This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json) Hash identifier: 9Bjytlkuy7sPR+ZoxM5hHhJrYKn8m7Ux7JZxL5XnbxM= Subject key identifier: 3A:9E:C1:30:72:ED:9F:C6:87:4B:90:7F:16:C0:A1:B4:28:24:38:DB Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4B31B6A6C836D198744A71D575537838E7450F5D Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa Signing time: Sat 06 Dec 2025 00:00:04 +0000 ROA not before: Sat 06 Dec 2025 00:00:04 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.168.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:31:b6:a6:c8:36:d1:98:74:4a:71:d5:75:53:78:38:e7:45:0f:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 6 00:00:04 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=5b0312859a6138935a3cc719d674805ce612e26cc09de3570cf97ce17df30b8d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:28:19:5d:d3:2c:5e:3e:dc:59:60:9a:31:4c: 7e:9b:c1:59:4a:6d:72:aa:5e:20:e3:d0:61:6b:a3: 82:e4:ef:c9:38:af:35:b7:48:cb:77:39:ce:94:7c: a0:a3:1c:62:24:38:44:de:3f:71:69:b5:cd:9b:91: ff:a2:ff:7b:3f:94:90:7d:f9:76:d6:a0:f3:8b:77: d6:5d:37:c7:35:2a:a0:a8:3d:fe:fd:23:b6:3d:5b: 6c:12:ab:cd:10:fb:52:bf:e1:02:ec:b9:9e:f1:8b: df:1c:17:92:96:c9:09:09:c4:4e:a1:cb:66:63:fe: 6e:bd:00:6d:34:ea:8b:41:88:54:59:62:d4:68:f7: a8:c5:26:f8:a8:d8:7a:ad:12:db:1a:f8:86:40:0f: 1b:28:02:49:38:a1:ee:80:14:2c:a0:36:9a:08:dd: 64:8d:f1:d2:bd:61:c1:a3:52:0e:c9:3c:ad:46:15: 93:03:6a:4f:6f:bc:58:b4:15:e1:f0:54:e6:0b:79: 3f:32:43:d6:26:93:0a:69:13:dd:eb:bb:aa:a3:94: 19:11:06:84:d5:a2:31:8c:87:85:c5:f7:ee:86:e5: a8:56:50:99:63:f5:13:c6:bd:b6:91:94:f1:bb:e9: 09:ec:f3:d6:fe:78:ce:b6:d3:da:c2:30:ea:56:6c: 17:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:9E:C1:30:72:ED:9F:C6:87:4B:90:7F:16:C0:A1:B4:28:24:38:DB X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.168.0.0/15 Signature Algorithm: sha256WithRSAEncryption 11:17:e7:97:2b:a9:a0:a4:75:1e:03:b6:a8:3c:6c:b1:0d:36: 17:64:69:54:5f:83:64:eb:1c:14:eb:12:50:4c:5e:90:8a:e2: 10:ca:61:5b:df:4a:ba:5b:a4:fa:dc:24:de:7a:51:5f:4c:4e: 47:1d:72:7c:ad:83:ad:c5:dc:71:ec:a0:45:be:5f:0e:37:a7: b2:d3:0a:ea:c3:78:00:db:3d:6e:22:79:87:60:a0:76:88:64: 06:bf:41:85:08:7a:5b:00:8c:fe:9b:2c:a7:64:60:66:06:d8: a7:31:7c:be:53:52:18:31:63:17:ab:1e:b9:3f:94:fd:49:b8: df:aa:aa:c9:d8:6d:1d:fb:e5:55:a3:5c:a9:75:5f:77:a0:a1: 81:fe:46:e1:b8:0d:bd:0c:68:30:59:4d:e5:e2:5c:21:e4:4f: 33:37:24:6f:7b:32:43:14:b0:b0:ad:93:89:0d:19:41:38:a6: 48:a7:18:7c:49:cb:f4:fe:8b:43:0d:c4:74:36:17:73:42:d7: 43:d8:c5:e0:01:56:c4:fb:73:42:00:31:4c:4a:83:59:64:c0: b4:07:be:26:1c:15:b0:8f:2c:17:41:04:36:d5:ab:8c:cb:d4: 27:10:d9:c0:41:9c:4a:d4:6e:8f:b9:81:26:ef:88:81:ad:e0: 17:d9:35:b0 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUSzG2psg20Zh0SnHVdVN4OOdFD10wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMDYwMDAwMDRaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQDViMDMxMjg1OWE2MTM4OTM1YTNjYzcxOWQ2NzQ4MDVjZTYxMmUyNmNjMDlk ZTM1NzBjZjk3Y2UxN2RmMzBiOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4oGV3TLF4+3FlgmjFMfpvBWUptcqpeIOPQYWujguTvyTivNbdIy3c5zpR8 oKMcYiQ4RN4/cWm1zZuR/6L/ez+UkH35dtag84t31l03xzUqoKg9/v0jtj1bbBKr zRD7Ur/hAuy5nvGL3xwXkpbJCQnETqHLZmP+br0AbTTqi0GIVFli1Gj3qMUm+KjY eq0S2xr4hkAPGygCSTih7oAULKA2mgjdZI3x0r1hwaNSDsk8rUYVkwNqT2+8WLQV 4fBU5gt5PzJD1iaTCmkT3eu7qqOUGREGhNWiMYyHhcX37oblqFZQmWP1E8a9tpGU 8bvpCezz1v54zrbT2sIw6lZsF00CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6nsEw cu2fxodLkH8WwKG0KCQ42zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G CSqGSIb3DQEBCwUAA4IBAQARF+eXK6mgpHUeA7aoPGyxDTYXZGlUX4Nk6xwU6xJQ TF6QiuIQymFb30q6W6T63CTeelFfTE5HHXJ8rYOtxdxx7KBFvl8ON6ey0wrqw3gA 2z1uInmHYKB2iGQGv0GFCHpbAIz+myynZGBmBtinMXy+U1IYMWMXqx65P5T9Sbjf qqrJ2G0d++VVo1ypdV93oKGB/kbhuA29DGgwWU3l4lwh5E8zNyRvezJDFLCwrZOJ DRlBOKZIpxh8Scv0/otDDcR0NhdzQtdD2MXgAVbE+3NCADFMSoNZZMC0B74mHBWw jywXQQQ21auMy9QnENnAQZxK1G6PuYEm74iBreAX2TWw -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:35 2025 by rpki-client