This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json) Hash identifier: ht7FATuxYmH+uNQaoAolx0xry4cNikQQRL3b2Ua/Kqg= Subject key identifier: BE:65:97:5A:0E:9D:30:B0:29:D9:C6:E0:03:DB:E1:A1:28:A6:4D:AA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 142024EF5D17BC9CDFFAE653CEF2485F4DEE9A8B Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa Signing time: Wed 10 Dec 2025 06:50:46 +0000 ROA not before: Wed 10 Dec 2025 06:50:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.248.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:20:24:ef:5d:17:bc:9c:df:fa:e6:53:ce:f2:48:5f:4d:ee:9a:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a66c96e9deaab239c46e8c0cefa2fca39966e32203520ca6af62c3b7ee4df679, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:02:8b:21:6b:89:e4:57:ba:8d:3c:27:6d:23: 42:ad:3c:d7:af:85:ee:72:ef:34:67:13:9a:a6:7e: 2f:7e:ec:f9:63:70:f4:ae:0d:05:cb:3d:12:94:62: a0:a7:f5:8f:28:f9:d0:75:ba:25:8c:af:ff:8f:13: c6:cf:5d:6f:7e:c8:65:f2:06:0f:68:19:fd:4b:3f: f0:0f:b7:d2:a4:86:d1:42:36:f0:39:e6:3a:a8:80: fb:89:cd:d6:ea:e7:78:a3:d4:88:3f:cf:c1:06:48: a9:34:08:16:6b:c9:2c:4a:36:5b:39:a2:6e:6a:7d: 12:ea:64:16:92:11:30:74:62:90:45:fe:7b:80:e6: e3:29:39:2c:38:eb:0a:4e:d3:74:2f:de:9a:20:fa: 3d:b2:8f:d6:fc:ab:ac:ed:d9:58:23:d9:d0:68:3d: 0a:22:c6:3e:3f:e9:f1:ad:bd:a3:c8:3b:34:1e:dc: e5:79:55:23:06:2b:79:5d:b2:e8:61:34:e3:7c:f8: 5e:13:3b:f6:ef:c2:cc:5b:7b:da:4f:02:d6:08:32: 0c:05:cc:60:6b:21:30:84:8c:48:38:db:83:60:ee: 61:3e:a8:71:ab:6c:e3:45:af:3f:22:8d:8b:6b:86: 8e:4c:f0:90:b3:03:90:08:75:00:c3:6f:41:8e:1c: 6f:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:65:97:5A:0E:9D:30:B0:29:D9:C6:E0:03:DB:E1:A1:28:A6:4D:AA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.248.0.0/15 Signature Algorithm: sha256WithRSAEncryption 2f:9d:e0:50:98:b7:c7:13:a4:cf:15:40:b4:b4:d7:ff:55:23: 03:19:18:11:ce:ea:c2:d7:b7:ff:1e:5e:a9:3c:78:f8:bd:5e: 5c:96:9f:05:89:fb:4d:7c:68:1e:d6:c6:6e:bc:c1:03:b6:63: 04:6a:ad:6c:a0:33:bf:ad:ed:7a:e2:51:88:d7:cd:72:e5:07: ae:23:91:79:56:ca:d2:fb:d1:81:9a:4c:7b:96:61:79:dd:a8: 95:e4:c9:7d:03:a5:aa:a6:6c:ce:aa:b9:f4:34:ff:ca:f4:76: b0:e9:10:45:2d:72:56:77:e8:ff:1a:ab:67:b4:1f:aa:66:4e: 3b:ee:88:df:55:bc:ce:65:55:90:b5:f7:a7:5f:57:ae:97:56: 47:c4:ee:d2:02:54:e0:a8:34:16:c0:76:1e:5b:91:6e:7f:4e: 2c:a0:53:f2:8d:5c:1c:57:1b:64:f0:1c:74:b0:29:d4:6c:0d: ae:ba:5e:17:37:c1:3e:03:63:2e:de:ae:3e:77:38:51:19:14: 4e:c5:98:de:50:46:ae:1d:fe:a0:2e:b8:79:60:d5:00:26:6b: 76:ca:29:69:49:cf:12:15:c7:6b:11:4f:54:d2:52:b5:a9:db: 6d:70:4a:17:2b:ca:47:5d:63:cf:e3:a3:a1:ff:a8:19:72:3b: f3:4a:71:08 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUFCAk710XvJzf+uZTzvJIX03umoswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGE2NmM5NmU5ZGVhYWIyMzljNDZlOGMwY2VmYTJmY2EzOTk2NmUzMjIwMzUy MGNhNmFmNjJjM2I3ZWU0ZGY2NzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOwCiyFrieRXuo08J20jQq0816+F7nLvNGcTmqZ+L37s+WNw9K4NBcs9EpRi oKf1jyj50HW6JYyv/48Txs9db37IZfIGD2gZ/Us/8A+30qSG0UI28DnmOqiA+4nN 1urneKPUiD/PwQZIqTQIFmvJLEo2Wzmibmp9EupkFpIRMHRikEX+e4Dm4yk5LDjr Ck7TdC/emiD6PbKP1vyrrO3ZWCPZ0Gg9CiLGPj/p8a29o8g7NB7c5XlVIwYreV2y 6GE043z4XhM79u/CzFt72k8C1ggyDAXMYGshMISMSDjbg2DuYT6ocats40WvPyKN i2uGjkzwkLMDkAh1AMNvQY4cb7ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+ZZda Dp0wsCnZxuAD2+GhKKZNqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G CSqGSIb3DQEBCwUAA4IBAQAvneBQmLfHE6TPFUC0tNf/VSMDGRgRzurC17f/Hl6p PHj4vV5clp8FiftNfGge1sZuvMEDtmMEaq1soDO/re164lGI181y5QeuI5F5VsrS +9GBmkx7lmF53aiV5Ml9A6WqpmzOqrn0NP/K9Haw6RBFLXJWd+j/GqtntB+qZk47 7ojfVbzOZVWQtfenX1eul1ZHxO7SAlTgqDQWwHYeW5Fuf04soFPyjVwcVxtk8Bx0 sCnUbA2uul4XN8E+A2Mu3q4+dzhRGRROxZjeUEauHf6gLrh5YNUAJmt2yilpSc8S FcdrEU9U0lK1qdttcEoXK8pHXWPP46Oh/6gZcjvzSnEI -----END CERTIFICATE-----Generated at Tue Dec 16 07:01:56 2025 by rpki-client