This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa File: bad59de4-adad-41c5-bcd9-10599419c7b5.roa (raw, json) Hash identifier: x3gAZCzjYwhT4ygEMZn2JHRnsRnQ9rrWNHPHGklZsfc= Subject key identifier: E5:8B:47:33:44:6B:19:43:7E:71:D3:A3:30:7E:40:23:98:7F:76:B8 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1E58E53E2D939C26ED405C78788314B65C7D9C07 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa Signing time: Sun 16 Nov 2025 01:00:20 +0000 ROA not before: Sun 16 Nov 2025 01:00:20 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.64.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:58:e5:3e:2d:93:9c:26:ed:40:5c:78:78:83:14:b6:5c:7d:9c:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:20 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=29dfe8cbf0c2948c3a356880fd2c3f203d5075a49a374a1e3f4d81f67621f938, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:e4:ab:67:f5:f3:06:51:40:98:47:a1:63:9b: f8:32:db:0f:d2:8e:cb:8e:ea:1d:1a:d0:5c:45:8e: eb:63:4a:88:47:33:79:7c:1a:e9:02:ce:46:d6:29: 4b:7e:9a:87:10:64:60:23:61:9f:fb:23:c3:7f:ef: b2:cd:ed:1d:2f:51:33:80:2a:08:2f:50:76:00:54: a7:78:e8:ce:a4:a4:f5:ac:c2:ee:c3:f4:31:13:84: c3:6b:eb:a1:69:3e:e8:38:bd:2d:6a:d1:27:34:ac: 0c:14:6d:dd:22:61:21:ac:ea:ef:00:43:ec:83:fb: c6:27:eb:a2:da:2b:2b:42:60:3f:98:ee:20:32:03: ca:49:dd:bb:f3:5e:3f:30:b4:23:e5:90:96:0d:09: fd:9c:0a:3c:21:24:71:ac:4a:7b:2b:bf:0a:39:8c: 06:f5:7f:39:83:2b:82:a2:ff:98:71:e5:02:35:c6: 81:ec:cc:7c:51:b7:c9:a6:4b:ce:8c:80:cc:52:eb: 51:21:5b:3d:8f:cf:ba:53:0f:55:c6:08:44:63:69: 3b:b4:92:fb:a1:a7:21:e5:2d:c6:10:31:27:02:af: 22:e8:9e:e3:e4:d5:94:af:ff:f0:26:30:c9:a9:c5: 3e:bb:39:69:a2:c1:80:7f:f9:7b:5e:27:43:09:bb: 10:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:8B:47:33:44:6B:19:43:7E:71:D3:A3:30:7E:40:23:98:7F:76:B8 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.64.0/18 Signature Algorithm: sha256WithRSAEncryption 37:d2:3e:5a:80:0f:93:30:48:90:69:11:38:64:fe:a6:3a:73: fd:f1:b1:fb:4c:db:7b:52:68:2f:a3:d1:08:fe:62:b1:3e:99: 28:c6:f9:5b:dd:14:8c:d1:93:2b:ac:f0:01:d3:2e:bc:af:16: b3:27:a5:79:c8:5e:d7:43:85:4d:b2:82:7c:aa:2e:1e:ab:86: 98:48:fc:52:6b:58:24:82:8d:30:86:11:8a:6f:92:2b:64:d1: 31:53:f9:f6:6b:c6:78:a5:4b:71:51:93:97:89:fc:41:55:1f: bf:4b:37:70:9d:2b:43:88:74:f7:b6:ba:98:88:ee:4f:e6:15: 1e:c9:1a:64:5b:97:18:65:34:84:17:2f:70:ac:4d:db:d8:94: 07:23:84:b4:20:b2:31:88:d0:53:67:a7:1e:df:b9:40:8d:e6: 93:ff:66:23:0d:19:f3:08:9b:de:5f:a3:52:23:0f:d4:11:8d: 63:fa:96:95:62:ff:1d:af:42:cb:b6:56:ae:af:84:e9:35:e9: 29:40:c1:eb:df:1b:ed:ac:44:4c:42:31:85:97:55:ac:30:2a: 6b:a7:b9:40:85:c7:16:df:b4:c1:3a:a3:e3:61:b5:ed:d8:98: 82:f9:21:c6:71:4c:1c:a8:b3:9d:d9:4b:fa:44:bc:0a:08:e8: 94:fa:a4:e1 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUHljlPi2TnCbtQFx4eIMUtlx9nAcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMjBaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDI5ZGZlOGNiZjBjMjk0OGMzYTM1Njg4MGZkMmMzZjIwM2Q1MDc1YTQ5YTM3 NGExZTNmNGQ4MWY2NzYyMWY5MzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOjkq2f18wZRQJhHoWOb+DLbD9KOy47qHRrQXEWO62NKiEczeXwa6QLORtYp S36ahxBkYCNhn/sjw3/vss3tHS9RM4AqCC9QdgBUp3jozqSk9azC7sP0MROEw2vr oWk+6Di9LWrRJzSsDBRt3SJhIazq7wBD7IP7xifrotorK0JgP5juIDIDykndu/Ne PzC0I+WQlg0J/ZwKPCEkcaxKeyu/CjmMBvV/OYMrgqL/mHHlAjXGgezMfFG3yaZL zoyAzFLrUSFbPY/PulMPVcYIRGNpO7SS+6GnIeUtxhAxJwKvIuie4+TVlK//8CYw yanFPrs5aaLBgH/5e14nQwm7EEkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTli0cz RGsZQ35x06MwfkAjmH92uDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YmFkNTlkZTQtYWRhZC00MWM1LWJjZDktMTA1OTk0MTljN2I1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN BgkqhkiG9w0BAQsFAAOCAQEAN9I+WoAPkzBIkGkROGT+pjpz/fGx+0zbe1JoL6PR CP5isT6ZKMb5W90UjNGTK6zwAdMuvK8Wsyeleche10OFTbKCfKouHquGmEj8UmtY JIKNMIYRim+SK2TRMVP59mvGeKVLcVGTl4n8QVUfv0s3cJ0rQ4h097a6mIjuT+YV HskaZFuXGGU0hBcvcKxN29iUByOEtCCyMYjQU2enHt+5QI3mk/9mIw0Z8wib3l+j UiMP1BGNY/qWlWL/Ha9Cy7ZWrq+E6TXpKUDB698b7axETEIxhZdVrDAqa6e5QIXH Ft+0wTqj42G17diYgvkhxnFMHKizndlL+kS8CgjolPqk4Q== -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:58 2025 by rpki-client