This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json) Hash identifier: I7m3tvOAmqaqZiqd4eqmlovf0bCB0tdCNrQjawSaBh4= Subject key identifier: AB:EA:E7:AE:79:B3:9B:1F:66:A8:A5:EA:0C:CF:74:B0:E1:BC:26:67 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6E08BAA4B96ABDAD1ECC1E0C8AC389CC1CE6E6F9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa Signing time: Sat 15 Nov 2025 06:40:56 +0000 ROA not before: Sat 15 Nov 2025 06:40:56 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 143.65.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:08:ba:a4:b9:6a:bd:ad:1e:cc:1e:0c:8a:c3:89:cc:1c:e6:e6:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:56 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=50eb91d367e1eee93763bfb3b37147897361e05e0224f938271f6e14a0b054ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:21:79:e3:52:02:ac:61:2e:d5:8d:9d:72:99: 4b:af:e2:29:a5:6f:fb:85:5d:b3:e3:6a:17:13:f8: a3:8d:c5:8a:be:89:7e:02:25:21:53:5c:45:bc:3d: 8f:5f:d9:28:d5:e6:3d:b0:e5:32:fc:58:e7:33:66: 41:0f:82:b2:18:14:63:6f:6b:53:6f:36:90:ae:7e: c8:bf:2b:43:9d:c4:aa:79:ae:12:16:d4:2f:fa:96: 7e:85:77:2f:55:9e:37:95:c9:c4:ea:cc:6c:90:02: a8:b7:bf:7c:bf:ca:cd:e8:cc:02:cd:85:4b:e0:70: a5:34:e5:88:49:eb:c2:e8:fd:75:15:f9:d0:a1:1d: 5f:1d:45:1e:cb:7d:f3:97:47:97:a7:7c:c0:6f:87: 25:1d:65:d5:59:6c:89:0f:e2:91:e4:f2:f7:80:f7: f3:69:fd:72:50:0e:21:af:0a:36:e2:37:1b:ca:7d: 2a:41:1c:cf:89:9a:36:c0:65:05:29:ef:c9:bc:13: 7d:13:6d:54:af:a2:71:72:f4:0c:a4:39:dd:17:ed: 9f:8c:c4:ff:c8:a9:99:e9:bb:b6:a3:bc:5f:dc:c1: 75:1f:47:d1:21:95:05:fd:d3:e9:80:83:e5:92:e6: 38:1b:c6:9c:cc:d8:32:4c:c1:a7:41:a9:92:39:04: 1e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:EA:E7:AE:79:B3:9B:1F:66:A8:A5:EA:0C:CF:74:B0:E1:BC:26:67 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.65.128.0/18 Signature Algorithm: sha256WithRSAEncryption 42:fe:16:8f:83:c7:8a:03:8f:84:47:c7:08:0a:1b:1c:e1:b7: f7:21:59:f2:63:ee:73:e2:6e:0b:4c:39:e4:20:05:27:d1:53: 4c:2f:ab:20:67:fa:00:e8:12:5f:93:0d:1c:cf:a2:56:dd:d5: ed:e7:6b:93:aa:83:21:dc:6b:e7:54:98:4c:1d:8b:19:f8:a8: 06:8a:f1:f8:68:9d:06:b5:53:3b:a4:a4:e2:9f:66:e4:07:87: 95:6c:71:ef:a6:56:dd:dd:8c:82:0f:2c:69:60:3c:e2:d8:63: c5:1a:24:de:4b:b1:c3:fd:a0:65:e2:27:9f:df:87:1d:25:88: 4b:a4:9e:8c:a5:0c:77:d8:71:a8:27:55:20:d2:29:78:0d:9b: 25:bf:33:f3:76:ac:11:30:50:11:d3:65:46:1b:f1:5e:fa:56: 7e:e8:71:70:8d:3f:78:03:d5:a7:8d:c0:6d:db:5f:91:4e:6c: 75:8c:c5:a8:5e:ea:26:11:dc:48:19:3e:3f:7e:ee:a9:f5:a9: 53:2b:b1:02:23:7d:98:a2:6e:51:62:8e:74:54:20:bf:02:4f: 41:f4:c8:96:5f:48:81:85:58:b3:68:33:3d:b2:b1:9c:19:fd: 29:63:a0:c3:2b:37:fd:e1:42:e9:70:62:e0:6e:ea:25:83:0e: aa:3b:97:de -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUbgi6pLlqva0ezB4MisOJzBzm5vkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwNTZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDUwZWI5MWQzNjdlMWVlZTkzNzYzYmZiM2IzNzE0Nzg5NzM2MWUwNWUwMjI0 ZjkzODI3MWY2ZTE0YTBiMDU0Y2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALcheeNSAqxhLtWNnXKZS6/iKaVv+4Vds+NqFxP4o43Fir6JfgIlIVNcRbw9 j1/ZKNXmPbDlMvxY5zNmQQ+CshgUY29rU282kK5+yL8rQ53EqnmuEhbUL/qWfoV3 L1WeN5XJxOrMbJACqLe/fL/KzejMAs2FS+BwpTTliEnrwuj9dRX50KEdXx1FHst9 85dHl6d8wG+HJR1l1VlsiQ/ikeTy94D382n9clAOIa8KNuI3G8p9KkEcz4maNsBl BSnvybwTfRNtVK+icXL0DKQ53Rftn4zE/8ipmem7tqO8X9zBdR9H0SGVBf3T6YCD 5ZLmOBvGnMzYMkzBp0GpkjkEHpMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSr6ueu ebObH2aopeoMz3Sw4bwmZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN BgkqhkiG9w0BAQsFAAOCAQEAQv4Wj4PHigOPhEfHCAobHOG39yFZ8mPuc+JuC0w5 5CAFJ9FTTC+rIGf6AOgSX5MNHM+iVt3V7edrk6qDIdxr51SYTB2LGfioBorx+Gid BrVTO6Sk4p9m5AeHlWxx76ZW3d2Mgg8saWA84thjxRok3kuxw/2gZeInn9+HHSWI S6SejKUMd9hxqCdVINIpeA2bJb8z83asETBQEdNlRhvxXvpWfuhxcI0/eAPVp43A bdtfkU5sdYzFqF7qJhHcSBk+P37uqfWpUyuxAiN9mKJuUWKOdFQgvwJPQfTIll9I gYVYs2gzPbKxnBn9KWOgwys3/eFC6XBi4G7qJYMOqjuX3g== -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:08 2025 by rpki-client