This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json) Hash identifier: Q8zqNhLjF+VjtMDlMgJTFFMf6R39T6O+fb+/XxLZXYU= Subject key identifier: 56:7C:8F:92:36:42:9D:B2:87:C7:76:7B:CD:34:3E:F3:80:01:81:A0 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 503DCF077087B83329AF8CDA386F269BBD16FF10 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa Signing time: Sat 15 Nov 2025 06:50:44 +0000 ROA not before: Sat 15 Nov 2025 06:50:44 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.248.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:3d:cf:07:70:87:b8:33:29:af:8c:da:38:6f:26:9b:bd:16:ff:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:44 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=1792a548111ce9240cea6e04f819b94289297dfa6359c538b1532e2c8ff8a785, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:1a:61:ee:e5:98:9b:14:07:09:d9:6b:86:c6: 2b:8d:c2:b4:04:ac:c1:ab:d0:e9:9b:35:c1:48:97: fd:90:f9:53:0a:cf:80:63:b7:69:f9:62:bb:6f:10: a6:e8:72:e0:76:aa:7f:c0:9b:77:90:db:94:05:52: f5:83:08:67:c4:5b:5d:ae:b8:57:16:66:46:00:67: 5d:6d:e7:c9:6a:31:ec:14:48:6c:cd:9f:b2:bf:bb: 5a:c9:e1:b5:f3:cb:ca:a9:52:4c:a6:cb:b2:8a:e0: fa:ec:df:6a:56:01:f8:94:d5:dd:dd:82:a1:b2:a5: d8:e5:ac:63:ea:48:df:c2:8e:1a:b0:7e:76:62:d7: c5:33:1e:86:27:6f:a3:0c:bb:2d:09:ab:18:dd:32: 91:be:24:8d:04:06:1c:9e:eb:cd:11:5c:ab:70:0d: c5:0f:55:5e:e2:25:30:13:0c:13:cc:0a:f1:5b:70: 1b:61:c5:af:6b:4f:2d:ef:54:37:b1:67:3d:e5:8f: 60:71:e6:d7:04:3b:7e:49:49:8e:8c:13:bc:a6:48: 8e:1f:5b:b2:b5:23:69:b7:de:30:f4:8f:56:dc:18: 3f:d0:e5:5e:4e:a0:c2:34:97:e9:88:f8:6c:02:30: b7:ef:78:eb:bd:eb:17:97:d5:77:6f:64:97:16:08: 79:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:7C:8F:92:36:42:9D:B2:87:C7:76:7B:CD:34:3E:F3:80:01:81:A0 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.248.0.0/15 Signature Algorithm: sha256WithRSAEncryption d6:a8:b8:4e:dd:2f:51:86:18:28:3d:d0:2f:d5:f7:ed:2f:69: 0c:d4:45:af:2c:10:b6:dc:8c:52:66:19:a5:43:60:43:7b:b0: 4e:59:52:f9:bf:49:93:b1:e3:63:c2:0b:61:8b:cc:72:00:bc: 98:2c:94:77:82:9f:b4:57:77:44:7f:07:70:bb:ca:63:34:4a: 15:b5:b5:72:69:ff:9c:65:cc:cc:4e:e7:19:f0:a2:71:b0:51: 80:60:6d:ee:09:06:33:33:46:29:cf:ab:7a:74:4e:02:dd:d0: 93:a4:22:0c:47:76:f3:bf:f3:0c:d3:51:3f:eb:ee:33:da:ec: 67:79:81:db:69:85:54:52:0f:13:21:2c:b2:ce:d0:f0:38:b7: a6:65:88:e2:c0:0b:0e:e7:3e:60:d0:cf:60:38:ff:5e:37:ee: 48:b1:7f:2e:fc:19:05:d0:9c:11:9e:58:61:a6:fa:17:60:1a: d3:da:ea:60:45:d1:f2:17:87:af:00:64:dd:33:3b:58:c6:16: 8f:56:9a:34:cd:59:9d:19:62:4d:c6:d9:94:6f:ee:f5:73:15: 9c:82:4c:67:f1:ae:27:7d:43:a9:91:e2:e0:f8:b1:37:bd:71: c2:c3:fe:21:bd:1c:8e:f1:84:19:19:26:97:eb:e3:77:03:ca: 1a:fe:00:c9 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUUD3PB3CHuDMpr4zaOG8mm70W/xAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDE3OTJhNTQ4MTExY2U5MjQwY2VhNmUwNGY4MTliOTQyODkyOTdkZmE2MzU5 YzUzOGIxNTMyZTJjOGZmOGE3ODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ0aYe7lmJsUBwnZa4bGK43CtASswavQ6Zs1wUiX/ZD5UwrPgGO3afliu28Q puhy4Haqf8Cbd5DblAVS9YMIZ8RbXa64VxZmRgBnXW3nyWox7BRIbM2fsr+7Wsnh tfPLyqlSTKbLsorg+uzfalYB+JTV3d2CobKl2OWsY+pI38KOGrB+dmLXxTMehidv owy7LQmrGN0ykb4kjQQGHJ7rzRFcq3ANxQ9VXuIlMBMME8wK8VtwG2HFr2tPLe9U N7FnPeWPYHHm1wQ7fklJjowTvKZIjh9bsrUjabfeMPSPVtwYP9DlXk6gwjSX6Yj4 bAIwt+94673rF5fVd29klxYIebsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRWfI+S NkKdsofHdnvNND7zgAGBoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G CSqGSIb3DQEBCwUAA4IBAQDWqLhO3S9RhhgoPdAv1fftL2kM1EWvLBC23IxSZhml Q2BDe7BOWVL5v0mTseNjwgthi8xyALyYLJR3gp+0V3dEfwdwu8pjNEoVtbVyaf+c ZczMTucZ8KJxsFGAYG3uCQYzM0Ypz6t6dE4C3dCTpCIMR3bzv/MM01E/6+4z2uxn eYHbaYVUUg8TISyyztDwOLemZYjiwAsO5z5g0M9gOP9eN+5IsX8u/BkF0JwRnlhh pvoXYBrT2upgRdHyF4evAGTdMztYxhaPVpo0zVmdGWJNxtmUb+71cxWcgkxn8a4n fUOpkeLg+LE3vXHCw/4hvRyO8YQZGSaX6+N3A8oa/gDJ -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:09 2025 by rpki-client