This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json) Hash identifier: ly8WDPn/ux9zGlUjUHStF8svLxlZZ4eLMR7zW8MyyEc= Subject key identifier: 33:9C:31:3E:DB:08:CE:3C:C6:96:43:45:19:EA:58:12:93:5B:8B:17 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4FA81093E7C6430F9E3D850F71456A516EDD884A Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa Signing time: Tue 25 Nov 2025 20:10:28 +0000 ROA not before: Tue 25 Nov 2025 20:10:28 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 84.48.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:a8:10:93:e7:c6:43:0f:9e:3d:85:0f:71:45:6a:51:6e:dd:88:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:28 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=df64c1c801f09d6dc72388a188baf353c6b3fca94ab64229eb660b68d6aacd7b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:46:49:a5:72:79:e4:3c:0c:db:e6:d7:12:54: ca:6b:f9:fb:a6:f3:fd:79:35:2b:73:86:d8:03:70: 58:8a:0e:bc:0e:2b:f9:57:92:3a:48:ef:ea:50:2f: c9:85:5d:c3:15:25:5c:08:05:21:4a:fc:22:6d:4f: 14:86:c8:4a:f7:3a:c5:8b:7b:3f:18:aa:71:a6:05: f4:8b:89:62:5c:dd:97:57:a0:33:93:5c:49:62:b7: bf:29:43:5b:ad:12:a1:27:3c:34:11:bf:69:f6:f7: 52:6d:7e:3e:e6:b3:67:00:11:eb:54:5f:14:d9:6e: 2a:0c:37:b0:03:7f:99:be:59:1c:1e:f7:7e:6f:82: 28:ef:7e:a9:f2:4f:fd:6d:ac:50:53:7e:95:a3:44: 12:7b:ed:fc:38:80:36:29:c4:ea:66:31:b4:8c:bc: 35:2d:79:f2:58:0f:f3:1d:3e:f5:ad:4d:82:93:b8: 9a:4b:f4:a7:35:73:57:55:30:3b:07:2d:d2:9f:21: 26:7c:47:66:7e:d7:30:ca:54:77:95:a4:d5:72:85: 5f:d9:e7:bb:85:cd:7d:ab:24:c1:38:7a:da:a2:d2: f1:41:99:c5:bd:86:df:16:65:f0:20:94:65:69:35: c3:9d:f7:3a:18:6b:06:2a:ce:cd:3c:f3:a5:98:9d: 17:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:9C:31:3E:DB:08:CE:3C:C6:96:43:45:19:EA:58:12:93:5B:8B:17 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.48.128.0/17 Signature Algorithm: sha256WithRSAEncryption 28:b0:48:98:26:cd:d7:dd:d2:79:68:61:bf:01:ac:bb:cd:ea: bc:bf:38:d1:4a:ad:65:d0:dd:96:91:e5:9f:c7:26:df:f9:dc: 7b:54:02:45:90:81:53:89:73:f7:06:49:97:57:c5:07:f5:c5: 6a:fe:c4:55:ea:90:de:43:50:7a:1c:c5:e4:e8:29:dc:9f:10: 41:91:7a:21:bc:86:f1:7d:9f:a0:ea:90:01:ae:77:14:3e:28: 26:66:a4:7b:53:a6:03:70:aa:38:de:30:cc:46:e0:d3:3f:5b: fe:ed:88:c0:15:22:3b:54:64:45:25:c6:93:29:8d:ee:65:b1: ee:0c:c3:94:3e:ff:06:c6:63:78:ac:11:62:74:ed:3a:b6:d2: be:32:03:57:92:17:fd:49:45:05:8e:0a:5f:4e:aa:3e:88:53: 55:ce:17:7e:04:ac:47:30:2a:e8:6a:b7:c6:c7:15:72:64:da: 18:58:e5:b0:e4:d8:95:44:94:ca:d9:db:99:96:7e:f1:5c:0b: 40:bf:b9:73:a1:8e:cb:7f:e9:09:4a:2f:f2:68:5d:84:1a:83: b7:2a:0f:ff:82:0b:9f:64:4f:62:e0:cb:0b:90:7a:82:9a:18: 23:cc:09:a2:25:9b:2d:d4:68:3d:c5:3c:53:f5:76:1d:7c:ce: 11:e2:d4:cc -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUT6gQk+fGQw+ePYUPcUVqUW7diEowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjhaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGRmNjRjMWM4MDFmMDlkNmRjNzIzODhhMTg4YmFmMzUzYzZiM2ZjYTk0YWI2 NDIyOWViNjYwYjY4ZDZhYWNkN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI9GSaVyeeQ8DNvm1xJUymv5+6bz/Xk1K3OG2ANwWIoOvA4r+VeSOkjv6lAv yYVdwxUlXAgFIUr8Im1PFIbISvc6xYt7PxiqcaYF9IuJYlzdl1egM5NcSWK3vylD W60SoSc8NBG/afb3Um1+PuazZwAR61RfFNluKgw3sAN/mb5ZHB73fm+CKO9+qfJP /W2sUFN+laNEEnvt/DiANinE6mYxtIy8NS158lgP8x0+9a1NgpO4mkv0pzVzV1Uw Owct0p8hJnxHZn7XMMpUd5Wk1XKFX9nnu4XNfaskwTh62qLS8UGZxb2G3xZl8CCU ZWk1w533OhhrBirOzTzzpZidF3UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQznDE+ 2wjOPMaWQ0UZ6lgSk1uLFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN BgkqhkiG9w0BAQsFAAOCAQEAKLBImCbN193SeWhhvwGsu83qvL840UqtZdDdlpHl n8cm3/nce1QCRZCBU4lz9wZJl1fFB/XFav7EVeqQ3kNQehzF5Ogp3J8QQZF6IbyG 8X2foOqQAa53FD4oJmake1OmA3CqON4wzEbg0z9b/u2IwBUiO1RkRSXGkymN7mWx 7gzDlD7/BsZjeKwRYnTtOrbSvjIDV5IX/UlFBY4KX06qPohTVc4XfgSsRzAq6Gq3 xscVcmTaGFjlsOTYlUSUytnbmZZ+8VwLQL+5c6GOy3/pCUov8mhdhBqDtyoP/4IL n2RPYuDLC5B6gpoYI8wJoiWbLdRoPcU8U/V2HXzOEeLUzA== -----END CERTIFICATE-----Generated at Sat Dec 6 16:23:48 2025 by rpki-client