This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json) Hash identifier: RWhdwcZyFF5AnVGkYCWPDMtpsWXUr2rUuuZzCUk4qz4= Subject key identifier: A3:BD:05:35:D7:69:01:04:D6:46:7D:FD:20:D8:C4:CA:E3:E0:CE:D8 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1B1A170A61CA0E06E534AE02C423A7E88D009E03 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa Signing time: Sat 15 Nov 2025 06:50:06 +0000 ROA not before: Sat 15 Nov 2025 06:50:06 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.214.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 29 Nov 2025 05:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:1a:17:0a:61:ca:0e:06:e5:34:ae:02:c4:23:a7:e8:8d:00:9e:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:06 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f81126c87bb912cf58cc68d40e36516e0250d539d9c4199eaac601a24e66279c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:01:23:c1:a0:7b:30:40:8c:f3:ba:04:29:88: 0f:83:ce:be:7e:10:40:49:4c:c2:3d:1a:33:d1:d1: fc:c6:eb:13:53:ac:aa:dc:90:f8:a7:6c:ea:07:3b: 75:d2:26:1b:ce:2a:81:66:d5:37:84:5c:80:b9:a8: 59:6c:04:1c:19:f4:d7:03:63:bc:ff:e3:55:84:d6: b4:84:01:6a:8e:a9:9a:8e:4f:7f:8d:4a:a5:31:e0: 2d:8a:36:13:4b:60:92:e0:20:50:ff:1d:bc:df:2f: 0c:b9:1c:0a:80:d6:66:69:cd:ba:db:37:fa:f9:96: 75:a1:f3:5e:8d:eb:27:91:e7:49:14:96:34:39:9c: 1f:64:c2:c5:1f:5c:dd:92:4e:c8:39:b7:fc:eb:f2: 73:ef:86:1a:c6:74:53:ed:94:81:e9:de:2d:39:7c: ce:37:88:d4:1f:14:92:da:26:fd:58:16:5e:a1:47: 05:46:d6:3e:82:f9:cd:d4:a4:3e:e1:4f:62:98:42: f2:ae:56:bb:b4:b7:9b:69:f8:ed:21:f0:12:c4:e5: 20:db:40:3b:d5:2c:da:77:cd:aa:c2:18:9a:49:4d: 62:0d:92:2d:0d:c8:d7:f1:b6:1f:b6:b6:be:f1:7b: 96:a0:c6:3f:f2:bf:1f:bf:60:04:3a:a5:f7:10:62: ee:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:BD:05:35:D7:69:01:04:D6:46:7D:FD:20:D8:C4:CA:E3:E0:CE:D8 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.214.0.0/15 Signature Algorithm: sha256WithRSAEncryption 1b:14:fc:d6:9f:5b:45:67:fb:bb:cc:13:6e:2c:5e:5f:fb:4c: 28:dd:84:d4:4e:e9:18:82:fb:aa:29:1b:20:6f:f6:de:44:cd: 2f:83:c7:d4:6e:a3:ee:9e:dc:82:41:d9:80:42:3a:43:f0:ed: a2:dd:14:cc:26:ff:36:a8:cc:85:38:82:ab:e5:07:37:67:58: b9:4b:8e:46:c4:e1:03:59:ab:e7:4b:09:8c:0f:3f:6e:f4:ec: 14:33:f3:7c:a9:d4:18:1b:b2:7d:72:b4:f2:2a:81:83:ae:de: 9c:ad:39:09:d0:1c:2b:5f:b1:3f:7d:48:19:72:2e:73:f8:af: c8:d0:0b:de:dc:26:60:c0:1e:cf:ad:8f:8f:b6:20:4e:84:d2: fa:a4:3d:f6:4d:53:35:f9:f2:45:3f:56:22:a5:30:ba:db:63: e6:19:31:bc:8d:7c:3f:f2:91:60:46:c2:08:28:83:fa:90:07: c3:0d:2e:68:91:29:b1:95:0a:62:85:b0:03:87:1d:25:5e:f6: 8c:a4:3f:46:5f:ae:81:0f:f7:88:11:7e:dc:42:df:31:2a:39: fb:5c:6a:e3:c5:db:db:d3:bd:66:f1:5a:83:b9:f1:f6:1b:31: 10:d1:aa:20:8c:bf:9c:5f:99:67:d8:51:fa:93:25:e8:7f:33: cd:6f:bd:b8 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUGxoXCmHKDgblNK4CxCOn6I0AngMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGY4MTEyNmM4N2JiOTEyY2Y1OGNjNjhkNDBlMzY1MTZlMDI1MGQ1MzlkOWM0 MTk5ZWFhYzYwMWEyNGU2NjI3OWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANYBI8GgezBAjPO6BCmID4POvn4QQElMwj0aM9HR/MbrE1OsqtyQ+Kds6gc7 ddImG84qgWbVN4RcgLmoWWwEHBn01wNjvP/jVYTWtIQBao6pmo5Pf41KpTHgLYo2 E0tgkuAgUP8dvN8vDLkcCoDWZmnNuts3+vmWdaHzXo3rJ5HnSRSWNDmcH2TCxR9c 3ZJOyDm3/Ovyc++GGsZ0U+2UgeneLTl8zjeI1B8Uktom/VgWXqFHBUbWPoL5zdSk PuFPYphC8q5Wu7S3m2n47SHwEsTlINtAO9Us2nfNqsIYmklNYg2SLQ3I1/G2H7a2 vvF7lqDGP/K/H79gBDql9xBi7o8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSjvQU1 12kBBNZGff0g2MTK4+DO2DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G CSqGSIb3DQEBCwUAA4IBAQAbFPzWn1tFZ/u7zBNuLF5f+0wo3YTUTukYgvuqKRsg b/beRM0vg8fUbqPuntyCQdmAQjpD8O2i3RTMJv82qMyFOIKr5Qc3Z1i5S45GxOED WavnSwmMDz9u9OwUM/N8qdQYG7J9crTyKoGDrt6crTkJ0BwrX7E/fUgZci5z+K/I 0Ave3CZgwB7PrY+PtiBOhNL6pD32TVM1+fJFP1YipTC622PmGTG8jXw/8pFgRsII KIP6kAfDDS5okSmxlQpihbADhx0lXvaMpD9GX66BD/eIEX7cQt8xKjn7XGrjxdvb 071m8VqDufH2GzEQ0aogjL+cX5ln2FH6kyXofzPNb724 -----END CERTIFICATE-----Generated at Fri Nov 28 10:21:37 2025 by rpki-client