This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json) Hash identifier: /TBGDYgg9d4QHdralaI1ipcinri6G271jtKdXhLt05c= Subject key identifier: 2A:A5:3D:25:60:FB:3D:E8:5F:DC:7C:63:78:2C:AE:99:25:BC:D8:7E Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 022A0AFA3D58CBD07FDD06CAA939FAA86E8800C4 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa Signing time: Wed 10 Dec 2025 06:40:06 +0000 ROA not before: Wed 10 Dec 2025 06:40:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 143.65.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:2a:0a:fa:3d:58:cb:d0:7f:dd:06:ca:a9:39:fa:a8:6e:88:00:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=be629df4e499f45e8754f10714aa380003f647f7b33bd2dd21c052b4dfee17c0, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e0:b9:30:51:ee:59:62:7d:5d:d8:b6:fd:17: 24:6e:b7:3d:e9:a6:85:07:60:1a:23:56:7e:c5:ab: 56:0a:67:d3:f6:98:16:f2:fc:ae:0c:4e:b2:14:02: 2a:66:92:ea:bc:06:f7:cd:c3:c7:48:22:6c:51:34: 7f:19:3b:ae:36:74:ee:8c:20:75:77:3d:d8:fd:17: 06:8d:32:5b:ad:15:7f:ca:e8:b4:5b:47:11:b7:e2: ce:ed:6d:d6:dd:32:14:40:b4:05:41:53:0e:da:45: c0:80:0c:8d:5c:fd:25:9c:d6:c3:a1:86:33:c6:10: 5f:97:24:8d:9f:1d:11:2d:41:42:d5:26:25:4d:8e: a8:6c:de:08:bb:6b:22:fb:b3:2a:3b:64:a1:33:78: e9:3b:7f:ec:73:51:f0:69:5b:98:d4:73:6b:71:80: 39:b1:b8:c7:2c:18:63:cc:e4:34:c2:6f:64:da:fe: 18:73:ad:e5:67:c9:ca:48:df:80:a1:09:0d:7e:8a: 5f:96:b3:15:3b:34:6f:02:fb:b0:01:95:53:95:f9: e1:70:4f:40:da:3f:04:10:3d:a5:80:71:ad:6e:ff: 0a:aa:ec:ad:37:9e:83:c9:37:4e:f0:c9:c7:21:81: 58:05:a9:ba:29:f8:17:88:78:51:e0:8e:23:06:cc: cd:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:A5:3D:25:60:FB:3D:E8:5F:DC:7C:63:78:2C:AE:99:25:BC:D8:7E X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.65.128.0/18 Signature Algorithm: sha256WithRSAEncryption 05:c1:3c:80:f3:d1:0f:9b:5d:09:93:85:9c:3a:57:bf:26:0f: 2e:5a:f9:89:77:87:5d:5c:49:ab:48:62:7e:ad:b4:8a:09:48: 76:76:19:a3:29:db:3a:ad:10:c3:da:3c:66:35:10:b0:ef:0c: d2:53:13:67:0e:43:b3:b3:bb:45:da:c8:86:2e:2e:0e:b6:b0: 38:98:c8:07:05:8d:1d:c2:f5:11:e1:a1:cb:fb:d6:e5:fc:44: 7d:95:96:d2:e9:82:52:22:31:c6:c7:e6:5e:82:62:90:8f:a2: e1:e8:27:72:02:bc:fc:9a:93:57:d2:ff:51:c6:22:3f:0a:44: 8d:8c:b7:56:4e:75:03:45:e5:09:a6:df:34:34:4d:9b:9a:29: dc:26:c0:ee:9b:e3:1a:64:4e:d5:fa:37:84:a0:b4:2c:c9:38: e6:52:93:37:88:a9:66:aa:d9:19:b4:41:20:ea:a2:d4:4f:ee: c8:7c:20:bb:40:2f:f8:81:2f:06:b4:06:01:a9:db:59:94:70: 53:fa:f4:dd:d5:0d:dd:9f:59:a1:e8:2f:cd:24:c7:20:e4:79: 8c:f7:a9:2a:52:3b:83:10:7e:19:c0:16:3f:e3:22:c1:60:31: 7b:08:8f:72:5d:8a:e9:c8:5a:37:f5:26:e2:5a:93:fb:bb:87: 89:a1:31:d5 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUAioK+j1Yy9B/3QbKqTn6qG6IAMQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJlNjI5ZGY0ZTQ5OWY0NWU4NzU0ZjEwNzE0YWEzODAwMDNmNjQ3ZjdiMzNi ZDJkZDIxYzA1MmI0ZGZlZTE3YzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/guTBR7llifV3Ytv0XJG63PemmhQdgGiNWfsWrVgpn0/aYFvL8rgxOshQC KmaS6rwG983Dx0gibFE0fxk7rjZ07owgdXc92P0XBo0yW60Vf8rotFtHEbfizu1t 1t0yFEC0BUFTDtpFwIAMjVz9JZzWw6GGM8YQX5ckjZ8dES1BQtUmJU2OqGzeCLtr IvuzKjtkoTN46Tt/7HNR8GlbmNRza3GAObG4xywYY8zkNMJvZNr+GHOt5WfJykjf gKEJDX6KX5azFTs0bwL7sAGVU5X54XBPQNo/BBA9pYBxrW7/CqrsrTeeg8k3TvDJ xyGBWAWpuin4F4h4UeCOIwbMzRsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQqpT0l YPs96F/cfGN4LK6ZJbzYfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN BgkqhkiG9w0BAQsFAAOCAQEABcE8gPPRD5tdCZOFnDpXvyYPLlr5iXeHXVxJq0hi fq20iglIdnYZoynbOq0Qw9o8ZjUQsO8M0lMTZw5Ds7O7RdrIhi4uDrawOJjIBwWN HcL1EeGhy/vW5fxEfZWW0umCUiIxxsfmXoJikI+i4egncgK8/JqTV9L/UcYiPwpE jYy3Vk51A0XlCabfNDRNm5op3CbA7pvjGmRO1fo3hKC0LMk45lKTN4ipZqrZGbRB IOqi1E/uyHwgu0Av+IEvBrQGAanbWZRwU/r03dUN3Z9ZoegvzSTHIOR5jPepKlI7 gxB+GcAWP+MiwWAxewiPcl2K6chaN/Um4lqT+7uHiaEx1Q== -----END CERTIFICATE-----Generated at Thu Jan 22 22:17:42 2026 by rpki-client