This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json) Hash identifier: plfhdxMKEwEHJPVvaBisS25zK7nNDnI6LxUQk2UmpdI= Subject key identifier: 4F:48:A0:B6:5C:8F:4E:FF:27:8A:A9:12:A5:5E:F1:8E:8F:F9:AD:DC Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4BC67E987E7A24B967D5E7CB950C2958C7228289 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa Signing time: Wed 10 Dec 2025 06:50:47 +0000 ROA not before: Wed 10 Dec 2025 06:50:47 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 143.65.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:c6:7e:98:7e:7a:24:b9:67:d5:e7:cb:95:0c:29:58:c7:22:82:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:47 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=26c916d05a42bfce728faebc932c3dd091842fcb8e2be866ee8aced5f432dc55, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:62:d5:a4:22:bd:f4:48:3f:de:16:10:a4:26: ba:fc:4b:c2:d8:66:07:e2:40:85:92:58:4e:2c:fd: bd:8b:2f:81:b1:5a:b9:a3:1e:bb:b3:8b:9c:92:7e: c4:5a:5d:74:74:58:d4:d7:2b:13:b7:13:f1:be:a4: 44:9a:37:b4:bd:42:c2:0f:5d:8e:56:4d:45:37:cd: 6a:ff:ff:46:25:f2:e8:63:a1:d6:70:bd:81:75:cb: 5f:ad:fe:4a:ab:2a:5b:52:41:a9:a5:2b:92:b7:c0: 13:20:16:28:27:68:b8:f6:63:ad:f0:26:4f:42:49: 92:df:41:30:d8:15:f8:42:45:94:26:88:2a:fa:dd: 14:85:a7:d9:d0:08:3d:c9:0c:30:4c:39:db:61:72: a6:98:1c:51:bc:57:15:65:23:59:6d:3b:d6:53:82: 81:42:e6:c0:69:d5:97:24:21:91:65:63:49:9a:dd: 81:07:bd:5b:bb:34:99:32:08:b1:86:15:b8:d1:9b: e2:07:eb:e5:10:2d:bd:c0:26:70:28:be:87:8b:bb: 7c:42:2a:58:d3:ef:7a:0b:ef:2e:d5:a9:f9:d5:9b: c7:ee:57:c3:67:2d:97:eb:0c:9f:3c:a4:5d:85:ae: de:b9:cd:e1:cd:36:10:04:78:8c:c1:16:37:0f:78: 09:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:48:A0:B6:5C:8F:4E:FF:27:8A:A9:12:A5:5E:F1:8E:8F:F9:AD:DC X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.65.0.0/17 Signature Algorithm: sha256WithRSAEncryption b6:ce:39:7b:85:15:5d:8c:ad:31:8f:81:19:c5:80:27:69:9a: 2c:90:46:48:10:53:fe:22:a9:1f:4a:3e:3b:64:ca:17:d8:f5: fe:2d:f3:ec:03:e5:9d:8c:9b:fc:56:6b:b9:e2:7c:02:56:a0: bc:92:e6:64:1c:1e:de:da:f9:c6:26:8d:c0:60:27:a5:a4:e9: f3:3c:eb:55:22:28:f7:55:02:0a:d0:bc:da:00:a9:5a:26:5e: 41:40:7e:ba:fa:55:b4:44:49:bf:0f:42:fc:50:7b:8e:09:b8: a5:77:15:0a:dd:9c:1b:25:6f:76:bf:94:0a:a0:6d:27:1e:58: c0:67:51:02:e4:09:f9:9d:a2:48:c4:05:b7:3e:d7:1f:73:ad: f3:cd:f9:a0:2c:53:3e:70:62:9c:e7:22:45:73:68:7e:98:01: d1:c1:42:74:15:3a:59:d5:5c:76:2e:a1:b6:cc:e6:e9:75:15: 26:46:b7:72:3d:d5:d7:d9:12:53:f6:51:d7:97:21:48:81:fb: 5f:d4:06:d9:91:f4:62:d7:73:51:dd:57:14:d4:e4:1b:d5:43: 4c:bd:50:c5:c2:49:8a:32:73:10:cd:ee:fa:41:ba:70:88:02: 79:ba:c7:90:be:e6:64:45:91:3b:66:33:2d:b1:30:20:20:36: 0d:84:55:c1 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUS8Z+mH56JLln1efLlQwpWMcigokwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI2YzkxNmQwNWE0MmJmY2U3MjhmYWViYzkzMmMzZGQwOTE4NDJmY2I4ZTJi ZTg2NmVlOGFjZWQ1ZjQzMmRjNTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZi1aQivfRIP94WEKQmuvxLwthmB+JAhZJYTiz9vYsvgbFauaMeu7OLnJJ+ xFpddHRY1NcrE7cT8b6kRJo3tL1Cwg9djlZNRTfNav//RiXy6GOh1nC9gXXLX63+ SqsqW1JBqaUrkrfAEyAWKCdouPZjrfAmT0JJkt9BMNgV+EJFlCaIKvrdFIWn2dAI PckMMEw522FyppgcUbxXFWUjWW071lOCgULmwGnVlyQhkWVjSZrdgQe9W7s0mTII sYYVuNGb4gfr5RAtvcAmcCi+h4u7fEIqWNPvegvvLtWp+dWbx+5Xw2ctl+sMnzyk XYWu3rnN4c02EAR4jMEWNw94CdkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRPSKC2 XI9O/yeKqRKlXvGOj/mt3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN BgkqhkiG9w0BAQsFAAOCAQEAts45e4UVXYytMY+BGcWAJ2maLJBGSBBT/iKpH0o+ O2TKF9j1/i3z7APlnYyb/FZrueJ8AlagvJLmZBwe3tr5xiaNwGAnpaTp8zzrVSIo 91UCCtC82gCpWiZeQUB+uvpVtERJvw9C/FB7jgm4pXcVCt2cGyVvdr+UCqBtJx5Y wGdRAuQJ+Z2iSMQFtz7XH3Ot8835oCxTPnBinOciRXNofpgB0cFCdBU6WdVcdi6h tszm6XUVJka3cj3V19kSU/ZR15chSIH7X9QG2ZH0YtdzUd1XFNTkG9VDTL1QxcJJ ijJzEM3u+kG6cIgCebrHkL7mZEWRO2YzLbEwICA2DYRVwQ== -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:59 2025 by rpki-client