This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa File: bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa (raw, json) Hash identifier: WMzIum5wWKIug/xqCcp48V03cvbsF6gTgasYas6//os= Subject key identifier: BC:8A:A9:6F:74:CF:58:29:8F:F7:9E:BD:7D:DA:21:9F:E5:C9:5A:C9 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 38A078CE20324F031DF2040684B15183CD7113BC Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa Signing time: Sat 15 Nov 2025 06:40:11 +0000 ROA not before: Sat 15 Nov 2025 06:40:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 51.100.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 02:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:a0:78:ce:20:32:4f:03:1d:f2:04:06:84:b1:51:83:cd:71:13:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=caf1166030c98c6616311adbac49d0387b6131b238d4a8b7aacec4f8d9820b66, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:e5:ae:a0:f2:ee:79:0d:ca:59:80:6d:b2:dc: 05:3d:9c:e4:85:cd:32:13:1d:c4:60:6f:de:e4:31: 12:df:d9:d5:04:24:bb:a3:b8:6e:8f:18:19:65:56: 12:fb:0e:b2:5e:08:be:fd:26:26:7a:bf:bc:bc:54: 8c:d4:8d:c6:f8:67:7e:f2:bb:87:82:57:14:86:41: c5:6d:ed:06:c8:19:c2:e9:5a:35:f2:09:5d:e1:ea: cd:c5:de:9c:f5:91:ca:6f:67:d6:a2:42:18:d5:e4: 21:17:3c:bf:38:40:93:56:93:f2:7e:7d:8d:5c:fb: 10:5a:f3:69:21:b7:ba:ec:81:41:59:8f:15:86:3a: f3:f5:e2:91:b3:41:4f:48:e6:b6:ba:77:00:72:61: 32:20:f2:8b:08:25:42:04:30:d8:04:7a:83:aa:f0: c3:d4:61:85:03:bf:51:d8:e6:07:9c:21:dc:58:94: 38:61:60:f8:3f:cc:8d:c0:a5:5a:94:de:cb:d8:54: 32:ff:08:08:63:77:d0:12:71:2b:4b:5c:1f:75:c0: e6:8b:0c:15:bd:6b:c9:8d:6f:5a:60:c6:05:bd:fb: 2f:1e:26:66:f6:f1:a8:bd:92:bd:20:c9:ba:87:e5: c1:50:a5:a5:3b:b0:c3:26:91:ea:fe:a9:9f:e4:6b: 04:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:8A:A9:6F:74:CF:58:29:8F:F7:9E:BD:7D:DA:21:9F:E5:C9:5A:C9 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.100.0.0/15 Signature Algorithm: sha256WithRSAEncryption cb:de:8c:7f:a1:2b:5d:ae:0e:d5:46:8c:99:a3:4b:16:8e:6c: 0c:39:ee:a4:f9:48:df:04:84:7f:41:c1:be:72:b6:7e:2e:6b: 55:52:4b:72:c1:a9:41:c8:d4:ae:35:d4:0c:5e:17:2a:5d:48: 1d:26:bb:d7:ac:9c:e6:2a:52:4a:b9:dc:f3:b5:08:e9:13:c6: 47:3b:e3:eb:28:f0:7e:8c:e5:a5:f9:e0:3a:76:12:ef:0b:2c: 02:81:a6:ce:45:e2:b7:ff:07:00:95:3d:76:79:54:bc:79:e2: 10:74:8c:d2:bb:9c:8c:db:36:b5:f3:f0:19:35:72:d6:82:17: 24:f3:a8:67:58:52:75:d3:84:74:8d:93:ee:64:33:43:ec:42: 6d:fc:63:92:75:99:b5:47:b5:ef:46:f5:f3:9b:fa:40:0d:73: d6:42:e1:b5:8e:12:78:9c:49:33:40:c2:41:d0:ec:7d:d0:bf: 13:95:00:b6:69:ca:61:df:f5:f7:9c:f9:c8:d5:3e:a0:79:7b: 19:5c:80:f7:01:88:46:68:26:a1:0c:f5:8e:74:cf:04:85:ff: b3:3e:1c:d2:e1:c1:4a:ed:12:c4:1a:65:4c:b0:04:33:c0:f4: c8:43:a9:fa:7a:4b:ad:3a:86:a8:a5:32:f0:8c:93:54:cf:6a: 69:64:0d:d1 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUOKB4ziAyTwMd8gQGhLFRg81xE7wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGNhZjExNjYwMzBjOThjNjYxNjMxMWFkYmFjNDlkMDM4N2I2MTMxYjIzOGQ0 YThiN2FhY2VjNGY4ZDk4MjBiNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANDlrqDy7nkNylmAbbLcBT2c5IXNMhMdxGBv3uQxEt/Z1QQku6O4bo8YGWVW EvsOsl4Ivv0mJnq/vLxUjNSNxvhnfvK7h4JXFIZBxW3tBsgZwulaNfIJXeHqzcXe nPWRym9n1qJCGNXkIRc8vzhAk1aT8n59jVz7EFrzaSG3uuyBQVmPFYY68/XikbNB T0jmtrp3AHJhMiDyiwglQgQw2AR6g6rww9RhhQO/UdjmB5wh3FiUOGFg+D/MjcCl WpTey9hUMv8ICGN30BJxK0tcH3XA5osMFb1ryY1vWmDGBb37Lx4mZvbxqL2SvSDJ uoflwVClpTuwwyaR6v6pn+RrBN8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS8iqlv dM9YKY/3nr192iGf5clayTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YmFjZjg0M2EtMTdlZS00Y2ExLTllM2ItOGYzNzI4ODE0ZDIxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G CSqGSIb3DQEBCwUAA4IBAQDL3ox/oStdrg7VRoyZo0sWjmwMOe6k+UjfBIR/QcG+ crZ+LmtVUktywalByNSuNdQMXhcqXUgdJrvXrJzmKlJKudzztQjpE8ZHO+PrKPB+ jOWl+eA6dhLvCywCgabOReK3/wcAlT12eVS8eeIQdIzSu5yM2za18/AZNXLWghck 86hnWFJ104R0jZPuZDND7EJt/GOSdZm1R7XvRvXzm/pADXPWQuG1jhJ4nEkzQMJB 0Ox90L8TlQC2acph3/X3nPnI1T6geXsZXID3AYhGaCahDPWOdM8Ehf+zPhzS4cFK 7RLEGmVMsAQzwPTIQ6n6ekutOoaopTLwjJNUz2ppZA3R -----END CERTIFICATE-----Generated at Thu Nov 27 04:17:45 2025 by rpki-client