This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json) Hash identifier: qB1NESp52ssrzGdBk5KlTcthExM+rknZ8Dk77iG1jL4= Subject key identifier: 40:AE:0B:E5:A3:FE:F0:DD:4D:10:18:92:63:9A:8E:0A:23:E6:AB:2C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3B68B4A3636DD638FAAE4E4FC5890D85AABA3F46 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa Signing time: Sat 15 Nov 2025 06:40:05 +0000 ROA not before: Sat 15 Nov 2025 06:40:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.204.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 03 Dec 2025 20:16:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:68:b4:a3:63:6d:d6:38:fa:ae:4e:4f:c5:89:0d:85:aa:ba:3f:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5fa5060f778e2d088e522b300489333809a92f03b0662cad91cbd7165f9dbd87, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:63:5d:fa:12:f6:0f:53:f3:69:31:c2:ab:84: ea:a0:3d:d6:ff:87:3d:19:15:c9:2f:43:af:cc:e0: d7:e7:0f:eb:ac:f1:0b:b6:d3:45:06:cb:44:2b:c5: 83:1d:27:60:02:76:7c:65:ac:27:62:b7:09:a7:92: 39:bd:c9:55:e4:43:5a:9b:2a:b5:f3:27:9f:a0:f7: 40:e2:1e:69:c7:f4:a5:ac:f0:02:4a:ca:60:72:d6: 9f:ad:c6:5a:d1:cd:60:b2:28:35:0b:69:d8:72:05: af:1e:c7:79:55:67:e0:d9:a0:3e:4b:e9:59:bc:55: b3:a3:98:57:4b:5c:30:ce:aa:89:91:96:ab:90:43: dd:26:2e:d3:b3:fb:56:a9:1d:cb:00:7b:19:40:de: 4b:8a:82:07:2d:c9:46:e3:10:02:f7:41:42:10:0d: 8f:94:2c:71:e7:dc:ea:c0:d6:4d:c9:c5:02:35:16: 0d:b0:68:e5:87:e3:b8:d8:af:51:79:bb:d6:15:b8: 50:45:18:78:84:ed:34:dc:bf:89:44:b3:40:aa:d2: f3:aa:75:65:bd:76:c2:3b:0c:30:58:c1:2f:4b:3a: 67:16:96:79:bb:02:96:cb:b1:3a:2a:fc:8b:09:f2: b7:dd:c4:3d:96:93:fb:0c:1c:cd:28:8a:23:f0:24: 01:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:AE:0B:E5:A3:FE:F0:DD:4D:10:18:92:63:9A:8E:0A:23:E6:AB:2C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.204.0.0/15 Signature Algorithm: sha256WithRSAEncryption 46:8c:38:89:72:6f:e0:92:69:d0:b2:4b:d1:f5:88:72:fb:e6: ec:2a:ac:e9:20:48:af:b6:fc:50:1e:7d:48:68:45:3f:2e:7e: 37:98:3f:93:65:eb:d7:a1:fe:06:38:f5:bf:52:92:59:4a:6a: 71:2d:dc:3b:95:ab:5b:4c:79:2f:40:07:e3:f7:a7:f8:98:45: fb:25:f8:e9:0c:34:95:bb:2c:dc:b2:21:0c:c0:03:de:82:0b: 8d:1d:a6:58:6f:ce:6e:5f:3f:4c:90:47:8f:22:62:ff:2f:ee: 36:98:d7:39:b4:ec:4a:89:0d:dd:6a:4b:48:50:a7:04:f5:38: f0:84:a4:d5:d9:ed:1c:39:5b:3c:3f:dd:8a:c4:7a:59:5d:ec: 71:5d:5e:d8:ca:5e:be:95:a8:5a:81:0a:1d:82:df:55:86:de: 27:da:17:88:dc:0f:f0:26:46:f5:f8:3d:60:52:d6:d6:2b:6c: 05:5c:bb:8b:41:32:05:78:9d:ce:29:aa:01:18:e0:03:8a:22: 0b:8e:3b:8a:b9:35:2f:ee:b4:d7:1c:07:7f:54:13:60:dd:cf: d9:f9:06:2d:54:fd:17:62:51:45:d1:b1:93:d6:ce:5a:91:fd: ea:e7:cc:e6:c5:58:10:47:ff:97:bc:8c:d7:fa:91:ad:8e:26: b8:96:68:4a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUO2i0o2Nt1jj6rk5PxYkNhaq6P0YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVmYTUwNjBmNzc4ZTJkMDg4ZTUyMmIzMDA0ODkzMzM4MDlhOTJmMDNiMDY2 MmNhZDkxY2JkNzE2NWY5ZGJkODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANpjXfoS9g9T82kxwquE6qA91v+HPRkVyS9Dr8zg1+cP66zxC7bTRQbLRCvF gx0nYAJ2fGWsJ2K3CaeSOb3JVeRDWpsqtfMnn6D3QOIeacf0pazwAkrKYHLWn63G WtHNYLIoNQtp2HIFrx7HeVVn4NmgPkvpWbxVs6OYV0tcMM6qiZGWq5BD3SYu07P7 VqkdywB7GUDeS4qCBy3JRuMQAvdBQhANj5Qscefc6sDWTcnFAjUWDbBo5YfjuNiv UXm71hW4UEUYeITtNNy/iUSzQKrS86p1Zb12wjsMMFjBL0s6ZxaWebsClsuxOir8 iwnyt93EPZaT+wwczSiKI/AkAacCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRArgvl o/7w3U0QGJJjmo4KI+arLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G CSqGSIb3DQEBCwUAA4IBAQBGjDiJcm/gkmnQskvR9Yhy++bsKqzpIEivtvxQHn1I aEU/Ln43mD+TZevXof4GOPW/UpJZSmpxLdw7latbTHkvQAfj96f4mEX7JfjpDDSV uyzcsiEMwAPegguNHaZYb85uXz9MkEePImL/L+42mNc5tOxKiQ3daktIUKcE9Tjw hKTV2e0cOVs8P92KxHpZXexxXV7Yyl6+lahagQodgt9Vht4n2heI3A/wJkb1+D1g UtbWK2wFXLuLQTIFeJ3OKaoBGOADiiILjjuKuTUv7rTXHAd/VBNg3c/Z+QYtVP0X YlFF0bGT1s5akf3q58zmxVgQR/+XvIzX+pGtjia4lmhK -----END CERTIFICATE-----Generated at Wed Dec 3 05:14:55 2025 by rpki-client