This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json) Hash identifier: MEwfzdtkPttQFvkwDeEmwAnGxVQk0GPlh1GLFeDG1rU= Subject key identifier: A2:85:10:2F:22:17:35:D7:6D:69:9B:58:B8:75:1E:7D:77:78:75:80 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 15E838012BFB4F0FD61F9E8E4BF6344A6A73CAF6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa Signing time: Wed 10 Dec 2025 06:50:36 +0000 ROA not before: Wed 10 Dec 2025 06:50:36 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 200.197.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:e8:38:01:2b:fb:4f:0f:d6:1f:9e:8e:4b:f6:34:4a:6a:73:ca:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:36 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2ee904b983596e3b656a25c69eb746b7c7d5ec35af0cbdbd3fb5801109d10d68, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:1a:37:4d:03:94:82:15:c8:96:60:84:56:be: 02:ab:fd:51:76:59:a8:cb:e0:30:13:47:63:ba:c3: d9:9f:d7:51:df:6d:aa:fb:e9:7a:aa:36:20:ad:5f: 3e:c1:c7:4d:49:f2:54:b2:0a:c0:5e:88:10:b9:b2: 2a:29:bb:d4:f1:e4:63:cd:22:38:47:a5:80:35:8f: 43:b3:41:0d:98:1b:17:f0:9f:4b:7b:ae:eb:be:da: 1b:b7:87:2a:02:89:0b:1c:26:86:0e:5a:56:12:5e: ef:cf:ec:68:45:2a:f6:64:f0:de:c1:7a:a4:21:3e: 08:2a:93:42:ed:48:00:8a:b9:20:4e:e9:4c:33:4c: 7f:04:e2:58:c6:c3:ff:62:e8:60:fc:65:2e:0f:6f: 6c:8d:06:3e:e3:54:dc:23:a5:d0:fd:5b:b0:f3:b7: 2b:3d:63:b0:39:2f:f2:64:63:84:e6:9d:10:e7:08: 63:e7:3a:ad:9e:f2:19:3b:10:77:11:0e:f9:11:ce: da:e7:00:ba:f4:bb:26:a3:ac:24:d5:66:94:8f:a1: be:55:de:70:30:29:c7:8f:be:10:06:e6:3d:ad:e2: 6d:0f:26:b5:b3:18:99:fa:a5:c6:5e:1a:9f:fc:91: 71:15:ff:7c:09:ab:97:d3:61:aa:5c:3c:70:07:d5: 0a:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:85:10:2F:22:17:35:D7:6D:69:9B:58:B8:75:1E:7D:77:78:75:80 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 200.197.0.0/16 Signature Algorithm: sha256WithRSAEncryption 70:f2:6c:95:6c:87:71:f5:90:53:b1:7a:f6:5f:16:49:47:d0: 7c:e5:3d:6d:3e:5e:b6:b2:f1:76:15:58:7c:17:d9:5b:0b:a9: d6:41:1a:e8:67:cc:99:d4:cf:dc:da:52:07:0c:cc:d8:7b:38: 55:cc:7a:8e:c1:9c:1f:9a:22:69:0d:c5:2c:de:d1:3d:9e:f9: 11:6b:75:db:0e:33:2b:fd:26:8e:77:2b:35:a6:f2:20:bb:93: f7:b9:76:40:86:60:b9:ab:25:c2:e0:eb:d1:84:af:27:b9:75: 99:ec:47:b4:3e:82:ea:cd:5c:70:69:77:6f:fd:c0:9f:9b:60: 6c:07:d2:0d:4a:76:9b:ea:56:05:fc:c2:4d:ef:9d:03:1b:ba: 3b:7f:cc:a2:e3:83:87:04:28:53:f7:20:66:0f:81:80:c4:98: 32:05:ef:99:60:99:08:28:d4:58:64:cc:66:dd:e3:bd:ec:2c: 83:fe:df:89:2c:e5:a8:17:24:e8:e4:cd:f7:43:85:de:6c:45: 21:de:fc:8b:34:d1:fb:c4:95:26:0e:b0:15:9d:4f:d1:4a:b5: 03:24:02:f8:26:0f:bc:ba:37:d3:31:cd:cb:91:8e:be:e7:10: 65:ec:10:f6:04:2c:c2:3e:c0:e4:e6:48:1c:79:11:a0:33:0f: a8:db:83:cc -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUFeg4ASv7Tw/WH56OS/Y0SmpzyvYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJlZTkwNGI5ODM1OTZlM2I2NTZhMjVjNjllYjc0NmI3YzdkNWVjMzVhZjBj YmRiZDNmYjU4MDExMDlkMTBkNjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ0aN00DlIIVyJZghFa+Aqv9UXZZqMvgMBNHY7rD2Z/XUd9tqvvpeqo2IK1f PsHHTUnyVLIKwF6IELmyKim71PHkY80iOEelgDWPQ7NBDZgbF/CfS3uu677aG7eH KgKJCxwmhg5aVhJe78/saEUq9mTw3sF6pCE+CCqTQu1IAIq5IE7pTDNMfwTiWMbD /2LoYPxlLg9vbI0GPuNU3COl0P1bsPO3Kz1jsDkv8mRjhOadEOcIY+c6rZ7yGTsQ dxEO+RHO2ucAuvS7JqOsJNVmlI+hvlXecDApx4++EAbmPa3ibQ8mtbMYmfqlxl4a n/yRcRX/fAmrl9Nhqlw8cAfVCscCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSihRAv Ihc1121pm1i4dR59d3h1gDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G CSqGSIb3DQEBCwUAA4IBAQBw8myVbIdx9ZBTsXr2XxZJR9B85T1tPl62svF2FVh8 F9lbC6nWQRroZ8yZ1M/c2lIHDMzYezhVzHqOwZwfmiJpDcUs3tE9nvkRa3XbDjMr /SaOdys1pvIgu5P3uXZAhmC5qyXC4OvRhK8nuXWZ7Ee0PoLqzVxwaXdv/cCfm2Bs B9INSnab6lYF/MJN750DG7o7f8yi44OHBChT9yBmD4GAxJgyBe+ZYJkIKNRYZMxm 3eO97CyD/t+JLOWoFyTo5M33Q4XebEUh3vyLNNH7xJUmDrAVnU/RSrUDJAL4Jg+8 ujfTMc3LkY6+5xBl7BD2BCzCPsDk5kgceRGgMw+o24PM -----END CERTIFICATE-----Generated at Mon Dec 15 00:57:19 2025 by rpki-client