This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa File: 42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa (raw, json) Hash identifier: oHyxacuX7Typj5vjy0/aCkPfsypCOh3rgfJYjTMFzTw= Subject key identifier: 8A:1E:50:65:AC:01:56:1D:E3:06:B5:5E:4B:20:27:5B:8A:92:FD:32 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3C56A5C24AE1821AAD618665AB024F062CDBDE32 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa Signing time: Tue 18 Nov 2025 00:40:34 +0000 ROA not before: Tue 18 Nov 2025 00:40:34 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.24.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:56:a5:c2:4a:e1:82:1a:ad:61:86:65:ab:02:4f:06:2c:db:de:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:34 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=d7343d24ec16cf239080915a9a8a8b7b9784ed1028acbf5070b2b9beb8a507e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:1d:e7:7f:79:81:c3:95:bf:ed:d7:af:29:94: b4:4a:28:55:cf:53:7a:bb:7a:65:3a:15:c3:6f:bc: 29:4f:62:27:b6:12:68:e6:ce:bb:c1:27:c9:a4:6d: ae:b7:ad:71:ca:24:4e:4e:55:03:9a:ec:b9:86:ea: d8:a7:07:6e:1b:7f:aa:6e:de:12:ae:c2:53:54:f7: ed:c1:7f:27:f5:5e:06:97:1a:80:61:1b:1d:5c:0c: 50:2e:cd:fd:a6:d1:20:45:7e:20:52:e7:e5:62:b9: 4c:4e:03:ad:2b:e9:a2:1c:7a:e7:dd:09:a5:62:8e: ac:90:e2:6e:aa:5c:9e:82:e2:9c:f6:6c:0a:a0:f1: a1:bf:43:9b:da:dd:90:bd:5a:13:8b:ab:f7:aa:72: 9e:e9:74:03:22:87:2c:12:d7:ea:08:38:9d:b7:e4: b3:fa:f5:22:4e:62:b4:b9:e0:5c:d0:70:2d:48:03: ba:72:03:10:f0:eb:17:9c:8b:6a:5b:24:e9:28:44: a8:f0:e6:39:81:30:49:76:a6:4e:a9:0f:85:7d:29: 97:92:97:71:df:d6:a2:32:f3:16:db:e6:27:59:3d: 91:89:e6:fc:bc:40:df:51:f6:6c:07:29:59:43:1b: eb:6c:d9:3b:ad:c9:4c:6d:e2:ad:f1:f5:c1:2a:61: 1b:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:1E:50:65:AC:01:56:1D:E3:06:B5:5E:4B:20:27:5B:8A:92:FD:32 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.24.0.0/16 Signature Algorithm: sha256WithRSAEncryption bd:4b:16:8d:73:86:89:22:49:b6:cc:3b:7b:cb:25:53:bc:54: 6c:0c:1e:47:c9:6f:59:6d:e1:41:cd:6a:6a:35:b1:18:66:19: 74:39:ba:d9:f1:37:ba:17:6e:60:69:2e:11:79:4e:38:e0:0e: 3e:50:3a:60:bb:be:c7:28:ed:85:20:a8:02:fe:f0:fa:e0:e8: 40:44:d3:e9:73:f7:27:a1:a4:c8:40:34:fe:e4:c6:b9:ac:4d: 89:ee:46:41:c6:cc:43:7b:b7:20:b2:85:fd:67:8e:5f:d2:e0: 21:57:17:ef:8a:40:c8:12:c5:71:30:29:c2:0d:00:25:0a:a5: 5e:63:5f:24:81:77:f0:a1:cf:eb:ed:cf:56:8c:7d:31:d3:e7: 27:14:93:a1:19:b5:f5:11:8c:98:23:83:99:36:75:a9:7a:d7: 71:27:44:b5:bc:a8:4f:4f:51:4b:59:ef:9a:74:99:9a:2a:20: 72:68:5a:be:d5:de:87:34:1b:85:b0:45:51:cb:1c:f6:07:83: cb:e7:c8:ff:98:a6:67:ff:c1:07:cb:8a:ee:9d:a8:8b:62:7d: eb:50:94:94:3f:e6:95:90:9e:61:f5:d2:38:17:7c:62:b0:ec: 3d:69:33:cd:d5:e5:c5:0a:05:85:05:c2:76:80:f8:ac:60:9a: 7b:f8:f5:6a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUPFalwkrhghqtYYZlqwJPBizb3jIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMzRaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGQ3MzQzZDI0ZWMxNmNmMjM5MDgwOTE1YTlhOGE4YjdiOTc4NGVkMTAyOGFj YmY1MDcwYjJiOWJlYjhhNTA3ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOsd5395gcOVv+3XrymUtEooVc9Tert6ZToVw2+8KU9iJ7YSaObOu8EnyaRt rretccokTk5VA5rsuYbq2KcHbht/qm7eEq7CU1T37cF/J/VeBpcagGEbHVwMUC7N /abRIEV+IFLn5WK5TE4DrSvpohx6590JpWKOrJDibqpcnoLinPZsCqDxob9Dm9rd kL1aE4ur96pynul0AyKHLBLX6gg4nbfks/r1Ik5itLngXNBwLUgDunIDEPDrF5yL alsk6ShEqPDmOYEwSXamTqkPhX0pl5KXcd/WojLzFtvmJ1k9kYnm/LxA31H2bAcp WUMb62zZO63JTG3irfH1wSphG5sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKHlBl rAFWHeMGtV5LICdbipL9MjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDJmNDdjODUtZTlmZS00MGY5LWFlMWMtNTdlYTFiODA1NDEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G CSqGSIb3DQEBCwUAA4IBAQC9SxaNc4aJIkm2zDt7yyVTvFRsDB5HyW9ZbeFBzWpq NbEYZhl0ObrZ8Te6F25gaS4ReU444A4+UDpgu77HKO2FIKgC/vD64OhARNPpc/cn oaTIQDT+5Ma5rE2J7kZBxsxDe7cgsoX9Z45f0uAhVxfvikDIEsVxMCnCDQAlCqVe Y18kgXfwoc/r7c9WjH0x0+cnFJOhGbX1EYyYI4OZNnWpetdxJ0S1vKhPT1FLWe+a dJmaKiByaFq+1d6HNBuFsEVRyxz2B4PL58j/mKZn/8EHy4runaiLYn3rUJSUP+aV kJ5h9dI4F3xisOw9aTPN1eXFCgWFBcJ2gPisYJp7+PVq -----END CERTIFICATE-----Generated at Sat Dec 6 21:33:18 2025 by rpki-client