This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json) Hash identifier: fwl6oZd8FiIz5qO1jzJD57E7zVuEI5HHp2h1/FNc5Vw= Subject key identifier: 0C:4C:55:38:8A:EF:64:86:E1:CC:46:D1:9D:63:B8:10:80:EC:A3:2C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 218C1D92F06563EE77A193C208A16F5405DE2F09 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa Signing time: Sat 15 Nov 2025 06:50:23 +0000 ROA not before: Sat 15 Nov 2025 06:50:23 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 143.65.224.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:8c:1d:92:f0:65:63:ee:77:a1:93:c2:08:a1:6f:54:05:de:2f:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:23 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=904f7a58f2e551bd2d12a0471fc9d146abf420547547067116ab70bf7689c5a2, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:3e:e6:15:89:13:a6:05:f5:e0:87:b3:2a:cb: 06:fb:b6:c1:6b:42:5e:9d:16:3e:b4:01:79:e5:73: 76:bf:fa:da:ed:31:bc:03:73:81:4f:75:be:62:ee: 6f:ec:48:00:37:ce:48:a5:90:5b:80:28:6b:c9:c0: cf:5e:e2:3a:1b:ea:5c:1b:55:75:51:78:9d:a1:ae: 3b:be:30:88:fc:f0:38:a2:e6:09:49:50:bb:9a:89: 79:62:d1:e0:87:8c:a8:99:56:f6:8b:71:cc:b4:b4: d3:0c:1c:a7:c3:e5:a5:f5:00:37:19:84:80:90:0f: 18:48:ea:76:7c:18:90:45:20:9d:3b:e8:cc:69:37: bd:3e:e8:ab:f4:44:34:f2:e7:ad:2c:da:31:53:01: 86:97:91:fe:42:2e:c7:3d:33:fe:95:33:ab:f5:22: 99:04:52:62:7e:9e:30:f4:ad:31:c3:f8:d3:2f:6c: 0f:f1:99:53:15:db:5a:a9:6c:5d:bb:59:ed:f3:00: 0e:0f:72:99:f7:b6:3b:c8:39:00:0e:2d:df:4e:a5: 64:53:e8:e2:1a:c0:c9:6e:4c:6b:84:22:47:9e:5e: 84:f9:2d:b0:04:66:fe:83:2b:74:d5:3b:c5:4c:9f: a6:25:fd:7b:fd:86:bc:8a:72:f8:75:dc:be:2c:77: 5f:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:4C:55:38:8A:EF:64:86:E1:CC:46:D1:9D:63:B8:10:80:EC:A3:2C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.65.224.0/19 Signature Algorithm: sha256WithRSAEncryption 2c:fb:51:7b:f0:f6:05:49:58:45:d4:c2:a5:b9:fc:5c:d9:94: 8f:7f:24:6d:aa:85:9e:e8:52:d4:e6:c0:0d:77:a1:57:8e:c2: 6d:a0:9f:81:89:3a:38:7e:63:70:6c:24:54:f8:36:69:d9:0c: 69:cd:c5:1d:80:71:ae:ed:04:8c:d7:14:d6:69:0c:32:a8:de: 25:5e:dc:30:2c:08:22:b2:91:10:05:3c:9f:67:2a:0d:f8:a1: a0:12:d6:51:0b:bc:d4:19:c2:91:3c:60:af:dc:44:68:0f:19: 6c:82:e8:32:a6:18:e2:8e:82:de:ad:c0:b7:1d:63:df:0a:e7: 93:2e:13:af:37:8b:02:9e:4e:e0:02:2e:b6:5b:fc:37:8d:00: b2:13:63:2a:40:7e:48:a3:bf:6d:cc:c0:0d:d2:1b:1c:55:99: f8:c3:65:c1:c6:d2:b3:6d:c6:0c:3f:6c:e6:1b:21:cf:d7:85: 2b:72:a7:77:59:ad:23:0c:f5:0f:fd:6d:49:f3:60:ac:2c:96: a8:9b:96:0b:88:ca:ab:72:0c:49:31:4a:0e:2a:28:41:58:d2: 53:27:6c:b4:58:6f:b6:d6:0f:12:49:da:71:ef:f5:7d:b9:0a: 77:51:73:d1:7a:a9:b8:85:23:09:5a:37:5f:5a:c6:b6:08:45: 77:34:9e:6e -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUIYwdkvBlY+53oZPCCKFvVAXeLwkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMjNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDkwNGY3YTU4ZjJlNTUxYmQyZDEyYTA0NzFmYzlkMTQ2YWJmNDIwNTQ3NTQ3 MDY3MTE2YWI3MGJmNzY4OWM1YTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANU+5hWJE6YF9eCHsyrLBvu2wWtCXp0WPrQBeeVzdr/62u0xvANzgU91vmLu b+xIADfOSKWQW4Aoa8nAz17iOhvqXBtVdVF4naGuO74wiPzwOKLmCUlQu5qJeWLR 4IeMqJlW9otxzLS00wwcp8PlpfUANxmEgJAPGEjqdnwYkEUgnTvozGk3vT7oq/RE NPLnrSzaMVMBhpeR/kIuxz0z/pUzq/UimQRSYn6eMPStMcP40y9sD/GZUxXbWqls XbtZ7fMADg9ymfe2O8g5AA4t306lZFPo4hrAyW5Ma4QiR55ehPktsARm/oMrdNU7 xUyfpiX9e/2GvIpy+HXcvix3X6sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQMTFU4 iu9khuHMRtGdY7gQgOyjLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN BgkqhkiG9w0BAQsFAAOCAQEALPtRe/D2BUlYRdTCpbn8XNmUj38kbaqFnuhS1ObA DXehV47CbaCfgYk6OH5jcGwkVPg2adkMac3FHYBxru0EjNcU1mkMMqjeJV7cMCwI IrKREAU8n2cqDfihoBLWUQu81BnCkTxgr9xEaA8ZbILoMqYY4o6C3q3Atx1j3wrn ky4TrzeLAp5O4AIutlv8N40AshNjKkB+SKO/bczADdIbHFWZ+MNlwcbSs23GDD9s 5hshz9eFK3Knd1mtIwz1D/1tSfNgrCyWqJuWC4jKq3IMSTFKDiooQVjSUydstFhv ttYPEknace/1fbkKd1Fz0XqpuIUjCVo3X1rGtghFdzSebg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:09 2025 by rpki-client