This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa File: 07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa (raw, json) Hash identifier: b83JQW7ygalBnZqVkAuX7QCC+3VkAKWhmLFEsF/Cm1Q= Subject key identifier: 93:5C:0B:60:57:7F:DB:B7:FC:DC:A2:4A:7E:56:7F:3E:9B:41:A0:5F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2D259D0E051AED64422FE48095169F2D5BE9347F Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa Signing time: Sat 15 Nov 2025 06:40:30 +0000 ROA not before: Sat 15 Nov 2025 06:40:30 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 51.35.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:25:9d:0e:05:1a:ed:64:42:2f:e4:80:95:16:9f:2d:5b:e9:34:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:30 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a631efd79474b88e42c198b7701bf06e2acc101e1972304167d66b9c91ca891c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:66:1f:e3:f1:bc:c4:79:1a:e4:41:c4:ec:19: c2:f9:e5:ea:0e:f0:e7:dd:86:3f:4e:42:61:97:7f: 93:80:58:99:44:26:d5:cb:3c:d5:3b:58:a5:cc:42: 7b:96:e3:cb:1a:43:19:6c:0b:ed:50:2d:45:ed:4e: 3f:a8:b6:e6:64:aa:f5:7b:0c:11:0a:3c:c4:4d:63: 58:71:ca:1f:34:88:a8:b1:4b:4d:d6:f6:2c:68:c2: 9c:eb:02:28:6c:2b:62:3e:2c:e9:07:1a:e6:b3:f2: f2:24:67:14:2a:06:c1:68:44:f2:fb:56:19:46:65: 11:39:5c:6f:e3:75:70:01:8a:14:64:07:f4:8c:15: e2:80:7d:a2:5c:1e:b3:42:a9:d1:d5:b5:ff:54:f8: 9f:62:f4:9d:d7:20:26:72:4e:dc:d8:44:56:23:60: 1d:35:bc:77:44:28:87:a4:fa:9f:4c:2a:6c:01:de: 1e:e1:50:87:f5:7b:e8:64:38:ca:40:73:81:09:1a: 16:f7:8a:bf:75:a2:65:74:f2:ee:c1:d2:81:1f:92: 3a:c7:29:96:c2:b9:08:f3:b8:05:73:5e:2f:7f:87: 1d:49:9e:b4:57:8b:10:5b:4a:db:b6:8e:d7:6f:d2: b9:92:a3:45:a2:58:c9:86:36:a7:dd:65:34:f6:13: fa:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:5C:0B:60:57:7F:DB:B7:FC:DC:A2:4A:7E:56:7F:3E:9B:41:A0:5F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.35.0.0/16 Signature Algorithm: sha256WithRSAEncryption b0:1f:aa:98:6a:eb:b4:2d:36:50:a5:b2:55:d3:66:87:17:9b: 40:12:94:52:9f:22:9b:bc:ee:f1:d2:84:41:8f:94:6b:28:42: 65:26:18:0f:f8:e5:c4:eb:2f:9c:57:07:1b:d9:1f:5a:fc:e0: ef:f7:94:86:e2:58:05:0d:7b:63:ea:63:38:ca:58:e6:ae:11: c4:03:3f:53:99:55:f2:16:59:73:e4:22:27:e4:6f:6d:b5:d6: d8:7d:0d:29:97:40:03:11:33:89:ce:08:2e:be:14:53:c0:06: 81:7e:02:a1:9a:52:a9:20:f1:b7:ca:e1:c6:60:46:e4:d0:df: 14:b0:b7:29:70:a6:8d:80:ab:ab:db:bb:27:3a:f5:ba:11:fd: 11:b4:96:b4:17:44:2a:2d:7a:8d:97:b7:18:21:d1:52:6a:95: f0:65:82:b5:99:2a:1c:e5:a8:b8:39:96:60:07:4e:94:9f:3f: bf:3b:a1:86:ed:9d:e8:85:b7:fe:88:b8:32:fd:06:1b:d2:20: fb:52:0b:15:08:3b:80:4e:90:7e:e7:ed:ea:58:64:55:47:1d: d6:e2:59:bb:d3:e7:23:b6:36:23:8b:10:ae:f2:3b:48:a3:16: 44:83:e4:c2:55:47:eb:27:bf:06:78:f4:6e:0e:c7:db:45:11: 03:81:99:84 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIULSWdDgUa7WRCL+SAlRafLVvpNH8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMzBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGE2MzFlZmQ3OTQ3NGI4OGU0MmMxOThiNzcwMWJmMDZlMmFjYzEwMWUxOTcy MzA0MTY3ZDY2YjljOTFjYTg5MWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALNmH+PxvMR5GuRBxOwZwvnl6g7w592GP05CYZd/k4BYmUQm1cs81TtYpcxC e5bjyxpDGWwL7VAtRe1OP6i25mSq9XsMEQo8xE1jWHHKHzSIqLFLTdb2LGjCnOsC KGwrYj4s6Qca5rPy8iRnFCoGwWhE8vtWGUZlETlcb+N1cAGKFGQH9IwV4oB9olwe s0Kp0dW1/1T4n2L0ndcgJnJO3NhEViNgHTW8d0Qoh6T6n0wqbAHeHuFQh/V76GQ4 ykBzgQkaFveKv3WiZXTy7sHSgR+SOscplsK5CPO4BXNeL3+HHUmetFeLEFtK27aO 12/SuZKjRaJYyYY2p91lNPYT+ksCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTXAtg V3/bt/zcokp+Vn8+m0GgXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MDdhMGEyZDctN2RlNy00ODA3LTg2M2YtZmNiZTdmODEwNmUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G CSqGSIb3DQEBCwUAA4IBAQCwH6qYauu0LTZQpbJV02aHF5tAEpRSnyKbvO7x0oRB j5RrKEJlJhgP+OXE6y+cVwcb2R9a/ODv95SG4lgFDXtj6mM4yljmrhHEAz9TmVXy Fllz5CIn5G9ttdbYfQ0pl0ADETOJzgguvhRTwAaBfgKhmlKpIPG3yuHGYEbk0N8U sLcpcKaNgKur27snOvW6Ef0RtJa0F0QqLXqNl7cYIdFSapXwZYK1mSoc5ai4OZZg B06Unz+/O6GG7Z3ohbf+iLgy/QYb0iD7UgsVCDuATpB+5+3qWGRVRx3W4lm70+cj tjYjixCu8jtIoxZEg+TCVUfrJ78GePRuDsfbRREDgZmE -----END CERTIFICATE-----Generated at Sat Nov 22 21:39:20 2025 by rpki-client