This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json) Hash identifier: hqRqq42jmkYW8g3Oez04Qw3MyIvbU6ZsRnbkTmuIS84= Subject key identifier: 18:A4:8F:0F:EB:C3:A7:1C:C2:F8:98:B3:42:60:B6:7C:60:3E:FC:68 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6EE76D836D9B001F4007B7A5EE27FE38002A5F15 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa Signing time: Sat 15 Nov 2025 06:40:12 +0000 ROA not before: Sat 15 Nov 2025 06:40:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.100.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 21 Nov 2025 09:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:e7:6d:83:6d:9b:00:1f:40:07:b7:a5:ee:27:fe:38:00:2a:5f:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6faa50c384f8b47b333f339275fedab45a81064e5b1da2372b2a1f23f36004a8, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:19:a4:84:46:23:9c:c4:16:c6:4a:16:9f:cb: 44:6e:8b:85:39:df:5b:a1:c1:c8:9d:c0:1c:43:0f: c1:38:7d:57:e9:18:a0:f0:5b:cb:b0:7f:18:37:f1: 4c:dd:e4:cc:37:1a:49:df:44:84:b3:86:d2:51:c4: 7d:62:85:ba:d1:02:8d:dd:83:10:a0:2e:07:d0:8c: 93:78:8f:41:4c:61:56:6b:12:29:63:3f:34:81:a8: a0:b9:cf:d6:24:e5:6d:0d:86:59:e6:d4:db:7a:a0: 66:79:a5:be:89:b8:26:07:0d:64:33:65:58:97:f8: 40:61:3e:13:d5:a8:b2:a9:c4:a9:44:29:36:ae:4b: a3:b3:8a:9b:7c:05:c3:d3:87:8c:31:3f:e2:67:4a: 6d:ce:1a:5f:68:2f:46:9b:de:24:e1:9a:00:66:a3: 38:d1:e6:ce:a8:b8:43:8e:bb:79:23:8d:c4:71:12: 57:7a:11:e8:bd:0e:51:d5:90:aa:ca:37:24:41:47: 72:eb:60:df:9b:5c:2f:78:97:bf:72:4f:25:cb:d3: e4:8e:ab:ed:1d:ee:90:a5:27:28:10:19:c1:2d:47: 11:39:6c:c7:20:6a:4f:99:92:88:23:c5:84:8a:45: d1:47:d3:90:bc:8e:09:57:0d:28:f9:5b:e3:67:36: 28:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:A4:8F:0F:EB:C3:A7:1C:C2:F8:98:B3:42:60:B6:7C:60:3E:FC:68 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.100.0.0/15 Signature Algorithm: sha256WithRSAEncryption 98:00:68:42:5c:4b:89:0d:40:b5:cc:24:af:8f:d8:e7:18:e9: 2d:f4:8c:b5:71:ff:5c:3e:c8:da:71:78:03:05:5c:4b:f4:d1: c6:f8:65:09:d8:75:65:fa:59:f4:e6:7e:46:15:bb:33:d9:0d: 83:95:bb:8d:7b:ee:87:3b:6c:45:1d:b1:82:38:ae:ae:7d:8a: c9:8d:13:20:a0:94:4f:e4:db:84:fa:63:98:69:17:d4:f8:94: 5a:7f:5f:29:2f:a6:bf:6e:d6:7a:a5:19:ed:c7:01:21:ae:90: 07:d9:7f:89:35:cd:63:d6:ab:e2:e7:29:a6:97:47:c9:4f:84: c0:d5:2a:6f:39:d8:27:62:61:82:d7:ee:fe:a2:73:5c:5e:71: 0c:d6:a4:1e:8b:72:3a:06:22:d8:c2:9e:10:15:d9:cd:09:22: f8:71:75:3b:84:ad:53:6a:97:7d:4f:8f:ca:3d:82:6e:51:ab: 9e:83:1e:23:12:04:07:f4:83:54:1b:dc:f4:ed:41:0c:0b:d4: 24:02:85:7f:2b:53:a4:e0:f8:55:66:8a:07:d5:40:cc:dc:ad: 92:bf:42:b2:9c:a8:d7:e5:ad:dd:41:10:f0:cf:2e:5e:70:11: 7c:c1:cd:96:04:71:be:af:87:7b:b8:fc:5e:b0:9d:32:49:fc: 59:1d:ed:b1 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUbudtg22bAB9AB7el7if+OAAqXxUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDZmYWE1MGMzODRmOGI0N2IzMzNmMzM5Mjc1ZmVkYWI0NWE4MTA2NGU1YjFk YTIzNzJiMmExZjIzZjM2MDA0YTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQZpIRGI5zEFsZKFp/LRG6LhTnfW6HByJ3AHEMPwTh9V+kYoPBby7B/GDfx TN3kzDcaSd9EhLOG0lHEfWKFutECjd2DEKAuB9CMk3iPQUxhVmsSKWM/NIGooLnP 1iTlbQ2GWebU23qgZnmlvom4JgcNZDNlWJf4QGE+E9WosqnEqUQpNq5Lo7OKm3wF w9OHjDE/4mdKbc4aX2gvRpveJOGaAGajONHmzqi4Q467eSONxHESV3oR6L0OUdWQ qso3JEFHcutg35tcL3iXv3JPJcvT5I6r7R3ukKUnKBAZwS1HETlsxyBqT5mSiCPF hIpF0UfTkLyOCVcNKPlb42c2KLUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYpI8P 68OnHML4mLNCYLZ8YD78aDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G CSqGSIb3DQEBCwUAA4IBAQCYAGhCXEuJDUC1zCSvj9jnGOkt9Iy1cf9cPsjacXgD BVxL9NHG+GUJ2HVl+ln05n5GFbsz2Q2DlbuNe+6HO2xFHbGCOK6ufYrJjRMgoJRP 5NuE+mOYaRfU+JRaf18pL6a/btZ6pRntxwEhrpAH2X+JNc1j1qvi5ymml0fJT4TA 1SpvOdgnYmGC1+7+onNcXnEM1qQei3I6BiLYwp4QFdnNCSL4cXU7hK1Tapd9T4/K PYJuUauegx4jEgQH9INUG9z07UEMC9QkAoV/K1Ok4PhVZooH1UDM3K2Sv0KynKjX 5a3dQRDwzy5ecBF8wc2WBHG+r4d7uPxesJ0ySfxZHe2x -----END CERTIFICATE-----Generated at Thu Nov 20 16:48:57 2025 by rpki-client