This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json) Hash identifier: 72Wgkr+ivfmbxONgNwPH+0Qq0vziQgDjV9mZgMX0Ws8= Subject key identifier: FF:68:4F:A6:FB:7C:2A:F0:48:50:35:D8:F9:1A:D0:92:76:52:61:18 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4D6520ED090BD95A87DDA44098DF2561A1B6775D Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa Signing time: Sun 16 Nov 2025 01:00:21 +0000 ROA not before: Sun 16 Nov 2025 01:00:21 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:65:20:ed:09:0b:d9:5a:87:dd:a4:40:98:df:25:61:a1:b6:77:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:21 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=e5af0ae2b4dd414846076655530bd38b4c73688e49ed54c5296bc1b058247f3b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ce:9d:75:64:be:63:5f:aa:6c:2a:12:62:2f: ee:ed:8d:11:ac:7f:ab:c4:8f:77:53:14:00:bc:b4: 2c:da:0e:38:69:17:1e:d0:97:a9:60:5e:1a:e5:12: cf:35:40:c0:39:a5:e8:b4:23:f5:54:67:21:be:9b: 4b:40:82:bb:12:80:5f:ba:56:1a:29:1c:b1:48:fb: f7:7c:72:dd:9a:af:3c:2c:16:19:2f:03:5b:0d:d6: d5:b7:e0:fd:90:14:b6:c1:ad:d8:a9:16:30:92:e1: bd:8a:98:77:97:c1:78:3e:81:20:eb:4f:0f:27:c2: 8f:1d:dc:21:f5:8a:ee:94:d0:d3:2b:f6:b5:32:49: 5b:77:9d:5f:6a:5c:ad:b8:1b:83:e2:79:00:8c:27: 88:3d:43:e8:8c:7e:70:de:30:2c:c8:8d:b8:dd:02: 4f:af:b8:6e:62:91:16:45:e2:8f:49:a6:8a:b7:5f: a8:a5:6d:3f:95:fd:13:e1:9e:0c:ab:29:e4:0c:63: 51:63:1a:cc:58:88:21:79:08:8e:4d:c7:44:ee:69: 5e:46:72:e0:7e:4b:b6:10:41:be:51:43:19:c1:df: 90:2d:f9:cf:e9:63:f9:bf:25:a1:f1:6b:b0:c0:e2: 07:c5:2a:58:86:4a:4c:8a:58:ba:0d:03:2a:26:37: ad:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:68:4F:A6:FB:7C:2A:F0:48:50:35:D8:F9:1A:D0:92:76:52:61:18 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.255.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:c1:c1:71:7c:61:75:f3:64:f8:96:60:ac:4e:f0:3e:a8:61: 25:14:60:43:d2:94:84:59:d3:ff:fd:98:2f:b7:a4:89:89:44: 06:a8:3c:6d:50:40:31:43:d2:93:6d:6f:60:bf:e7:1c:e4:c3: 31:d6:fb:25:d7:e1:81:16:ae:65:79:5b:e2:6c:71:4e:9c:bc: 0e:57:2d:b6:86:2b:5b:0f:26:62:e5:4f:33:36:35:08:5d:6b: 9b:85:7d:5e:3d:cd:0b:3f:ff:da:b7:a4:5d:0b:4a:df:55:c5: 3d:0d:a3:44:4e:45:21:80:15:4d:ca:43:e6:05:8f:88:98:14: 3f:2c:31:e0:3f:28:46:0c:6b:93:01:36:6d:02:17:44:b2:82: 39:be:f7:c4:56:48:fd:00:4a:e3:64:74:4d:ba:bc:85:3b:02: 79:a5:68:5c:4e:8e:2a:40:58:6c:58:e9:be:48:5e:e1:71:ac: a7:70:12:88:e9:d0:4e:db:14:1a:a8:6a:bb:99:f1:0d:9a:02: 9b:9a:ab:f0:c8:69:37:f0:28:bd:6a:07:1f:f3:ac:fb:a8:75: e7:bf:21:aa:7c:d6:e0:7b:24:cb:7b:1e:8e:e1:c3:f9:09:42: 7d:61:1e:f0:68:99:31:c4:45:66:b1:fd:ae:93:fa:55:2d:7e: b3:88:8c:e7 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUTWUg7QkL2VqH3aRAmN8lYaG2d10wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMjFaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGU1YWYwYWUyYjRkZDQxNDg0NjA3NjY1NTUzMGJkMzhiNGM3MzY4OGU0OWVk NTRjNTI5NmJjMWIwNTgyNDdmM2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOjOnXVkvmNfqmwqEmIv7u2NEax/q8SPd1MUALy0LNoOOGkXHtCXqWBeGuUS zzVAwDml6LQj9VRnIb6bS0CCuxKAX7pWGikcsUj793xy3ZqvPCwWGS8DWw3W1bfg /ZAUtsGt2KkWMJLhvYqYd5fBeD6BIOtPDyfCjx3cIfWK7pTQ0yv2tTJJW3edX2pc rbgbg+J5AIwniD1D6Ix+cN4wLMiNuN0CT6+4bmKRFkXij0mmirdfqKVtP5X9E+Ge DKsp5AxjUWMazFiIIXkIjk3HRO5pXkZy4H5LthBBvlFDGcHfkC35z+lj+b8lofFr sMDiB8UqWIZKTIpYug0DKiY3rfECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/aE+m +3wq8EhQNdj5GtCSdlJhGDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN BgkqhkiG9w0BAQsFAAOCAQEAX8HBcXxhdfNk+JZgrE7wPqhhJRRgQ9KUhFnT//2Y L7ekiYlEBqg8bVBAMUPSk21vYL/nHOTDMdb7JdfhgRauZXlb4mxxTpy8DlcttoYr Ww8mYuVPMzY1CF1rm4V9Xj3NCz//2rekXQtK31XFPQ2jRE5FIYAVTcpD5gWPiJgU Pywx4D8oRgxrkwE2bQIXRLKCOb73xFZI/QBK42R0Tbq8hTsCeaVoXE6OKkBYbFjp vkhe4XGsp3ASiOnQTtsUGqhqu5nxDZoCm5qr8MhpN/AovWoHH/Os+6h1578hqnzW 4Hsky3sejuHD+QlCfWEe8GiZMcRFZrH9rpP6VS1+s4iM5w== -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:12 2025 by rpki-client