This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json) Hash identifier: CnUV0ysMOLVwQlsb3Yp50S8cYQi+Y8LdXTC1KA1cdtw= Subject key identifier: E3:D7:A6:B2:5D:6A:AB:78:D8:81:9A:56:75:51:E8:36:E7:A4:4A:D1 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 70087E4F27565F791140C9412EEC86B8B28BC026 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa Signing time: Sat 15 Nov 2025 06:50:33 +0000 ROA not before: Sat 15 Nov 2025 06:50:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.164.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:08:7e:4f:27:56:5f:79:11:40:c9:41:2e:ec:86:b8:b2:8b:c0:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=c72a144f3927323771b1941d3e01af5e6138690f0ebb53d02f9fabf15f5dae13, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:7f:1a:d0:ab:fa:a5:a2:68:02:21:7a:a2:5a: 1b:d9:ba:6e:50:db:de:99:53:d9:c2:1d:bc:0b:ec: 0f:94:c6:90:98:f9:1a:9d:25:fa:30:10:47:d6:be: 71:29:53:b0:2f:a6:81:ff:c6:9f:89:70:d5:3c:b3: 15:db:3e:04:35:03:ae:43:5c:23:f5:6d:6c:90:92: e4:a0:eb:e8:07:37:e1:b6:c7:6b:81:8a:c1:ba:0c: c9:d4:f8:0a:98:34:78:3b:64:6c:c3:1e:82:6c:53: 8b:56:30:af:48:0c:df:69:63:a5:6c:e1:70:61:91: d1:34:1c:e2:ac:5f:5f:54:dd:81:39:e1:43:df:ff: a3:02:89:79:1f:e6:cb:a4:a9:16:c7:fb:53:1a:84: 86:52:87:b2:e9:4a:7e:a2:89:77:bc:47:5d:66:c6: f6:33:dd:5e:f2:6b:0e:5d:05:64:b8:a4:53:c3:7c: 7a:33:85:43:4d:7c:ff:5c:67:10:3d:25:82:72:0d: a0:b7:8f:a5:c3:77:26:c1:57:84:c7:25:9e:6d:a9: 95:62:8a:dc:87:98:bb:25:70:9e:fa:64:05:28:b8: 44:65:8e:d7:92:da:36:20:28:a4:cb:ba:51:a7:a2: ca:26:c8:08:47:76:fa:77:05:c4:24:23:44:c5:a3: c3:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D7:A6:B2:5D:6A:AB:78:D8:81:9A:56:75:51:E8:36:E7:A4:4A:D1 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.164.0.0/15 Signature Algorithm: sha256WithRSAEncryption 28:3a:23:05:00:93:9c:82:8c:58:03:66:96:7f:26:83:3a:ac: 79:b9:0c:fe:50:d3:82:f2:ec:29:35:ba:68:b5:26:87:9e:79: ca:d8:75:ce:d0:e6:bc:fc:de:d0:83:a8:fa:ee:07:d7:f2:65: 87:55:6a:60:73:86:5b:2b:03:ee:34:75:aa:3d:3b:93:a8:c0: b2:15:07:aa:cb:aa:e5:de:2e:7c:58:06:1d:ce:e7:c4:60:a6: 38:2a:43:49:82:b3:7a:89:ca:8a:7c:13:3d:f9:b3:bb:77:70: 1a:2d:61:7e:3a:8c:c5:11:22:09:c2:36:bf:cf:07:15:6d:a6: f9:54:72:05:f4:8a:fc:e7:2a:a9:a2:ac:7f:63:ea:6e:a1:3d: d2:5e:d5:4e:00:4c:f3:33:32:15:15:a3:ff:4e:3d:3c:4c:b4: 57:d4:06:db:a9:2a:d0:63:6f:7d:06:78:24:0e:a9:76:87:3c: 48:91:6a:2f:17:b2:35:de:70:93:69:7d:8b:0b:2a:5f:8e:24: 06:8c:9e:49:b8:a6:88:b7:a5:a9:1a:db:d1:f8:d0:53:71:a8: 6b:85:25:9a:6a:cb:75:3c:64:57:bb:00:e2:7b:b8:4b:76:d2: 5e:f8:3e:bd:8a:a1:48:50:0e:43:37:77:0d:69:48:bd:cc:0f: 74:b8:1c:e8 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUcAh+TydWX3kRQMlBLuyGuLKLwCYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGM3MmExNDRmMzkyNzMyMzc3MWIxOTQxZDNlMDFhZjVlNjEzODY5MGYwZWJi NTNkMDJmOWZhYmYxNWY1ZGFlMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALx/GtCr+qWiaAIheqJaG9m6blDb3plT2cIdvAvsD5TGkJj5Gp0l+jAQR9a+ cSlTsC+mgf/Gn4lw1TyzFds+BDUDrkNcI/VtbJCS5KDr6Ac34bbHa4GKwboMydT4 Cpg0eDtkbMMegmxTi1Ywr0gM32ljpWzhcGGR0TQc4qxfX1TdgTnhQ9//owKJeR/m y6SpFsf7UxqEhlKHsulKfqKJd7xHXWbG9jPdXvJrDl0FZLikU8N8ejOFQ018/1xn ED0lgnINoLePpcN3JsFXhMclnm2plWKK3IeYuyVwnvpkBSi4RGWO15LaNiAopMu6 UaeiyibICEd2+ncFxCQjRMWjwxkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTj16ay XWqreNiBmlZ1Ueg256RK0TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G CSqGSIb3DQEBCwUAA4IBAQAoOiMFAJOcgoxYA2aWfyaDOqx5uQz+UNOC8uwpNbpo tSaHnnnK2HXO0Oa8/N7Qg6j67gfX8mWHVWpgc4ZbKwPuNHWqPTuTqMCyFQeqy6rl 3i58WAYdzufEYKY4KkNJgrN6icqKfBM9+bO7d3AaLWF+OozFESIJwja/zwcVbab5 VHIF9Ir85yqpoqx/Y+puoT3SXtVOAEzzMzIVFaP/Tj08TLRX1AbbqSrQY299Bngk Dql2hzxIkWovF7I13nCTaX2LCypfjiQGjJ5JuKaIt6WpGtvR+NBTcahrhSWaast1 PGRXuwDie7hLdtJe+D69iqFIUA5DN3cNaUi9zA90uBzo -----END CERTIFICATE-----Generated at Sat Dec 6 17:31:38 2025 by rpki-client