This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json) Hash identifier: pIZ6+1g3TIVcg8vAaZp/nHw51HTPIX8f3lsyAFpaY+o= Subject key identifier: A3:3B:15:E3:83:FF:07:03:6C:0C:6D:D7:64:2E:E7:3F:91:94:C3:BD Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0B84FAD013DE59F437F2697563617D2769EABC9D Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa Signing time: Wed 10 Dec 2025 06:30:15 +0000 ROA not before: Wed 10 Dec 2025 06:30:15 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 145.17.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:84:fa:d0:13:de:59:f4:37:f2:69:75:63:61:7d:27:69:ea:bc:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:15 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4266fea9e0def15c6152b285144d446525f207ead0234087041212d47b6a2186, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:87:b4:dc:2c:6c:2c:00:10:48:53:b8:22:96: 1b:44:22:ba:e7:37:5e:8c:d0:32:d4:95:3c:a9:29: e7:06:4d:05:ad:6a:1c:fe:e0:fa:b2:f1:d7:ae:1e: 67:ca:8a:68:74:58:78:13:8c:7f:d5:0b:76:82:4d: c5:3a:79:c2:f1:61:fe:b1:32:93:36:a6:ae:10:b0: 4a:c2:b3:41:d0:f1:90:ac:40:39:9e:a5:c0:8e:cb: eb:55:cd:26:c0:1f:77:c1:9e:1e:ea:36:b3:4f:17: 32:4f:71:15:43:22:18:e8:e5:e4:40:a2:fe:3c:77: bb:8f:99:8f:3d:a6:68:3b:a2:31:e1:33:55:b4:01: 34:73:e0:40:6d:db:54:49:02:f4:3e:97:50:74:7b: 1a:6d:79:2f:fd:a9:99:71:41:5b:ed:01:6c:57:5e: 0b:02:99:35:b4:67:d8:e5:9f:77:4b:af:ca:b8:cc: eb:8b:a7:e3:f7:7b:04:59:55:77:f3:a9:4b:24:59: 07:66:00:cd:63:d0:30:91:5c:fa:76:e2:d4:4e:fd: 7f:88:fe:d8:34:20:77:d1:a2:7e:72:bc:0a:a7:7b: 52:b3:d2:a1:90:45:14:13:f6:19:f1:1a:c1:fe:4c: f1:21:e0:7f:8a:b7:25:99:fc:94:e6:05:90:9f:97: d9:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:3B:15:E3:83:FF:07:03:6C:0C:6D:D7:64:2E:E7:3F:91:94:C3:BD X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 145.17.0.0/16 Signature Algorithm: sha256WithRSAEncryption a9:e1:3c:b3:45:f2:86:d1:6b:b2:ee:f3:b9:ca:41:df:3e:3f: 53:54:60:dc:f8:c5:b0:0c:ff:b2:83:a9:0a:3d:18:ac:5f:1b: 7f:87:7c:24:95:4b:98:ac:34:2d:9e:ae:d3:89:eb:9d:f2:ab: df:85:62:52:1b:38:0e:32:fc:8d:a1:f7:f6:70:f8:8b:7e:f7: 7f:9a:56:88:d9:cf:67:47:64:8c:5a:fb:4e:61:86:8b:d8:b8: 2f:51:64:7f:d5:be:19:6a:d2:d2:b0:27:84:5d:ab:79:ae:a2: e2:0c:3b:b6:fa:80:18:90:11:b6:65:b7:80:97:e0:a8:6b:36: a8:68:fa:e4:e5:7b:e9:eb:7f:21:ea:42:e8:d3:88:80:3d:9b: f5:0f:0b:88:fc:12:eb:0d:cf:04:e4:2c:91:36:c0:6a:66:5c: c9:82:58:93:9e:a6:cb:3a:cc:56:92:36:78:83:6d:1a:82:5d: 7b:e3:1b:0f:ef:09:f8:5e:4c:ee:91:bd:a6:fb:4f:bc:cb:4a: 3c:bf:a7:1a:eb:45:16:04:db:36:8e:e8:1a:6f:7f:a7:fe:a1: 0f:ff:f3:79:1a:88:4a:ff:37:15:76:56:49:c1:fa:ad:fa:dd: 1f:14:06:14:ac:da:d0:64:dc:20:f4:ad:82:78:5d:f2:cc:67: f6:93:4c:12 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUC4T60BPeWfQ38ml1Y2F9J2nqvJ0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQyNjZmZWE5ZTBkZWYxNWM2MTUyYjI4NTE0NGQ0NDY1MjVmMjA3ZWFkMDIz NDA4NzA0MTIxMmQ0N2I2YTIxODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANGHtNwsbCwAEEhTuCKWG0Qiuuc3XozQMtSVPKkp5wZNBa1qHP7g+rLx164e Z8qKaHRYeBOMf9ULdoJNxTp5wvFh/rEykzamrhCwSsKzQdDxkKxAOZ6lwI7L61XN JsAfd8GeHuo2s08XMk9xFUMiGOjl5ECi/jx3u4+Zjz2maDuiMeEzVbQBNHPgQG3b VEkC9D6XUHR7Gm15L/2pmXFBW+0BbFdeCwKZNbRn2OWfd0uvyrjM64un4/d7BFlV d/OpSyRZB2YAzWPQMJFc+nbi1E79f4j+2DQgd9GifnK8Cqd7UrPSoZBFFBP2GfEa wf5M8SHgf4q3JZn8lOYFkJ+X2aECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSjOxXj g/8HA2wMbddkLuc/kZTDvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G CSqGSIb3DQEBCwUAA4IBAQCp4TyzRfKG0Wuy7vO5ykHfPj9TVGDc+MWwDP+yg6kK PRisXxt/h3wklUuYrDQtnq7Tieud8qvfhWJSGzgOMvyNoff2cPiLfvd/mlaI2c9n R2SMWvtOYYaL2LgvUWR/1b4ZatLSsCeEXat5rqLiDDu2+oAYkBG2ZbeAl+Coazao aPrk5Xvp638h6kLo04iAPZv1DwuI/BLrDc8E5CyRNsBqZlzJgliTnqbLOsxWkjZ4 g20agl174xsP7wn4Xkzukb2m+0+8y0o8v6ca60UWBNs2jugab3+n/qEP//N5GohK /zcVdlZJwfqt+t0fFAYUrNrQZNwg9K2CeF3yzGf2k0wS -----END CERTIFICATE-----Generated at Fri Dec 19 15:57:49 2025 by rpki-client