This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa File: bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa (raw, json) Hash identifier: kBW87dPAr6XriyktXoMVNsT0vxJ1QsSycwU6WOSwycY= Subject key identifier: 23:69:5F:2E:E2:0A:E2:6F:89:23:C6:7B:CE:FA:04:D7:E7:54:4D:EA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 06F0C71092509E60235FFCA5605DE94637252A2B Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa Signing time: Wed 10 Dec 2025 06:40:42 +0000 ROA not before: Wed 10 Dec 2025 06:40:42 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.100.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:f0:c7:10:92:50:9e:60:23:5f:fc:a5:60:5d:e9:46:37:25:2a:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:42 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=951dd75a02be0b53d67c703fb6623ab7e18cfda2b3950847f77b98597e85f200, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1f:9c:93:03:c8:94:59:7f:69:61:b3:79:e6: 01:66:e8:48:10:90:bb:38:3c:40:94:10:f7:34:d9: e2:40:01:32:74:aa:f2:a4:8b:c6:0b:83:91:2b:b7: 60:1d:68:e7:a8:3f:16:ac:ea:8f:f2:e9:d6:da:a6: f4:35:a5:0d:d7:79:d4:24:40:fb:12:02:0b:a4:d0: 12:d4:f7:7a:cd:b7:05:fa:25:0c:98:03:8e:b1:5c: eb:54:f9:6a:8a:59:26:9b:43:52:0c:dc:c7:94:d8: d0:ed:57:56:bb:96:76:2d:fb:71:1b:c8:3a:6e:28: a2:62:b7:f5:bb:53:11:2d:b2:f5:29:6e:e1:a4:e2: c7:31:1a:00:ed:c9:9e:be:bf:83:d6:fd:19:d4:6b: 47:1d:eb:e1:74:5d:2f:a7:47:39:d9:fb:89:74:89: ba:cc:4b:a3:61:f5:89:fe:ca:34:f6:44:77:32:f0: 72:2c:1d:5f:bc:4c:5a:66:e7:89:21:24:c0:d4:78: 7c:1b:53:e8:e6:26:a2:be:3d:23:57:a1:20:65:ed: b4:8f:37:f8:7a:d1:fb:db:d9:7f:c3:aa:48:3d:db: 2b:5a:a7:df:f3:4e:58:1c:98:a6:82:44:14:72:1a: 11:95:97:3d:a4:68:c8:66:57:bf:d8:96:ea:e3:8f: ed:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:69:5F:2E:E2:0A:E2:6F:89:23:C6:7B:CE:FA:04:D7:E7:54:4D:EA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.100.0.0/15 Signature Algorithm: sha256WithRSAEncryption 9d:c3:f5:d6:04:85:29:81:ca:2f:6c:b9:51:3d:1d:66:84:1f: 81:2d:b8:90:dd:c3:e3:b0:cb:37:9f:61:f1:77:dc:5e:ec:e1: 37:fd:74:fa:3c:a1:2b:cc:cc:2b:c9:3c:ce:a8:be:12:9e:e3: c4:57:75:e6:09:23:6d:58:ae:32:2d:d5:a5:bb:90:66:ac:27: 5b:0e:78:9d:9c:fa:c6:40:20:8a:a2:11:e3:70:d9:dc:cc:dc: 0e:52:2a:88:92:07:35:c7:28:4f:ab:5a:b2:c1:0d:f1:28:99: 1f:0c:b8:1a:8a:bf:78:b4:e5:b0:bd:a9:0b:5a:66:e6:49:83: ea:6a:64:8c:22:f5:6b:0e:33:e4:e5:0a:b7:a0:95:f6:d0:f3: c5:82:26:7b:af:74:0f:f6:22:3c:4f:ca:e9:60:9c:5a:de:37: 06:e2:6e:7f:13:d3:ff:0f:b2:47:9e:e3:cb:38:be:b1:85:aa: 7a:96:d2:f7:3d:40:58:d6:9d:4f:b5:8e:c8:eb:8f:40:12:19: c8:a3:6b:71:06:ef:9b:17:03:cf:e5:a7:54:47:82:6d:54:49: c0:00:b4:59:91:2f:35:67:f5:25:4e:91:68:66:5e:0e:4e:e0: 98:4f:d4:f7:8f:97:48:8d:33:6d:81:f6:19:dd:2c:01:01:d0: 92:3a:d4:9e -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUBvDHEJJQnmAjX/ylYF3pRjclKiswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwNDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDk1MWRkNzVhMDJiZTBiNTNkNjdjNzAzZmI2NjIzYWI3ZTE4Y2ZkYTJiMzk1 MDg0N2Y3N2I5ODU5N2U4NWYyMDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMkfnJMDyJRZf2lhs3nmAWboSBCQuzg8QJQQ9zTZ4kABMnSq8qSLxguDkSu3 YB1o56g/Fqzqj/Lp1tqm9DWlDdd51CRA+xICC6TQEtT3es23BfolDJgDjrFc61T5 aopZJptDUgzcx5TY0O1XVruWdi37cRvIOm4oomK39btTES2y9Slu4aTixzEaAO3J nr6/g9b9GdRrRx3r4XRdL6dHOdn7iXSJusxLo2H1if7KNPZEdzLwciwdX7xMWmbn iSEkwNR4fBtT6OYmor49I1ehIGXttI83+HrR+9vZf8OqSD3bK1qn3/NOWByYpoJE FHIaEZWXPaRoyGZXv9iW6uOP7RcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjaV8u 4grib4kjxnvO+gTX51RN6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YmFjZjg0M2EtMTdlZS00Y2ExLTllM2ItOGYzNzI4ODE0ZDIxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G CSqGSIb3DQEBCwUAA4IBAQCdw/XWBIUpgcovbLlRPR1mhB+BLbiQ3cPjsMs3n2Hx d9xe7OE3/XT6PKErzMwryTzOqL4SnuPEV3XmCSNtWK4yLdWlu5BmrCdbDnidnPrG QCCKohHjcNnczNwOUiqIkgc1xyhPq1qywQ3xKJkfDLgair94tOWwvakLWmbmSYPq amSMIvVrDjPk5Qq3oJX20PPFgiZ7r3QP9iI8T8rpYJxa3jcG4m5/E9P/D7JHnuPL OL6xhap6ltL3PUBY1p1PtY7I649AEhnIo2txBu+bFwPP5adUR4JtVEnAALRZkS81 Z/UlTpFoZl4OTuCYT9T3j5dIjTNtgfYZ3SwBAdCSOtSe -----END CERTIFICATE-----Generated at Sat Dec 20 02:38:17 2025 by rpki-client