This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json) Hash identifier: oQq/YxgkC1X7YcJr10N+pfkg6AlwSlsvUkbKYECSJV8= Subject key identifier: 09:6D:B1:03:03:05:AD:63:D5:27:C8:B9:5F:15:56:92:32:9A:50:3D Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7F15AFADDD4A47CC24FB7BA2360F01561A4A8DE2 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa Signing time: Tue 18 Nov 2025 00:40:34 +0000 ROA not before: Tue 18 Nov 2025 00:40:34 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.24.0.0/13 maxlen: 13 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:15:af:ad:dd:4a:47:cc:24:fb:7b:a2:36:0f:01:56:1a:4a:8d:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:34 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=8f838801a604bead0f0aacfbeaa7960070428109ab9b51df53de6bef82c744c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:24:3d:7c:74:1e:e4:d6:cb:50:e9:8d:bd:28: ea:79:67:27:00:7e:66:dd:56:f7:81:a7:24:70:fc: 93:c5:36:a7:50:99:3a:1f:78:5a:cf:4f:43:1d:29: f2:fd:a4:dd:29:2d:f0:c8:cc:79:b2:c7:e8:7a:f4: 3a:d5:81:0a:9b:8c:9e:a9:dd:e6:11:6b:48:72:ba: 1f:52:53:9e:92:70:22:6b:02:47:8f:4f:ea:88:07: 84:f0:45:5b:63:56:66:5a:dd:39:18:f3:ef:03:63: 85:09:53:58:7a:d6:a5:3b:68:ca:25:b6:95:32:b4: 2d:c0:2d:c7:e2:13:fe:7a:fd:8a:6d:c4:17:5a:2d: f3:ff:01:44:a2:72:d8:a3:77:da:6c:c6:48:9e:d8: 1b:07:d2:ab:f1:02:1e:70:e9:07:df:18:34:50:2a: a3:cd:f3:1c:95:0e:a5:31:f2:19:d6:60:1e:92:90: 09:e2:f8:c9:0a:e5:c0:04:27:20:53:b2:47:5a:92: 2f:0d:78:6b:32:3e:8e:3a:f6:75:1d:85:78:c0:50: 71:91:69:d6:9a:f4:d4:85:ff:ff:52:3a:83:56:d0: d9:c5:e6:e9:db:af:ae:e7:67:a4:92:9a:e8:6a:69: b6:14:ef:ea:fb:78:de:1c:6b:9a:56:15:2c:6f:3a: 35:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:6D:B1:03:03:05:AD:63:D5:27:C8:B9:5F:15:56:92:32:9A:50:3D X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.24.0.0/13 Signature Algorithm: sha256WithRSAEncryption 90:55:45:c7:c5:ab:f6:66:e7:99:d7:18:4c:9e:2f:9a:b6:94: 4c:58:ec:23:2a:c7:14:12:d0:28:d4:d2:20:0b:0e:5e:83:63: d6:32:d7:86:71:1c:d2:d1:02:47:4b:04:4a:02:19:5d:a9:3c: b1:0d:5a:57:59:90:96:5b:39:15:d6:42:30:4d:f4:15:06:0a: 38:39:18:2e:65:6b:5e:aa:34:83:c2:83:5f:17:f0:04:9a:07: 92:c6:d3:2c:0a:ce:e7:eb:1a:58:ec:bd:ce:32:c5:fc:8c:6c: 03:1d:f3:8d:d2:43:9f:59:40:0b:16:2b:44:07:78:93:da:20: 82:84:2b:d4:c5:a5:36:28:41:47:ee:b9:84:b9:01:59:88:1e: 60:cb:23:26:2d:47:6c:f8:a0:ff:f1:62:1a:0c:be:59:c2:e4: 5b:aa:2d:10:b4:b5:33:86:55:4e:66:2f:ec:40:30:53:aa:c9: ae:1e:ba:bf:2f:1d:1f:8f:c4:98:0e:2d:18:6c:ea:c6:b2:93: 81:c7:ac:2b:85:92:9f:e9:a3:32:cb:02:dd:7c:0a:23:43:af: fe:b1:fc:1a:10:20:a4:f7:95:9c:79:8e:9b:76:39:ac:a7:ff: 4d:4c:91:1e:61:57:4b:92:b6:a6:e3:73:b6:8c:19:5f:e6:ce: 1a:74:1b:47 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUfxWvrd1KR8wk+3uiNg8BVhpKjeIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMzRaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDhmODM4ODAxYTYwNGJlYWQwZjBhYWNmYmVhYTc5NjAwNzA0MjgxMDlhYjli NTFkZjUzZGU2YmVmODJjNzQ0YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwkPXx0HuTWy1Dpjb0o6nlnJwB+Zt1W94GnJHD8k8U2p1CZOh94Ws9PQx0p 8v2k3Skt8MjMebLH6Hr0OtWBCpuMnqnd5hFrSHK6H1JTnpJwImsCR49P6ogHhPBF W2NWZlrdORjz7wNjhQlTWHrWpTtoyiW2lTK0LcAtx+IT/nr9im3EF1ot8/8BRKJy 2KN32mzGSJ7YGwfSq/ECHnDpB98YNFAqo83zHJUOpTHyGdZgHpKQCeL4yQrlwAQn IFOyR1qSLw14azI+jjr2dR2FeMBQcZFp1pr01IX//1I6g1bQ2cXm6duvrudnpJKa 6GppthTv6vt43hxrmlYVLG86NUcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJbbED AwWtY9UnyLlfFVaSMppQPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G CSqGSIb3DQEBCwUAA4IBAQCQVUXHxav2ZueZ1xhMni+atpRMWOwjKscUEtAo1NIg Cw5eg2PWMteGcRzS0QJHSwRKAhldqTyxDVpXWZCWWzkV1kIwTfQVBgo4ORguZWte qjSDwoNfF/AEmgeSxtMsCs7n6xpY7L3OMsX8jGwDHfON0kOfWUALFitEB3iT2iCC hCvUxaU2KEFH7rmEuQFZiB5gyyMmLUds+KD/8WIaDL5ZwuRbqi0QtLUzhlVOZi/s QDBTqsmuHrq/Lx0fj8SYDi0YbOrGspOBx6wrhZKf6aMyywLdfAojQ6/+sfwaECCk 95WceY6bdjmsp/9NTJEeYVdLkram43O2jBlf5s4adBtH -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:18 2025 by rpki-client