This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json) Hash identifier: 9LnGUYvVR6z0d/gmuoUTnd4zWUQbqRIWIi1cSzC54Gc= Subject key identifier: 1C:21:99:C5:DC:F1:BA:EC:07:9B:D9:87:B0:8D:F4:3C:27:D7:FA:F8 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7EF98E37C6FEDBCC3A9ACD8C89074BF7B1ECBFE4 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa Signing time: Tue 25 Nov 2025 20:10:26 +0000 ROA not before: Tue 25 Nov 2025 20:10:26 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.232.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:f9:8e:37:c6:fe:db:cc:3a:9a:cd:8c:89:07:4b:f7:b1:ec:bf:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:26 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=30454e72bed4cdd932f6fbb7439e392bcd42b0c9ca7c600e22ecbb982964c144, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3e:5f:bc:e6:c8:ee:64:4e:19:2a:b8:dc:e4: 63:43:17:1c:7e:79:9c:33:a4:4e:5a:d5:53:2a:12: 73:a0:80:b4:f9:bc:22:e0:b0:9c:37:76:df:a8:c2: f1:33:b2:7f:3e:4d:07:82:a3:09:bb:05:2a:2a:c9: 45:7c:8e:a8:f3:ce:eb:8b:0d:c6:ec:cd:0a:70:c4: 07:65:99:fb:cd:0f:b7:ec:43:8e:fa:1a:43:97:55: d7:5f:24:c4:d8:11:e9:ad:79:f5:7b:99:7e:b4:ac: 9d:26:2a:f5:a0:76:10:e8:a4:cd:a6:f0:51:8a:39: 85:cc:53:cc:2c:0a:bf:d9:1c:d8:c7:56:bd:3c:10: e8:a2:59:91:94:97:d8:71:11:ac:c6:3c:be:c7:2b: 9c:ae:92:bb:1b:2c:96:5c:07:ac:78:6f:3d:d0:94: 99:7e:72:c4:de:d1:3e:6d:a9:20:89:22:c7:60:79: dd:9a:18:28:bb:b0:c1:45:fe:1c:a5:9a:d9:6b:d3: 24:74:e6:46:2f:84:06:90:b6:7d:5a:1a:24:2a:f0: 51:e4:f4:95:f9:58:dc:81:be:a9:5d:b8:17:2a:5c: 9b:0e:70:c2:d2:e2:22:00:48:50:d3:79:7a:07:f2: 0d:a1:c3:01:c6:d4:77:80:6b:d1:00:43:68:dc:19: 51:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:21:99:C5:DC:F1:BA:EC:07:9B:D9:87:B0:8D:F4:3C:27:D7:FA:F8 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.232.0.0/15 Signature Algorithm: sha256WithRSAEncryption 22:5c:4b:2e:a2:de:6d:9d:1e:e3:77:1d:c8:bc:07:db:64:e5: 6f:2e:a5:47:3d:74:99:84:e9:7e:a5:b2:73:ef:5c:ad:7b:64: f6:13:75:b0:7c:13:c0:8b:65:e9:95:49:e3:5b:d0:3d:31:21: 3f:3e:6b:71:28:44:85:75:61:97:a4:37:19:4e:32:3a:57:9b: 0f:5d:4c:67:19:99:5d:19:35:58:78:ad:ba:5c:54:b5:82:e5: 3f:c0:bc:29:28:21:24:6c:3d:24:ff:1b:c7:79:96:66:29:a6: 92:8c:65:0e:12:89:17:5c:44:25:e3:6b:f3:bf:40:2d:82:81: 4f:ce:19:6e:81:df:06:81:84:a4:9b:29:24:1a:ca:2e:50:6d: 5a:32:d8:87:28:4b:bb:9d:6c:a6:45:89:f6:ae:3c:89:56:08: 10:cb:b6:cd:97:e9:91:04:6a:23:56:16:29:1d:9e:e6:d9:d6: 5c:1c:81:97:ef:4b:7b:75:c1:ad:ba:40:3e:88:a8:10:44:5e: fe:0e:ef:54:e8:ef:92:ca:de:be:ec:89:f9:f6:38:08:ef:5f: a2:93:86:12:98:24:e4:0a:aa:b4:55:a1:ca:51:d4:ec:e3:2b: eb:b3:af:2f:a2:81:be:44:67:5c:20:1d:cf:69:07:00:d5:31: 62:d2:31:3c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUfvmON8b+28w6ms2MiQdL97Hsv+QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjZaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDMwNDU0ZTcyYmVkNGNkZDkzMmY2ZmJiNzQzOWUzOTJiY2Q0MmIwYzljYTdj NjAwZTIyZWNiYjk4Mjk2NGMxNDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALk+X7zmyO5kThkquNzkY0MXHH55nDOkTlrVUyoSc6CAtPm8IuCwnDd236jC 8TOyfz5NB4KjCbsFKirJRXyOqPPO64sNxuzNCnDEB2WZ+80Pt+xDjvoaQ5dV118k xNgR6a159XuZfrSsnSYq9aB2EOikzabwUYo5hcxTzCwKv9kc2MdWvTwQ6KJZkZSX 2HERrMY8vscrnK6SuxssllwHrHhvPdCUmX5yxN7RPm2pIIkix2B53ZoYKLuwwUX+ HKWa2WvTJHTmRi+EBpC2fVoaJCrwUeT0lflY3IG+qV24Fypcmw5wwtLiIgBIUNN5 egfyDaHDAcbUd4Br0QBDaNwZUfMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQcIZnF 3PG67Aeb2YewjfQ8J9f6+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G CSqGSIb3DQEBCwUAA4IBAQAiXEsuot5tnR7jdx3IvAfbZOVvLqVHPXSZhOl+pbJz 71yte2T2E3WwfBPAi2XplUnjW9A9MSE/PmtxKESFdWGXpDcZTjI6V5sPXUxnGZld GTVYeK26XFS1guU/wLwpKCEkbD0k/xvHeZZmKaaSjGUOEokXXEQl42vzv0AtgoFP zhlugd8GgYSkmykkGsouUG1aMtiHKEu7nWymRYn2rjyJVggQy7bNl+mRBGojVhYp HZ7m2dZcHIGX70t7dcGtukA+iKgQRF7+Du9U6O+Syt6+7In59jgI71+ik4YSmCTk Cqq0VaHKUdTs4yvrs68vooG+RGdcIB3PaQcA1TFi0jE8 -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:08 2025 by rpki-client