This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json) Hash identifier: a0SO2r4I67VmVyNLemOaRc7F/0wO0cUQSjRbMD/M5qU= Subject key identifier: A2:B0:CF:AF:B9:27:B6:2B:3F:F2:81:A6:97:65:A7:33:9E:65:9E:BD Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 649862EF1260861A2FC8E5B85E90ABB53EE1574E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa Signing time: Sun 16 Nov 2025 01:00:18 +0000 ROA not before: Sun 16 Nov 2025 01:00:18 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 212.173.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:98:62:ef:12:60:86:1a:2f:c8:e5:b8:5e:90:ab:b5:3e:e1:57:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:18 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=b1d263f46b2da0c7ba9da7ad4269d995bec42d5de693d2916fb1c3d2ae1823d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:37:2b:fc:8d:86:76:ad:c1:ec:cd:be:f0:a9: 79:58:87:12:4f:b4:a9:ba:66:eb:09:81:be:ec:b6: cf:56:de:a4:1d:92:06:67:e4:c9:24:93:5e:5c:e4: fd:dd:bc:b6:4c:c2:1a:d2:70:c2:17:48:0b:d1:f8: 50:27:43:02:9e:9b:1b:b0:8d:79:6b:b6:c1:94:16: f5:9e:04:49:42:f2:32:3f:08:d1:88:80:08:17:eb: 55:d3:61:52:91:45:5f:94:aa:18:3a:a1:b1:03:f5: 64:99:e2:bd:78:6e:fb:cb:aa:cd:91:e0:af:df:9f: be:98:2d:f3:e0:7b:42:e0:b1:a0:41:ca:7b:e7:46: 14:c0:ef:e6:6a:94:b8:16:82:3f:51:66:f7:20:46: 82:86:71:80:cc:f4:e8:66:e6:e4:b7:ac:52:99:b7: fb:92:c8:9b:6a:d2:0e:7b:31:12:6d:40:0a:3a:34: 14:eb:d0:39:0b:39:50:ee:50:c8:85:79:fa:57:e8: 47:bb:4b:87:5b:de:dd:c0:40:24:75:48:bd:65:bc: 16:50:42:4b:86:ce:61:cc:5e:26:d4:80:78:b0:a4: ed:d8:87:ed:f2:ea:6e:5c:a1:1e:fe:64:d7:2b:fc: 4f:d2:e0:2c:d0:3d:cf:29:96:3d:2a:03:3b:33:e1: c1:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:B0:CF:AF:B9:27:B6:2B:3F:F2:81:A6:97:65:A7:33:9E:65:9E:BD X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.173.128.0/17 Signature Algorithm: sha256WithRSAEncryption 59:8d:4a:d4:7e:d7:74:98:a4:48:39:2c:26:15:88:3e:d6:98: d1:05:cb:79:4a:6c:4a:e7:4d:a7:1a:9b:88:74:fd:2c:8c:32: fa:da:8a:b1:97:20:1b:3c:31:e5:38:90:a7:12:28:0b:07:9e: 76:e0:ab:53:ac:40:40:50:9c:f7:f2:a9:4c:93:ee:ce:01:1f: 04:6b:1e:b7:1b:df:31:f5:ff:ed:60:b4:de:9c:e1:04:e8:14: 5d:1b:2b:e8:5f:f8:50:a3:66:f4:51:09:c3:e6:96:dd:82:80: cd:7d:a0:06:f4:05:3a:9e:16:82:43:fe:cf:94:b0:b2:d0:b6: bc:65:3f:c7:e2:b3:5b:0a:e9:fd:11:9d:42:fe:68:36:09:ff: 24:e2:bc:eb:aa:a1:5f:27:9a:86:c1:ed:95:14:ea:ed:e8:e7: ce:73:d3:70:37:7f:ae:7a:a4:37:1e:82:04:9e:d8:6f:ef:90: 76:9b:e1:00:e4:47:16:71:8a:b7:0a:48:6d:79:7d:d6:f7:4b: ad:28:21:ad:29:f3:f4:23:85:18:19:35:bf:ff:10:7b:03:d1: 0d:68:6c:39:ad:f1:13:30:55:00:40:3b:fc:27:6a:ec:3f:c8: 75:9f:5a:b2:ef:85:05:8f:24:25:bd:e1:a5:f6:a9:2c:77:9e: 66:a8:ac:28 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUZJhi7xJghhovyOW4XpCrtT7hV04wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMThaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGIxZDI2M2Y0NmIyZGEwYzdiYTlkYTdhZDQyNjlkOTk1YmVjNDJkNWRlNjkz ZDI5MTZmYjFjM2QyYWUxODIzZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANw3K/yNhnatwezNvvCpeViHEk+0qbpm6wmBvuy2z1bepB2SBmfkySSTXlzk /d28tkzCGtJwwhdIC9H4UCdDAp6bG7CNeWu2wZQW9Z4ESULyMj8I0YiACBfrVdNh UpFFX5SqGDqhsQP1ZJnivXhu+8uqzZHgr9+fvpgt8+B7QuCxoEHKe+dGFMDv5mqU uBaCP1Fm9yBGgoZxgMz06Gbm5LesUpm3+5LIm2rSDnsxEm1ACjo0FOvQOQs5UO5Q yIV5+lfoR7tLh1ve3cBAJHVIvWW8FlBCS4bOYcxeJtSAeLCk7diH7fLqblyhHv5k 1yv8T9LgLNA9zymWPSoDOzPhwbECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSisM+v uSe2Kz/ygaaXZacznmWevTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN BgkqhkiG9w0BAQsFAAOCAQEAWY1K1H7XdJikSDksJhWIPtaY0QXLeUpsSudNpxqb iHT9LIwy+tqKsZcgGzwx5TiQpxIoCweeduCrU6xAQFCc9/KpTJPuzgEfBGsetxvf MfX/7WC03pzhBOgUXRsr6F/4UKNm9FEJw+aW3YKAzX2gBvQFOp4WgkP+z5SwstC2 vGU/x+KzWwrp/RGdQv5oNgn/JOK866qhXyeahsHtlRTq7ejnznPTcDd/rnqkNx6C BJ7Yb++QdpvhAORHFnGKtwpIbXl91vdLrSghrSnz9COFGBk1v/8QewPRDWhsOa3x EzBVAEA7/Cdq7D/IdZ9asu+FBY8kJb3hpfapLHeeZqisKA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:09 2025 by rpki-client