This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json) Hash identifier: zayJCLM3Z94IDPsQZ1yNAlN1Qm2PsJG2k9x+lLiyxHg= Subject key identifier: 86:16:AA:E6:B9:09:5E:A6:B8:9A:50:F8:57:35:B4:9A:A2:1B:48:3A Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4C3A126D007D16EF2CC6E336C0AA82002150B250 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa Signing time: Sat 15 Nov 2025 06:50:09 +0000 ROA not before: Sat 15 Nov 2025 06:50:09 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 152.134.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:3a:12:6d:00:7d:16:ef:2c:c6:e3:36:c0:aa:82:00:21:50:b2:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:09 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5da56455c06327445e0e7bf7f4193a93a1aeb6d70c9f4910d034cba68b258436, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1d:93:c1:60:e2:c9:83:c4:10:69:74:92:36: 5c:73:84:0f:34:d6:ba:03:ea:3f:72:3e:a3:95:d6: ba:52:68:17:2e:96:d2:d4:5b:4a:9b:03:ff:cf:8a: c7:d7:91:3f:0e:eb:6a:2e:55:e6:66:2b:df:d6:46: 51:75:98:49:64:18:1d:fa:b5:86:bc:1c:cd:d4:0c: a8:ce:f1:a3:c6:79:08:76:03:c3:23:d9:fe:b6:10: 9a:cf:20:36:0d:31:fe:67:65:4d:6b:86:c9:81:19: 0e:38:fb:76:23:9d:91:ac:63:50:06:37:97:64:89: b8:b9:44:92:f6:ec:c1:32:8b:96:13:ec:24:03:02: ef:a0:5d:e5:7c:29:87:a2:d4:49:1a:86:32:dc:59: 49:70:2b:83:d4:77:02:25:b3:9e:fa:64:90:2e:db: b1:d4:98:9b:fa:1d:51:c8:69:85:39:27:fa:dc:b9: db:19:a8:f8:87:90:16:63:85:52:dc:ac:3f:f7:9e: 88:76:5b:9c:00:2d:ab:62:87:f3:fc:22:6d:80:fd: a3:fd:91:01:53:4a:3c:6a:63:3e:03:2b:b8:57:34: d4:d1:c6:85:12:a6:4d:3c:64:0d:21:e5:bc:61:36: 1a:62:49:cd:71:39:2a:87:74:24:94:2d:1f:bd:66: 07:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:16:AA:E6:B9:09:5E:A6:B8:9A:50:F8:57:35:B4:9A:A2:1B:48:3A X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.134.0.0/16 Signature Algorithm: sha256WithRSAEncryption 2b:6e:0f:64:76:ec:fb:e4:55:df:19:07:3b:80:36:86:cd:b1: 8f:0f:31:86:e2:22:4c:36:e3:9f:a8:73:20:6a:b8:27:20:4f: 37:96:32:0a:fd:08:9a:20:30:e0:a6:f7:c3:b3:91:3a:d6:eb: dd:94:51:b1:b1:5b:79:42:d8:56:9f:19:df:b9:69:80:9b:60: 03:14:a4:85:4f:e2:0f:47:35:a8:5f:ec:a1:94:3b:52:73:55: 8e:1f:0c:c4:76:79:8a:6a:b5:2a:0b:4e:f8:df:6e:f2:f3:d3: 8a:2a:15:88:6e:0a:85:7e:0d:1a:95:81:5d:80:dc:9e:07:b7: c2:8d:bc:0d:72:cb:08:87:7a:d7:96:59:25:d5:d5:2b:5d:27: 77:9c:07:df:f7:b4:9f:78:5a:42:43:aa:64:38:ed:7d:f3:77: 32:f8:6f:42:96:6f:91:24:91:d0:de:6f:04:c9:5e:63:32:2e: 6a:58:f8:b1:42:9c:e0:17:5a:e9:37:f2:74:27:85:b1:77:66: 04:b8:28:c7:ba:ec:fc:b3:fc:7a:22:70:28:aa:c7:73:11:21: 0c:fb:47:53:da:93:6f:ca:ef:b8:f6:93:a0:f4:d5:e4:09:cb: 9b:aa:ab:b1:77:fc:25:35:9b:af:9f:d0:4a:52:b3:02:f2:3c: f8:1b:ea:64 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUTDoSbQB9Fu8sxuM2wKqCACFQslAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVkYTU2NDU1YzA2MzI3NDQ1ZTBlN2JmN2Y0MTkzYTkzYTFhZWI2ZDcwYzlm NDkxMGQwMzRjYmE2OGIyNTg0MzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALcdk8Fg4smDxBBpdJI2XHOEDzTWugPqP3I+o5XWulJoFy6W0tRbSpsD/8+K x9eRPw7rai5V5mYr39ZGUXWYSWQYHfq1hrwczdQMqM7xo8Z5CHYDwyPZ/rYQms8g Ng0x/mdlTWuGyYEZDjj7diOdkaxjUAY3l2SJuLlEkvbswTKLlhPsJAMC76Bd5Xwp h6LUSRqGMtxZSXArg9R3AiWznvpkkC7bsdSYm/odUchphTkn+ty52xmo+IeQFmOF UtysP/eeiHZbnAAtq2KH8/wibYD9o/2RAVNKPGpjPgMruFc01NHGhRKmTTxkDSHl vGE2GmJJzXE5Kod0JJQtH71mB+MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSGFqrm uQlepriaUPhXNbSaohtIOjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G CSqGSIb3DQEBCwUAA4IBAQArbg9kduz75FXfGQc7gDaGzbGPDzGG4iJMNuOfqHMg argnIE83ljIK/QiaIDDgpvfDs5E61uvdlFGxsVt5QthWnxnfuWmAm2ADFKSFT+IP RzWoX+yhlDtSc1WOHwzEdnmKarUqC074327y89OKKhWIbgqFfg0alYFdgNyeB7fC jbwNcssIh3rXllkl1dUrXSd3nAff97SfeFpCQ6pkOO1983cy+G9Clm+RJJHQ3m8E yV5jMi5qWPixQpzgF1rpN/J0J4Wxd2YEuCjHuuz8s/x6InAoqsdzESEM+0dT2pNv yu+49pOg9NXkCcubqquxd/wlNZuvn9BKUrMC8jz4G+pk -----END CERTIFICATE-----Generated at Sat Dec 6 12:49:27 2025 by rpki-client