This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json) Hash identifier: 7+UgmF7UeCPEWRS9OXydNX/+7bBQSRPYHuQarTJVunE= Subject key identifier: 51:03:04:B5:99:AC:00:5A:38:35:39:93:84:88:60:F2:B4:0E:96:B3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 60FDD24951DEB557C51B5177C4A15BFA058EA793 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa Signing time: Wed 10 Dec 2025 06:40:42 +0000 ROA not before: Wed 10 Dec 2025 06:40:42 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.100.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:fd:d2:49:51:de:b5:57:c5:1b:51:77:c4:a1:5b:fa:05:8e:a7:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:42 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4b9f8398f572acfe19e6401782d3025401d47b3bd16520efe63642d2315ecaa7, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:be:d6:83:84:19:8f:3d:a9:e1:f8:92:f7:0f: 6e:8e:cf:88:22:06:39:9f:81:02:f4:1a:b5:9b:5c: 5c:ff:0b:14:24:52:61:a3:e1:20:3d:c8:a9:fb:03: 13:3a:d5:99:56:12:8b:ce:a0:ba:6a:a0:62:95:c4: 95:36:35:23:c1:b6:15:94:8c:f2:37:0c:10:f1:60: 29:fa:01:fb:de:db:28:41:a4:2f:92:2d:80:dc:8c: cd:96:ee:de:01:33:87:c1:9a:2d:af:24:2c:d1:ec: 77:ff:ab:b0:ab:1d:c7:70:e6:f3:c8:59:dd:43:70: bb:ba:6e:92:bf:1e:4e:ef:a1:62:d3:39:07:da:dc: f1:01:f0:a6:ec:50:91:d7:e9:d0:43:c2:20:f0:3b: 59:9c:a5:0e:e7:92:26:7c:4b:ee:f3:d9:c8:46:4e: 90:34:5f:e9:17:db:95:c5:38:60:bd:3f:3b:66:8b: 7b:c4:08:72:6a:a7:ef:ce:d2:38:74:c4:4c:29:3c: 9b:72:62:44:0c:50:e1:ac:52:cc:f5:29:f4:7b:24: 88:fa:d1:75:a1:f4:4c:b3:77:9d:17:d2:c8:18:86: 2f:6a:97:30:9a:81:77:e3:4f:14:2f:7a:38:da:e9: 6b:b8:68:fb:74:d5:e9:51:c4:d6:ee:fe:aa:a5:59: 51:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:03:04:B5:99:AC:00:5A:38:35:39:93:84:88:60:F2:B4:0E:96:B3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.100.0.0/15 Signature Algorithm: sha256WithRSAEncryption 2b:8d:22:95:7a:b3:16:13:7d:d4:d8:fc:0c:42:c4:77:32:71: 1f:59:36:30:5c:5f:70:1e:e1:3a:94:b3:60:c1:42:a2:ce:6d: b3:26:bb:a5:a1:e3:6d:70:24:6b:47:29:42:63:fb:b1:5d:65: 12:9a:d5:82:3a:ae:e0:60:7b:12:30:6d:ec:24:74:f2:1c:68: 58:f9:d6:59:e8:0b:34:63:c8:b7:f2:69:69:70:bf:f1:d9:c7: 0c:4e:c4:e0:e3:b2:a9:8b:0e:23:07:30:74:d8:b9:1c:28:84: 85:53:2d:f3:49:97:0f:16:91:34:7b:b9:7a:b3:58:09:95:b0: 69:7b:07:bf:8d:2c:bb:1c:6e:a3:82:b2:3a:77:14:ca:d1:5c: 26:c8:9d:19:23:93:04:85:fc:4c:db:94:02:d8:a4:8a:b6:b7: 5d:f1:de:74:2a:c8:f2:10:2a:c9:db:44:ad:30:2b:9a:5d:f2: 81:a8:3f:1e:73:21:2e:31:06:30:c6:72:b7:64:8c:e4:fb:34: ea:98:eb:42:e7:f7:71:f6:a2:ce:7b:2e:33:9e:f1:66:b6:d4: 49:e6:27:a8:b5:74:2d:9f:ed:9e:ea:77:b9:b9:66:c0:f3:0f: b2:4b:45:c8:88:0b:82:c3:c7:7e:4a:ad:fd:92:da:1b:a3:df: 10:b6:4a:6d -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUYP3SSVHetVfFG1F3xKFb+gWOp5MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwNDJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDRiOWY4Mzk4ZjU3MmFjZmUxOWU2NDAxNzgyZDMwMjU0MDFkNDdiM2JkMTY1 MjBlZmU2MzY0MmQyMzE1ZWNhYTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO+1oOEGY89qeH4kvcPbo7PiCIGOZ+BAvQatZtcXP8LFCRSYaPhID3IqfsD EzrVmVYSi86gumqgYpXElTY1I8G2FZSM8jcMEPFgKfoB+97bKEGkL5ItgNyMzZbu 3gEzh8GaLa8kLNHsd/+rsKsdx3Dm88hZ3UNwu7pukr8eTu+hYtM5B9rc8QHwpuxQ kdfp0EPCIPA7WZylDueSJnxL7vPZyEZOkDRf6RfblcU4YL0/O2aLe8QIcmqn787S OHTETCk8m3JiRAxQ4axSzPUp9HskiPrRdaH0TLN3nRfSyBiGL2qXMJqBd+NPFC96 ONrpa7ho+3TV6VHE1u7+qqVZURUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRRAwS1 mawAWjg1OZOEiGDytA6WszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G CSqGSIb3DQEBCwUAA4IBAQArjSKVerMWE33U2PwMQsR3MnEfWTYwXF9wHuE6lLNg wUKizm2zJruloeNtcCRrRylCY/uxXWUSmtWCOq7gYHsSMG3sJHTyHGhY+dZZ6As0 Y8i38mlpcL/x2ccMTsTg47Kpiw4jBzB02LkcKISFUy3zSZcPFpE0e7l6s1gJlbBp ewe/jSy7HG6jgrI6dxTK0VwmyJ0ZI5MEhfxM25QC2KSKtrdd8d50KsjyECrJ20St MCuaXfKBqD8ecyEuMQYwxnK3ZIzk+zTqmOtC5/dx9qLOey4znvFmttRJ5ieotXQt n+2e6ne5uWbA8w+yS0XIiAuCw8d+Sq39ktobo98Qtkpt -----END CERTIFICATE-----Generated at Thu Dec 11 18:24:41 2025 by rpki-client