This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json) Hash identifier: KOLQOfPC1YfsWN+YpCteVGMcDuRmaaBc+L9e4Awyc0E= Subject key identifier: 77:A3:22:1A:38:2D:6E:76:F4:46:BA:3C:76:7F:3B:CE:74:A9:F4:E7 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 248C18E77DF12A3BD99A669550CD6DBD4DDB1523 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa Signing time: Wed 10 Dec 2025 06:50:06 +0000 ROA not before: Wed 10 Dec 2025 06:50:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 213.72.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:8c:18:e7:7d:f1:2a:3b:d9:9a:66:95:50:cd:6d:bd:4d:db:15:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f672438e6a3533258d3a7035634422dab3557670f6a7f53cfdc413e31e505895, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1f:6a:5b:95:53:d9:09:33:4f:2c:2d:0a:d5: 4e:97:5b:08:3d:40:6c:c1:de:a3:17:64:be:df:24: f7:cc:41:81:2c:eb:91:7d:b0:ea:7b:1b:b6:f7:8d: 62:70:f7:06:34:1c:05:0e:0e:9d:a8:74:43:cc:a0: 68:1a:db:2f:cf:85:96:f9:74:e1:bf:0e:2e:02:ce: 7e:2f:c8:1d:e3:1a:64:5f:8e:b9:79:57:f2:f4:a3: 66:97:e6:94:7c:3f:af:38:49:a5:1d:6f:5d:d5:3f: 60:bd:f4:d7:26:82:55:9e:43:26:6d:47:69:20:a8: 3d:27:37:b2:d1:65:01:f8:53:17:39:c3:16:1d:77: 84:d6:f7:1d:50:c7:a6:d2:09:7f:eb:e9:7c:b0:a1: 32:5c:55:68:e6:37:7b:40:59:18:9c:e4:c8:92:1f: 1b:cb:08:36:95:f6:64:9f:ed:d8:a5:0d:33:d9:43: 97:00:e6:81:4a:f1:e7:f3:86:6f:6f:ef:76:e7:22: 3e:03:9f:57:7f:58:0d:ba:ce:7b:c5:d8:43:1e:c6: cf:87:1c:7c:c5:44:f2:70:cb:c5:2f:c8:06:78:13: 0f:c3:97:93:5b:74:b0:dd:79:fb:af:e0:f1:91:69: 30:b1:ca:30:c5:6c:97:6d:aa:0f:6a:38:d6:5b:f5: 2d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:A3:22:1A:38:2D:6E:76:F4:46:BA:3C:76:7F:3B:CE:74:A9:F4:E7 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.72.0.0/17 Signature Algorithm: sha256WithRSAEncryption 55:67:37:42:28:f1:bb:94:84:c0:87:65:d3:79:e7:b7:ee:f7: 88:da:55:f0:46:5b:aa:ba:b7:43:55:46:ba:e6:fe:e4:fc:34: 3b:92:13:51:13:6c:32:ff:3f:9a:4b:37:dc:f4:44:4d:d2:48: 99:79:02:f1:6d:e4:9e:83:df:fc:47:68:28:9d:fd:2b:23:74: 60:ce:ab:90:84:d9:38:28:f3:c5:6d:ea:c7:c7:6f:4a:3f:04: bb:93:f0:b3:20:0f:2f:dd:e4:3a:d1:dc:40:5f:31:9f:e7:46: 0a:84:ac:cf:8a:8e:6d:c1:2f:a2:83:dc:c2:9b:dc:f5:f7:00: d3:da:cd:e1:0e:9f:71:a6:e6:0e:6d:80:47:d4:81:1d:51:c7: 63:ff:1d:c3:6b:14:45:8c:53:f2:6e:15:7e:c5:9b:94:31:cb: d7:53:60:b4:5c:7a:10:98:f0:89:62:55:96:07:4a:6d:88:b6: 30:83:ae:7c:bd:db:ad:f5:3d:eb:71:0b:6b:49:c3:64:9a:43: 7c:6a:c9:67:f7:28:fe:f9:a4:b2:6b:a3:5e:ef:14:0d:d2:bd: 41:c6:3b:17:6d:06:a7:5e:70:62:f7:3f:77:e4:e5:72:96:5b: 8a:16:d7:ba:c3:72:77:07:5f:64:ae:d0:f6:1c:f6:24:c4:eb: 1a:f2:6c:5e -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUJIwY533xKjvZmmaVUM1tvU3bFSMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY2NzI0MzhlNmEzNTMzMjU4ZDNhNzAzNTYzNDQyMmRhYjM1NTc2NzBmNmE3 ZjUzY2ZkYzQxM2UzMWU1MDU4OTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKofaluVU9kJM08sLQrVTpdbCD1AbMHeoxdkvt8k98xBgSzrkX2w6nsbtveN YnD3BjQcBQ4Onah0Q8ygaBrbL8+Flvl04b8OLgLOfi/IHeMaZF+OuXlX8vSjZpfm lHw/rzhJpR1vXdU/YL301yaCVZ5DJm1HaSCoPSc3stFlAfhTFznDFh13hNb3HVDH ptIJf+vpfLChMlxVaOY3e0BZGJzkyJIfG8sINpX2ZJ/t2KUNM9lDlwDmgUrx5/OG b2/vduciPgOfV39YDbrOe8XYQx7Gz4ccfMVE8nDLxS/IBngTD8OXk1t0sN15+6/g 8ZFpMLHKMMVsl22qD2o41lv1La8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR3oyIa OC1udvRGujx2fzvOdKn05zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN BgkqhkiG9w0BAQsFAAOCAQEAVWc3Qijxu5SEwIdl03nnt+73iNpV8EZbqrq3Q1VG uub+5Pw0O5ITURNsMv8/mks33PRETdJImXkC8W3knoPf/EdoKJ39KyN0YM6rkITZ OCjzxW3qx8dvSj8Eu5PwsyAPL93kOtHcQF8xn+dGCoSsz4qObcEvooPcwpvc9fcA 09rN4Q6fcabmDm2AR9SBHVHHY/8dw2sURYxT8m4VfsWblDHL11NgtFx6EJjwiWJV lgdKbYi2MIOufL3brfU963ELa0nDZJpDfGrJZ/co/vmksmujXu8UDdK9QcY7F20G p15wYvc/d+TlcpZbihbXusNydwdfZK7Q9hz2JMTrGvJsXg== -----END CERTIFICATE-----Generated at Fri Dec 19 14:08:43 2025 by rpki-client