This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json) Hash identifier: KUOYn5SZ1UBWU6ECG5HHR86DNrAojOqYYZcsSwh7Qn0= Subject key identifier: BA:65:2F:C2:3F:44:B2:00:CD:7F:56:81:6E:D3:1D:23:95:0A:EC:09 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3E4B5662E6C4749CB2E95F1E30D32DDC94B634CF Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa Signing time: Sat 15 Nov 2025 06:40:58 +0000 ROA not before: Sat 15 Nov 2025 06:40:58 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.128.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:4b:56:62:e6:c4:74:9c:b2:e9:5f:1e:30:d3:2d:dc:94:b6:34:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:58 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f01d803e53e1026ea9ca264161a25e03d70ad00a7be2046fc58f82d75794a076, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:35:83:58:a6:8e:ef:b5:24:6a:33:f1:8f:df: 93:c6:14:de:ef:92:f8:2a:1a:95:08:fe:fa:c3:ba: 05:22:1f:8c:81:1a:1c:14:8a:3b:97:fb:db:b0:c8: e5:bd:63:d6:42:70:f5:58:5e:d6:fc:10:da:c8:71: f0:6f:e2:32:73:af:0c:cf:b0:9b:ef:a7:2f:42:e0: b5:d3:23:b8:19:a4:a0:a4:0d:b0:64:f6:ce:0f:a1: 59:19:7f:17:ad:3a:c1:ee:c5:38:c1:d6:63:5f:08: ec:de:ae:cb:44:82:28:22:fd:ee:17:e8:44:2d:4c: bb:dd:a1:82:28:39:70:77:c0:6c:33:38:cf:ed:8e: 62:26:29:e4:3f:ae:64:97:dc:78:fd:01:83:a8:48: dc:5c:62:4a:6e:6b:63:62:33:9a:40:67:69:f8:88: ff:29:fb:3b:b8:be:fe:64:3d:6a:2d:cd:6c:76:58: 4e:91:87:65:a8:70:f6:44:d2:17:50:e0:50:95:99: af:fc:56:45:b8:51:33:f3:37:24:48:6f:25:1a:d8: ce:5a:57:66:48:21:80:bc:cd:b1:81:f8:b9:f0:32: 77:6f:c8:dc:ab:09:72:b9:64:6a:44:9c:34:59:c5: b0:ba:bc:7d:f5:c7:89:11:9a:15:21:de:f6:9f:f8: 90:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:65:2F:C2:3F:44:B2:00:CD:7F:56:81:6E:D3:1D:23:95:0A:EC:09 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.128.0.0/16 Signature Algorithm: sha256WithRSAEncryption 18:c7:70:52:a4:5c:f7:84:96:13:60:29:63:bf:f1:0c:c4:ff: 17:85:c9:9e:8e:55:ca:ac:f0:ae:9e:2f:ce:77:46:31:31:52: 86:48:66:6e:c2:dc:7c:ca:24:ad:25:2b:2d:fb:9a:76:45:96: 65:37:09:c8:ee:ac:be:73:01:59:d0:5e:10:bf:ac:14:23:7c: 20:d6:87:b3:a4:12:76:52:4f:e0:b5:e5:8e:8f:47:dc:12:ad: 30:08:6c:e4:17:4f:83:dd:c7:a9:6c:2f:b8:06:df:25:7a:70: 35:bc:8e:04:ee:a1:39:3c:07:ed:3c:ae:d2:0b:a1:77:a6:0b: 20:69:5d:ed:3d:e7:e2:38:a8:49:72:40:e6:b2:44:b3:fd:0f: 09:54:f0:d0:ad:b3:d4:e0:bd:d9:59:df:1a:ad:78:28:eb:3f: 01:b0:6e:cc:ac:58:4c:68:22:09:ff:7b:21:47:f4:e0:2a:af: 02:d5:c7:d4:cb:c5:cc:1b:20:02:16:06:fe:12:6f:a3:c7:4e: f7:35:0a:b1:c1:a5:76:5e:89:91:96:9a:14:b3:db:5d:60:99: b6:14:40:30:0f:a6:6c:74:b8:1f:89:da:da:cc:51:7a:01:a0: 15:e4:77:09:8a:ef:eb:ef:74:20:d0:5e:af:66:f8:4e:54:3b: 67:1b:65:f1 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUPktWYubEdJyy6V8eMNMt3JS2NM8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwNThaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGYwMWQ4MDNlNTNlMTAyNmVhOWNhMjY0MTYxYTI1ZTAzZDcwYWQwMGE3YmUy MDQ2ZmM1OGY4MmQ3NTc5NGEwNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKg1g1imju+1JGoz8Y/fk8YU3u+S+CoalQj++sO6BSIfjIEaHBSKO5f727DI 5b1j1kJw9Vhe1vwQ2shx8G/iMnOvDM+wm++nL0LgtdMjuBmkoKQNsGT2zg+hWRl/ F606we7FOMHWY18I7N6uy0SCKCL97hfoRC1Mu92hgig5cHfAbDM4z+2OYiYp5D+u ZJfceP0Bg6hI3FxiSm5rY2IzmkBnafiI/yn7O7i+/mQ9ai3NbHZYTpGHZahw9kTS F1DgUJWZr/xWRbhRM/M3JEhvJRrYzlpXZkghgLzNsYH4ufAyd2/I3KsJcrlkakSc NFnFsLq8ffXHiRGaFSHe9p/4kNkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6ZS/C P0SyAM1/VoFu0x0jlQrsCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G CSqGSIb3DQEBCwUAA4IBAQAYx3BSpFz3hJYTYCljv/EMxP8XhcmejlXKrPCuni/O d0YxMVKGSGZuwtx8yiStJSst+5p2RZZlNwnI7qy+cwFZ0F4Qv6wUI3wg1oezpBJ2 Uk/gteWOj0fcEq0wCGzkF0+D3cepbC+4Bt8lenA1vI4E7qE5PAftPK7SC6F3pgsg aV3tPefiOKhJckDmskSz/Q8JVPDQrbPU4L3ZWd8arXgo6z8BsG7MrFhMaCIJ/3sh R/TgKq8C1cfUy8XMGyACFgb+Em+jx073NQqxwaV2XomRlpoUs9tdYJm2FEAwD6Zs dLgfidrazFF6AaAV5HcJiu/r73Qg0F6vZvhOVDtnG2Xx -----END CERTIFICATE-----Generated at Sat Dec 6 11:50:49 2025 by rpki-client