This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json) Hash identifier: ZZo0SquPS4Zq05EIRsp1HfM1oI6lpop8lm2aWIQLKg0= Subject key identifier: 82:A1:B1:C4:22:E7:DC:F1:44:4E:A3:FE:A9:01:BF:D4:2A:1E:17:15 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1781E4917B4B38744218DE6E1916F8DA67669AC2 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa Signing time: Sat 15 Nov 2025 06:40:33 +0000 ROA not before: Sat 15 Nov 2025 06:40:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.121.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 09:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:81:e4:91:7b:4b:38:74:42:18:de:6e:19:16:f8:da:67:66:9a:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=39f61ca6873eceb7a98dbb85b57b81bec5af0914ab582ab065d0bec252c755a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:88:b6:02:74:ce:b2:b2:71:a0:7f:fc:a7:6e: f3:55:f9:18:19:10:8a:da:84:93:cf:9a:1c:a8:e7: 56:32:8a:70:09:3a:30:7d:3d:9b:34:13:4e:a0:7e: 9a:9a:91:21:3e:41:df:8d:b7:cb:cf:a0:1d:fc:05: b9:2a:7e:a1:b0:75:97:8b:d0:43:f4:76:45:00:bd: 52:9c:a0:f9:e0:c3:96:f2:25:06:1b:f8:2e:d9:e5: 33:bf:0a:57:2d:66:db:62:90:59:22:03:88:63:52: 6e:ae:aa:6f:18:65:ec:cd:a6:94:44:30:99:1d:55: 0b:97:a2:e7:8a:34:52:bb:17:a1:21:e2:74:a5:b1: 15:59:aa:d4:bb:e5:b1:94:f7:2b:da:3b:8b:3c:3d: 90:21:4b:1f:b6:a8:81:83:c8:20:ba:b8:6c:88:42: 55:ca:5a:7d:53:5a:05:c3:d4:14:98:96:27:ac:66: 49:52:1d:7e:6e:72:ac:37:7f:e3:95:d7:17:da:f9: be:e8:7f:d7:e2:4c:48:2d:1f:bd:54:48:34:60:31: cb:34:da:d1:fb:2b:46:ff:ef:3a:8e:e5:05:3b:e1: c2:74:d8:fd:96:20:d8:b0:be:f7:37:63:65:2d:12: 46:1e:f4:d9:83:57:8c:54:c6:4a:c3:ed:ee:57:f4: 36:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:A1:B1:C4:22:E7:DC:F1:44:4E:A3:FE:A9:01:BF:D4:2A:1E:17:15 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.121.0.0/16 Signature Algorithm: sha256WithRSAEncryption 82:e8:5f:fa:4f:a9:25:73:9b:26:aa:4f:02:d1:ae:09:46:0e: c3:08:6c:7f:18:f7:95:3c:69:f1:6b:d6:2d:f8:90:2b:b7:e8: 43:93:80:03:8d:00:75:3b:73:aa:85:c4:ae:51:96:67:70:c0: d8:ce:3d:3d:71:b6:9b:7c:fc:82:e5:ba:68:14:52:b9:b2:e9: dc:4d:41:41:f2:e2:0a:a8:c8:4f:f3:d9:78:bd:ef:21:c1:17: de:4c:0f:d1:4d:da:ad:da:3b:4a:5d:ac:d8:b7:fc:67:e0:f3: 60:e5:39:3e:5f:e0:96:c9:b3:c3:ec:69:8f:2a:f5:06:f6:b2: bc:23:36:9c:c3:58:5c:3c:ac:4f:b1:0c:0b:cd:1b:8f:7a:e1: aa:d1:f3:6d:d6:d8:fb:12:17:1b:11:7e:86:94:93:f0:71:91: 8e:19:48:5e:f6:c5:fc:af:33:7f:e5:be:7f:00:08:0b:6e:5c: dd:4c:73:ec:d9:0a:3d:ff:9b:e4:98:f4:51:82:15:b9:e3:f6: 7a:56:7b:3b:28:46:b1:b1:73:db:94:02:37:eb:03:51:65:f0: cf:47:ab:b4:9d:9b:a1:19:8d:c1:34:6b:26:34:c9:97:7e:26: e2:e2:1d:68:36:03:e5:58:41:0a:29:85:2c:8c:29:08:b7:bb: 6c:72:f8:08 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUF4HkkXtLOHRCGN5uGRb42mdmmsIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDM5ZjYxY2E2ODczZWNlYjdhOThkYmI4NWI1N2I4MWJlYzVhZjA5MTRhYjU4 MmFiMDY1ZDBiZWMyNTJjNzU1YTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOSItgJ0zrKycaB//Kdu81X5GBkQitqEk8+aHKjnVjKKcAk6MH09mzQTTqB+ mpqRIT5B3423y8+gHfwFuSp+obB1l4vQQ/R2RQC9Upyg+eDDlvIlBhv4LtnlM78K Vy1m22KQWSIDiGNSbq6qbxhl7M2mlEQwmR1VC5ei54o0UrsXoSHidKWxFVmq1Lvl sZT3K9o7izw9kCFLH7aogYPIILq4bIhCVcpafVNaBcPUFJiWJ6xmSVIdfm5yrDd/ 45XXF9r5vuh/1+JMSC0fvVRINGAxyzTa0fsrRv/vOo7lBTvhwnTY/ZYg2LC+9zdj ZS0SRh702YNXjFTGSsPt7lf0NgMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSCobHE Iufc8UROo/6pAb/UKh4XFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G CSqGSIb3DQEBCwUAA4IBAQCC6F/6T6klc5smqk8C0a4JRg7DCGx/GPeVPGnxa9Yt +JArt+hDk4ADjQB1O3OqhcSuUZZncMDYzj09cbabfPyC5bpoFFK5suncTUFB8uIK qMhP89l4ve8hwRfeTA/RTdqt2jtKXazYt/xn4PNg5Tk+X+CWybPD7GmPKvUG9rK8 Izacw1hcPKxPsQwLzRuPeuGq0fNt1tj7EhcbEX6GlJPwcZGOGUhe9sX8rzN/5b5/ AAgLblzdTHPs2Qo9/5vkmPRRghW54/Z6Vns7KEaxsXPblAI36wNRZfDPR6u0nZuh GY3BNGsmNMmXfibi4h1oNgPlWEEKKYUsjCkIt7tscvgI -----END CERTIFICATE-----Generated at Sun Nov 23 17:21:48 2025 by rpki-client