This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json) Hash identifier: JZ47GpERzxkBLsR7wEkYZOwX+Oxnh0YA/xnQHs1RH+I= Subject key identifier: 8C:E8:F5:7B:48:20:A9:41:37:C2:DF:57:45:D0:3E:E1:5C:71:D0:BF Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4745D49B2AE3FB9FA7DAF80BDD56B990346C1FA3 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa Signing time: Tue 25 Nov 2025 20:10:26 +0000 ROA not before: Tue 25 Nov 2025 20:10:26 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.240.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:45:d4:9b:2a:e3:fb:9f:a7:da:f8:0b:dd:56:b9:90:34:6c:1f:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:26 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=b6f63167ea96fb1acd561d2aa1cf4b41246312410ccda1f6101da958be8f2d6f, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:cb:89:98:75:f6:a9:5f:98:68:e6:53:c7:6a: f0:8d:89:15:15:ad:ff:62:c0:bf:69:8d:9d:12:41: 15:20:33:b5:2d:e5:9c:d5:74:70:2d:ef:c1:f5:fc: 6c:ec:06:b1:ac:a3:41:50:21:f6:26:5b:db:51:28: 8b:7a:c0:90:4d:bc:36:fa:ea:7e:71:ab:c4:78:d6: 37:d9:e7:c0:12:c5:03:b5:13:d8:50:fe:6b:f8:ec: f2:23:5d:0c:e0:fc:76:e6:83:91:15:68:21:27:c0: f3:c6:e2:5a:43:6a:7a:a6:6a:de:df:f4:c9:2e:5c: 81:65:83:22:e6:39:d6:e8:2c:5d:ff:91:12:be:68: 52:f3:0a:82:13:f0:fe:01:54:05:98:82:34:e3:1f: 45:91:b3:35:00:ef:cf:b9:c5:5a:0d:d8:13:07:7e: de:cd:ba:cd:61:22:ba:03:97:a3:00:94:ce:56:f7: 13:73:1e:48:27:8b:66:2c:63:e8:a4:2a:99:a8:6b: b7:4c:a1:4e:1a:2b:93:dc:2b:03:2d:17:a2:05:b1: 0d:49:36:7f:63:16:10:9b:d5:9d:e8:23:2e:b0:e2: 52:d7:b4:7a:bf:34:e3:d2:0d:8d:a6:37:e0:f6:3d: 16:3e:71:9e:f6:94:ef:f0:6e:b7:4d:59:47:f4:b6: 46:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:E8:F5:7B:48:20:A9:41:37:C2:DF:57:45:D0:3E:E1:5C:71:D0:BF X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.240.0.0/16 Signature Algorithm: sha256WithRSAEncryption 65:a6:1c:09:70:91:d9:a1:90:28:3b:da:fe:12:e7:64:d5:92: 94:9e:09:57:f1:1e:08:ae:5b:b9:85:15:96:6e:b6:11:30:ae: e5:d2:ae:3a:42:e5:0b:83:7c:1c:bb:51:d7:a1:c2:f0:f4:91: b5:24:ed:52:76:0d:ad:cc:3e:56:63:85:be:9c:4b:17:cc:5b: 91:29:77:96:26:61:3d:61:21:be:a8:ce:b9:56:0f:24:72:49: 79:48:ae:9d:09:a7:8e:3e:31:c3:97:f1:85:4f:dd:6f:d5:50: 1e:d0:92:c6:f7:0f:92:00:aa:af:50:c6:58:70:6b:cd:d4:fc: 25:74:43:e7:1b:b9:ad:7b:da:c7:3e:78:63:f3:3e:e0:d3:41: f2:a3:29:c9:13:46:82:10:71:80:de:46:a0:9c:11:18:18:55: 79:ee:82:9e:25:5d:0c:7b:79:b1:61:41:2f:d9:a0:24:db:a4: cc:6d:f3:ee:44:66:bb:4a:01:85:ad:bb:6a:3a:dd:a4:00:ae: 67:9d:e5:62:cc:d4:63:67:38:5d:3f:24:37:6b:ca:e8:ea:8e: 89:81:41:84:75:5c:ba:62:7e:d1:ce:e3:91:30:90:ad:35:75: 7a:eb:5c:fa:38:b3:bd:af:1f:cc:9d:f0:91:e2:bf:68:0f:fe: dd:59:00:5a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUR0XUmyrj+5+n2vgL3Va5kDRsH6MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjZaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGI2ZjYzMTY3ZWE5NmZiMWFjZDU2MWQyYWExY2Y0YjQxMjQ2MzEyNDEwY2Nk YTFmNjEwMWRhOTU4YmU4ZjJkNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKXLiZh19qlfmGjmU8dq8I2JFRWt/2LAv2mNnRJBFSAztS3lnNV0cC3vwfX8 bOwGsayjQVAh9iZb21Eoi3rAkE28NvrqfnGrxHjWN9nnwBLFA7UT2FD+a/js8iNd DOD8duaDkRVoISfA88biWkNqeqZq3t/0yS5cgWWDIuY51ugsXf+REr5oUvMKghPw /gFUBZiCNOMfRZGzNQDvz7nFWg3YEwd+3s26zWEiugOXowCUzlb3E3MeSCeLZixj 6KQqmahrt0yhThork9wrAy0XogWxDUk2f2MWEJvVnegjLrDiUte0er8049INjaY3 4PY9Fj5xnvaU7/But01ZR/S2RqMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSM6PV7 SCCpQTfC31dF0D7hXHHQvzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G CSqGSIb3DQEBCwUAA4IBAQBlphwJcJHZoZAoO9r+Eudk1ZKUnglX8R4Irlu5hRWW brYRMK7l0q46QuULg3wcu1HXocLw9JG1JO1Sdg2tzD5WY4W+nEsXzFuRKXeWJmE9 YSG+qM65Vg8kckl5SK6dCaeOPjHDl/GFT91v1VAe0JLG9w+SAKqvUMZYcGvN1Pwl dEPnG7mte9rHPnhj8z7g00HyoynJE0aCEHGA3kagnBEYGFV57oKeJV0Me3mxYUEv 2aAk26TMbfPuRGa7SgGFrbtqOt2kAK5nneVizNRjZzhdPyQ3a8ro6o6JgUGEdVy6 Yn7RzuORMJCtNXV661z6OLO9rx/MnfCR4r9oD/7dWQBa -----END CERTIFICATE-----Generated at Sat Dec 6 10:09:42 2025 by rpki-client