This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json) Hash identifier: m/B+HQfXacbEdy5abGknwJwRSJgzWmSVgPgSgS1FBWU= Subject key identifier: 56:A8:F4:91:56:44:36:66:C9:96:AB:55:35:43:86:15:11:DC:6A:49 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 04A3FEA39074E2F105DBAA2701C232E0DE4D5C55 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa Signing time: Wed 10 Dec 2025 06:50:36 +0000 ROA not before: Wed 10 Dec 2025 06:50:36 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 195.17.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 20:59:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:a3:fe:a3:90:74:e2:f1:05:db:aa:27:01:c2:32:e0:de:4d:5c:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:36 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=0b3f14cffb1819da66f539a81c9964c06e31ffcf6fd49adc46a1507c9cf77741, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:52:95:3f:bb:0f:50:7a:f9:1a:c6:bf:36:b8: 11:25:50:31:f5:d8:d9:55:c3:ad:43:e1:b0:66:df: 2a:ec:27:5e:c2:0f:b5:83:53:04:41:a1:c4:ae:b6: 38:9d:61:51:1c:76:ff:a0:71:38:ad:02:66:48:5f: b8:18:d1:05:f2:d4:27:34:e4:fb:d1:63:0b:36:53: 61:f4:b6:65:07:16:c2:2b:c1:6a:c9:47:8f:1c:2b: 82:20:b0:c1:3f:f4:07:14:46:10:43:4a:df:77:af: bc:32:d6:1a:dc:88:6a:65:a6:c9:eb:5d:08:d9:ef: 34:e1:ff:fa:a9:dc:a0:49:80:2c:f7:1f:b3:cc:14: 43:b1:dc:5f:d9:b6:25:01:b4:f0:f0:ba:21:8b:2f: 9c:3c:52:07:39:d7:dc:ac:ea:11:a3:df:5a:77:9e: 76:94:46:74:9d:c4:52:b0:50:25:4e:83:8c:b4:11: 55:00:a8:ce:41:25:10:d9:3d:9d:11:a9:25:46:fc: ea:ec:3d:77:54:08:0c:86:be:22:d4:c7:d3:0f:81: ef:42:c9:7f:28:dc:f6:ad:90:45:98:6e:fd:71:ef: 28:3e:74:c5:b8:37:06:7c:ed:98:42:37:c2:f4:38: af:4c:75:e1:85:ef:0a:dc:44:7e:fe:cc:f3:19:84: 1b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:A8:F4:91:56:44:36:66:C9:96:AB:55:35:43:86:15:11:DC:6A:49 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.17.0.0/24 Signature Algorithm: sha256WithRSAEncryption 65:4e:21:20:ee:8d:17:0a:2a:94:c7:2f:11:9e:4a:a6:0c:52: 1f:29:80:99:88:a9:6f:e2:2d:a2:0f:61:36:ea:96:32:a4:26: b7:c5:90:96:6a:cc:62:1f:1d:01:5f:e2:ae:88:a7:4d:e7:b6: 51:a3:70:b4:a8:e4:21:c8:26:d6:f2:66:69:2d:bf:31:ae:e4: 4b:f3:b9:c5:5f:09:ec:ff:cd:be:ff:59:18:db:b4:df:78:e9: b3:92:f8:ae:7a:98:28:78:50:79:72:d2:34:49:61:63:db:44: 2b:22:c9:4f:f5:93:0b:f6:9e:07:8a:a7:40:a2:f0:99:c9:39: 5c:b2:7f:a5:6b:d0:a1:0e:b6:02:c5:d3:82:ad:ee:c2:c9:86: a5:2b:52:d9:54:07:4a:a4:2d:d3:d1:cc:4a:b5:d2:77:80:91: 25:0c:9e:4a:61:a2:3d:a6:66:3b:21:cb:0b:10:c6:75:cb:bc: 83:d3:36:79:48:a8:f6:10:5f:7d:de:50:ba:e8:e6:c6:97:80: 8c:83:79:25:72:04:33:e3:18:22:f0:a5:07:58:17:08:64:2d: fa:86:9f:18:a3:e9:09:ce:48:cb:41:52:eb:b8:5e:fa:25:a1: d7:e7:ed:f1:6a:8f:f0:e7:1e:72:44:87:d7:45:9f:51:03:bd: b7:fd:16:ff -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUBKP+o5B04vEF26onAcIy4N5NXFUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDBiM2YxNGNmZmIxODE5ZGE2NmY1MzlhODFjOTk2NGMwNmUzMWZmY2Y2ZmQ0 OWFkYzQ2YTE1MDdjOWNmNzc3NDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdSlT+7D1B6+RrGvza4ESVQMfXY2VXDrUPhsGbfKuwnXsIPtYNTBEGhxK62 OJ1hURx2/6BxOK0CZkhfuBjRBfLUJzTk+9FjCzZTYfS2ZQcWwivBaslHjxwrgiCw wT/0BxRGEENK33evvDLWGtyIamWmyetdCNnvNOH/+qncoEmALPcfs8wUQ7HcX9m2 JQG08PC6IYsvnDxSBznX3KzqEaPfWneedpRGdJ3EUrBQJU6DjLQRVQCozkElENk9 nRGpJUb86uw9d1QIDIa+ItTH0w+B70LJfyjc9q2QRZhu/XHvKD50xbg3BnztmEI3 wvQ4r0x14YXvCtxEfv7M8xmEG+UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRWqPSR VkQ2ZsmWq1U1Q4YVEdxqSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN BgkqhkiG9w0BAQsFAAOCAQEAZU4hIO6NFwoqlMcvEZ5KpgxSHymAmYipb+Itog9h NuqWMqQmt8WQlmrMYh8dAV/iroinTee2UaNwtKjkIcgm1vJmaS2/Ma7kS/O5xV8J 7P/Nvv9ZGNu033jps5L4rnqYKHhQeXLSNElhY9tEKyLJT/WTC/aeB4qnQKLwmck5 XLJ/pWvQoQ62AsXTgq3uwsmGpStS2VQHSqQt09HMSrXSd4CRJQyeSmGiPaZmOyHL CxDGdcu8g9M2eUio9hBffd5QuujmxpeAjIN5JXIEM+MYIvClB1gXCGQt+oafGKPp Cc5Iy0FS67he+iWh1+ft8WqP8OceckSH10WfUQO9t/0W/w== -----END CERTIFICATE-----Generated at Mon Dec 29 03:48:26 2025 by rpki-client