2: 8a:b4:41:27:e2:ce:c5:ec:71:18:70:06:5f:66:52:fa:6c:03: b3:43:81:70:05:a5:f7:0c:87:ef:8c:9f:91:18:6f:09:66:c0: f3:28:45:5d:7f:f4:45:b0:03:96:5e:8d:ef:ae:d5:6d:8c:0c: b0:4c:bc:9a:f4:f6:a5:03:d2:30:0a:1e:29:64:59:62:f4:e6: f5:12:68:f4:41:9f:49:87:99:14:85:25:1e:7e:e0:77:2c:c9: 66:72:a6:7a:bb:7e:0b:bb:2f:36:c4:c3:db:43:a1:df:a4:be: 48:fd:71:5c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIULU8ehca7/fqOdgnbRJwYLGbsudMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMzBaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDdmOWY1YmU1ZTg4YzViNzgzZTEzMDJhNGYwMTY0MzAzNTNiNzRhNjMzZTM0 MDM5ZGUyNjdlNmUwYTllYTA1MDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKyeCZuE+9rDT2u+URDuMoH88qv7kkZxkZgldUp0CsBYb7WEGbdkcsxtMOiB bii4pn5zJtt+/vD9i4n2N96L92VYC3F+jZ6kXAReEypEoxkn7VwZXatvwBrFWFpv Ut0RdfQnkJ2/2EYmUroiEPgLUyrsR2acOE0LWTYMxWKogcGhXxTtnCHbDS0oDmsC HVT03aARzKxz+zCaPblTFoUtHRpoNFm59zNqbJm5AN1hqbe3z8ioCZSJvYC/wXnk x51Z7RytPAJb0kvelB6Jfwj4E1JiuqsDtqobZiAGz+Mc8qgbgF7/6kesANzUf/s0 5wCXfDmt23Fxy4tEDwdoK5yVdL8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdX2HK 9Ykdi2qpO9GXDZi+ovdlDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G CSqGSIb3DQEBCwUAA4IBAQAc4joF3677AcqyHRo3a07BmZcRbZ82nJ1oZKv/677/ u+xPlyvDbb4kZT7aVp3/IifgHSBtDR/0ehXiUGoupLsnBUsC7NttmMGoOtGd7kxN pPvYmVUsC7eNd44lto4LTxWW4JiKIOYNR9NrT9PBBtFpzu7FWyHu3i7CNTQlmDFl +e/bG8JKyuCqNNKr1MjctfKKtEEn4s7F7HEYcAZfZlL6bAOzQ4FwBaX3DIfvjJ+R GG8JZsDzKEVdf/RFsAOWXo3vrtVtjAywTLya9PalA9IwCh4pZFli9Ob1Emj0QZ9J h5kUhSUefuB3LMlmcqZ6u34Luy82xMPbQ6HfpL5I/XFc -----END CERTIFICATE-----Generated at Sat Dec 6 10:55:33 2025 by rpki-client