This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa File: 7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa (raw, json) Hash identifier: 9KpOA8rcB7oVOO/pXdiB+v2tQ3UvMeYaO+CFaiUiOZg= Subject key identifier: 34:17:E7:84:E4:30:63:8F:6A:B9:A7:E1:25:C3:15:AB:1E:8B:5E:C9 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3C59DDC583F5E39B767E569F41A29B10F10B2596 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa Signing time: Tue 18 Nov 2025 00:40:31 +0000 ROA not before: Tue 18 Nov 2025 00:40:31 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.93.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:59:dd:c5:83:f5:e3:9b:76:7e:56:9f:41:a2:9b:10:f1:0b:25:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:31 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=a54e1de5d91f247b95fd78dc3c0df4a04a065566a449a41520bcd6f6aab910c0, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:bf:d9:58:2b:a5:22:b0:3a:bd:e7:65:fb:dc: db:27:fd:58:37:37:11:bd:20:2d:46:80:44:6a:e9: 9e:17:3b:9b:01:b2:12:df:b7:4a:9f:16:7c:2e:dc: 22:a5:44:e3:b6:66:e4:86:91:8c:0e:53:1d:f7:01: 39:58:0b:43:04:55:80:7a:64:69:3c:84:b1:25:bd: de:bd:d8:d4:d1:9e:a2:54:c6:f6:8e:a7:7c:38:a2: 17:29:ff:86:d1:7e:e4:0b:05:42:d6:cc:83:10:fd: e4:9c:4a:37:8f:01:62:72:90:84:91:89:e3:bc:ec: dd:9b:3e:cd:bd:20:99:27:f4:e2:4f:6e:d4:22:4a: 14:82:91:4d:c6:d9:d4:c5:a8:c1:d4:3d:41:7c:c2: f8:59:80:dc:58:28:86:22:34:c8:ec:b4:e8:58:96: 9b:d6:93:3d:c9:37:47:a7:6b:19:4c:ab:f8:95:6e: f3:79:41:f7:6b:a5:dd:ee:d5:41:c6:7c:e0:f3:bd: 41:17:47:ae:6d:4d:ad:27:64:42:c8:3c:ea:94:29: c2:2d:6c:d8:10:08:a1:2b:04:df:d6:92:f2:e1:4f: 89:ca:4a:a3:47:7d:8e:d2:25:ad:52:d9:40:57:c0: 68:f3:16:6a:f2:29:4b:c1:4e:22:a5:b6:70:7c:77: 0e:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:17:E7:84:E4:30:63:8F:6A:B9:A7:E1:25:C3:15:AB:1E:8B:5E:C9 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f7195fd-bf95-4b3a-81b1-908a89b8b4b1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.93.0.0/16 Signature Algorithm: sha256WithRSAEncryption 86:95:39:b8:bd:fd:45:3f:0e:e6:60:f0:3d:97:56:48:d9:ed: 69:8b:08:71:7e:0a:75:f8:f5:5b:c7:45:d1:dd:3a:45:ca:59: bb:49:42:b8:d5:08:87:6f:63:b8:af:37:96:b7:c3:03:de:a1: c4:6d:e2:50:5d:dc:a7:6b:0a:a0:92:a6:a9:00:60:24:d2:53: 99:c7:c5:b8:53:28:e1:52:87:2d:8b:49:1d:27:a0:24:2c:da: 9a:86:4c:24:d0:16:a6:c6:21:7c:e3:0f:cd:20:7f:5a:c5:9b: 92:f1:9e:0a:81:f4:4c:75:d3:30:60:47:eb:0a:52:a9:32:51: 60:6b:bc:5a:19:c7:b2:42:67:f1:fa:69:f0:8d:e9:7e:77:f2: d2:c8:e0:8e:6a:d1:bb:06:8e:06:75:c4:28:8b:ab:d6:0d:51: f7:90:2e:dd:93:3d:fb:a3:78:79:0b:cd:45:d2:5b:d0:4b:e1: a0:78:0a:45:4a:4e:c1:56:4e:9a:a2:05:ba:ee:6e:aa:88:d4: c5:8d:20:e9:a4:6a:fe:ee:1d:f0:5d:f9:8f:a3:74:ab:ac:b7: cf:5c:a4:4c:e2:3d:c1:7e:08:0b:46:60:46:53:26:13:c5:42: 7f:9b:80:8b:8d:d0:64:55:19:ad:76:6c:72:53:0d:3b:3f:3f: de:52:cb:ed -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUPFndxYP145t2flafQaKbEPELJZYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMzFaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGE1NGUxZGU1ZDkxZjI0N2I5NWZkNzhkYzNjMGRmNGEwNGEwNjU1NjZhNDQ5 YTQxNTIwYmNkNmY2YWFiOTEwYzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKu/2VgrpSKwOr3nZfvc2yf9WDc3Eb0gLUaARGrpnhc7mwGyEt+3Sp8WfC7c IqVE47Zm5IaRjA5THfcBOVgLQwRVgHpkaTyEsSW93r3Y1NGeolTG9o6nfDiiFyn/ htF+5AsFQtbMgxD95JxKN48BYnKQhJGJ47zs3Zs+zb0gmSf04k9u1CJKFIKRTcbZ 1MWowdQ9QXzC+FmA3FgohiI0yOy06FiWm9aTPck3R6drGUyr+JVu83lB92ul3e7V QcZ84PO9QRdHrm1NrSdkQsg86pQpwi1s2BAIoSsE39aS8uFPicpKo0d9jtIlrVLZ QFfAaPMWavIpS8FOIqW2cHx3Dr0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0F+eE 5DBjj2q5p+ElwxWrHoteyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv N2Y3MTk1ZmQtYmY5NS00YjNhLTgxYjEtOTA4YTg5YjhiNGIxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G CSqGSIb3DQEBCwUAA4IBAQCGlTm4vf1FPw7mYPA9l1ZI2e1piwhxfgp1+PVbx0XR 3TpFylm7SUK41QiHb2O4rzeWt8MD3qHEbeJQXdynawqgkqapAGAk0lOZx8W4Uyjh Uocti0kdJ6AkLNqahkwk0BamxiF84w/NIH9axZuS8Z4KgfRMddMwYEfrClKpMlFg a7xaGceyQmfx+mnwjel+d/LSyOCOatG7Bo4GdcQoi6vWDVH3kC7dkz37o3h5C81F 0lvQS+GgeApFSk7BVk6aogW67m6qiNTFjSDppGr+7h3wXfmPo3SrrLfPXKRM4j3B fggLRmBGUyYTxUJ/m4CLjdBkVRmtdmxyUw07Pz/eUsvt -----END CERTIFICATE-----Generated at Sat Nov 22 21:39:07 2025 by rpki-client