This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json) Hash identifier: D52bMPeUJe4hBe97yeWBM6hROOT70PQoehh9cr2KnsY= Subject key identifier: C1:B0:13:11:37:03:17:00:71:5F:72:8A:AC:A9:FC:F5:FF:D9:E2:F3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 67EEE34D8EAE039C5BDE9C790050E0856E63781D Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa Signing time: Wed 10 Dec 2025 06:50:34 +0000 ROA not before: Wed 10 Dec 2025 06:50:34 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 85.151.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:ee:e3:4d:8e:ae:03:9c:5b:de:9c:79:00:50:e0:85:6e:63:78:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:34 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=29b2148eaa7c1b27af77ea2f3adce8bfe0218341ebaba546bf2687efcda82ed6, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:9a:dc:f3:3d:8e:e0:56:07:74:4b:f0:1c:18: 57:cd:32:df:5a:67:6a:6e:45:3c:98:0c:2c:e5:6a: f4:19:66:03:8a:d3:e1:27:47:84:bb:dd:bd:7b:be: d9:ee:a5:64:59:57:bb:15:5f:f9:35:67:d7:7a:77: 5d:8f:fa:09:7e:ef:9d:91:6e:cd:91:0c:82:47:26: c1:8f:5c:a4:bd:e0:a9:ce:a1:45:10:89:ef:55:98: 9c:41:bc:93:07:f4:86:b4:d6:e4:c3:9a:69:ff:c2: 53:fe:9d:df:ea:e7:37:a3:fe:38:99:f4:de:d7:b1: 7d:cd:c6:f0:e6:85:11:a7:8d:0d:47:51:69:07:e8: a1:de:f7:a3:33:a1:e9:35:4f:b4:27:24:b1:70:5b: 21:bb:cd:b5:a3:8a:9a:cf:f8:54:67:f1:af:ca:37: 12:64:9e:c2:2b:e8:57:70:6c:b2:5f:56:0c:df:c8: ee:fe:a7:1b:47:3c:ca:b4:6b:c8:49:06:67:d2:10: ea:09:ad:e7:12:06:05:a9:47:0d:bc:2f:1c:aa:e3: f2:c1:61:4d:ec:99:95:74:3f:6f:22:97:6c:f8:37: 5d:6d:09:49:42:c6:eb:16:c4:45:1e:a6:0e:30:3b: e2:18:c4:85:fb:c7:88:a2:21:9f:00:fc:c2:ec:a2: fe:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:B0:13:11:37:03:17:00:71:5F:72:8A:AC:A9:FC:F5:FF:D9:E2:F3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.151.0.0/16 Signature Algorithm: sha256WithRSAEncryption c5:2e:0d:a7:18:ce:45:a2:86:68:97:c7:54:ec:f3:b8:ec:4d: bd:d2:87:d1:93:78:9d:77:f3:5a:dd:0c:ab:14:30:27:0b:3f: 23:7c:a1:cd:b0:bc:d5:77:c1:93:97:7f:0c:68:37:79:29:b6: 02:a2:d1:0e:14:db:ee:20:1a:cf:3f:92:70:38:41:b5:ed:21: 37:92:4f:5e:9b:f0:95:6d:1f:26:f3:ea:65:74:a2:a3:06:a2: 07:eb:26:6e:ea:c8:f1:6d:71:da:48:4d:62:7d:87:c2:76:02: 23:a8:ed:9c:29:58:14:b1:5a:7e:01:0b:54:24:72:8e:04:f3: 2f:91:c9:61:68:e6:73:b0:2f:23:be:a5:da:e4:6f:54:33:b8: 7f:da:87:44:70:bd:8d:ef:c5:cd:a7:d2:29:95:fa:87:a4:1a: ee:91:a2:ba:57:60:85:c6:14:9d:27:48:fa:0a:81:1d:77:82: 6a:d4:4e:4d:4d:1e:19:fa:03:16:d7:c3:e5:43:ac:ed:fc:43: 7e:ce:a8:d8:85:28:19:41:7b:67:c3:b1:6c:19:d3:b1:df:dd: ea:99:d8:64:10:23:c5:e3:4e:e4:dd:30:1a:1f:44:28:31:87: 3d:26:f0:dd:7c:6b:0d:68:b5:dd:a0:49:ea:68:b9:9e:a6:0e: 36:14:a7:6d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUZ+7jTY6uA5xb3px5AFDghW5jeB0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI5YjIxNDhlYWE3YzFiMjdhZjc3ZWEyZjNhZGNlOGJmZTAyMTgzNDFlYmFi YTU0NmJmMjY4N2VmY2RhODJlZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKa3PM9juBWB3RL8BwYV80y31pnam5FPJgMLOVq9BlmA4rT4SdHhLvdvXu+ 2e6lZFlXuxVf+TVn13p3XY/6CX7vnZFuzZEMgkcmwY9cpL3gqc6hRRCJ71WYnEG8 kwf0hrTW5MOaaf/CU/6d3+rnN6P+OJn03texfc3G8OaFEaeNDUdRaQfood73ozOh 6TVPtCcksXBbIbvNtaOKms/4VGfxr8o3EmSewivoV3Bssl9WDN/I7v6nG0c8yrRr yEkGZ9IQ6gmt5xIGBalHDbwvHKrj8sFhTeyZlXQ/byKXbPg3XW0JSULG6xbERR6m DjA74hjEhfvHiKIhnwD8wuyi/h8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTBsBMR NwMXAHFfcoqsqfz1/9ni8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G CSqGSIb3DQEBCwUAA4IBAQDFLg2nGM5FooZol8dU7PO47E290ofRk3idd/Na3Qyr FDAnCz8jfKHNsLzVd8GTl38MaDd5KbYCotEOFNvuIBrPP5JwOEG17SE3kk9em/CV bR8m8+pldKKjBqIH6yZu6sjxbXHaSE1ifYfCdgIjqO2cKVgUsVp+AQtUJHKOBPMv kclhaOZzsC8jvqXa5G9UM7h/2odEcL2N78XNp9IplfqHpBrukaK6V2CFxhSdJ0j6 CoEdd4Jq1E5NTR4Z+gMW18PlQ6zt/EN+zqjYhSgZQXtnw7FsGdOx393qmdhkECPF 407k3TAaH0QoMYc9JvDdfGsNaLXdoEnqaLmepg42FKdt -----END CERTIFICATE-----Generated at Sun Dec 14 07:46:22 2025 by rpki-client