This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json) Hash identifier: hHAdPVXwnmSsxgqJEZ+mC395ulybt/HXzlXjHqHNrAk= Subject key identifier: 61:ED:4F:9E:AE:59:43:19:3A:9F:F6:FC:6D:22:93:DF:49:51:87:41 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7A3A96536578DB7BFA70B659FEC1DEAD0907A05A Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa Signing time: Tue 18 Nov 2025 00:40:04 +0000 ROA not before: Tue 18 Nov 2025 00:40:04 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.240.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:3a:96:53:65:78:db:7b:fa:70:b6:59:fe:c1:de:ad:09:07:a0:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:04 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=c0cf25600c428973741fea3d063145b9b1312c68f8bc3905c5355f6240e7623d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:5b:ea:67:1c:89:1c:4c:d0:0d:bf:11:c7:9e: 03:38:3d:a8:31:31:87:1c:54:73:ec:bb:f4:46:3c: 07:7d:4c:d6:9f:20:9a:31:4e:ff:d4:b4:a2:12:42: b9:7d:35:8c:10:88:2d:b4:f2:0c:06:25:20:80:81: cf:ea:e5:b4:45:f7:78:d2:e1:e4:57:af:cc:db:48: 4a:d1:a1:e0:20:06:52:bd:45:75:11:17:53:e3:ae: 4d:ad:40:5d:87:85:69:28:6e:da:97:29:ca:ce:5b: 84:bc:5a:b2:c1:70:6b:a3:a9:22:61:e3:a2:5e:1a: 60:e8:49:d8:48:81:19:6d:f6:21:fb:91:02:b8:c4: c8:74:1d:11:a1:46:5a:31:3c:fd:08:f0:8a:40:6a: d8:89:ae:cd:e9:05:5e:3e:ae:35:ff:b4:b0:e0:97: f6:ca:7b:b0:80:67:29:d8:97:aa:4c:9f:b5:06:47: 90:bf:e2:4c:f0:10:db:7c:66:a5:35:59:e2:56:cb: da:fc:3d:80:fb:70:4f:a8:05:15:16:2a:b8:94:c0: 74:43:0a:f2:9b:bc:0f:c0:e8:5b:7f:44:48:fb:89: 15:e6:95:83:d3:a5:c7:7d:fc:b6:8c:f4:76:81:1a: 0c:32:7d:5c:e7:fe:cd:2f:ed:c5:45:57:08:da:26: 69:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:ED:4F:9E:AE:59:43:19:3A:9F:F6:FC:6D:22:93:DF:49:51:87:41 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.240.0/22 Signature Algorithm: sha256WithRSAEncryption 66:50:57:93:01:a5:df:79:f5:18:49:80:77:71:e9:6e:ba:4d: 69:bc:33:5b:7a:96:b7:05:3a:36:80:e6:c3:c2:b2:25:d8:ec: 9e:58:70:92:57:48:32:ce:1e:b8:ff:2f:44:0d:04:b0:73:73: 53:1d:cd:70:52:b1:67:8c:3a:d1:54:74:44:47:08:39:24:f9: 5b:28:5b:d7:e4:99:3a:75:aa:68:84:1a:aa:3b:e4:14:a8:f0: 34:b2:26:7b:b7:c6:c7:26:f5:fa:43:23:ee:e3:fe:da:fd:3d: 4c:31:f7:35:d2:12:1b:59:8b:02:41:22:81:ae:89:43:42:d1: 6d:a1:f3:98:4c:a5:f7:21:75:eb:21:e7:2d:ac:76:d7:f6:92: 8b:64:8a:e1:d6:d9:a2:f0:0f:1f:6a:14:c5:d6:5d:b6:ab:8a: 4c:d2:2c:bc:8b:53:49:97:d0:b3:aa:c3:10:d3:92:6a:06:43: e2:64:05:be:4f:38:a4:e3:c5:eb:86:f7:4f:5a:be:47:64:08: f8:47:98:5b:2a:e7:c2:6e:c8:c7:ab:08:5c:73:71:7e:0e:11: 05:7b:e0:7f:4e:f1:90:40:82:d8:e0:76:5b:e8:56:2e:f2:93: 6d:4d:61:fd:c8:bc:d9:b2:bc:cf:cc:19:d3:50:cb:34:71:e1: b4:70:87:25 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUejqWU2V423v6cLZZ/sHerQkHoFowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDRaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGMwY2YyNTYwMGM0Mjg5NzM3NDFmZWEzZDA2MzE0NWI5YjEzMTJjNjhmOGJj MzkwNWM1MzU1ZjYyNDBlNzYyM2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANRb6mcciRxM0A2/EceeAzg9qDExhxxUc+y79EY8B31M1p8gmjFO/9S0ohJC uX01jBCILbTyDAYlIICBz+rltEX3eNLh5FevzNtIStGh4CAGUr1FdREXU+OuTa1A XYeFaShu2pcpys5bhLxassFwa6OpImHjol4aYOhJ2EiBGW32IfuRArjEyHQdEaFG WjE8/QjwikBq2ImuzekFXj6uNf+0sOCX9sp7sIBnKdiXqkyftQZHkL/iTPAQ23xm pTVZ4lbL2vw9gPtwT6gFFRYquJTAdEMK8pu8D8DoW39ESPuJFeaVg9Olx338toz0 doEaDDJ9XOf+zS/txUVXCNomaZECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRh7U+e rllDGTqf9vxtIpPfSVGHQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN BgkqhkiG9w0BAQsFAAOCAQEAZlBXkwGl33n1GEmAd3HpbrpNabwzW3qWtwU6NoDm w8KyJdjsnlhwkldIMs4euP8vRA0EsHNzUx3NcFKxZ4w60VR0REcIOST5Wyhb1+SZ OnWqaIQaqjvkFKjwNLIme7fGxyb1+kMj7uP+2v09TDH3NdISG1mLAkEiga6JQ0LR baHzmEyl9yF16yHnLax21/aSi2SK4dbZovAPH2oUxdZdtquKTNIsvItTSZfQs6rD ENOSagZD4mQFvk84pOPF64b3T1q+R2QI+EeYWyrnwm7Ix6sIXHNxfg4RBXvgf07x kECC2OB2W+hWLvKTbU1h/ci82bK8z8wZ01DLNHHhtHCHJQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:50 2025 by rpki-client