This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa File: 1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa (raw, json) Hash identifier: 548nQva6tdNjL5W04JTODiQdkp50WSsD89+/c5vw11o= Subject key identifier: B2:2A:5E:23:C3:7C:08:D9:57:36:19:E4:97:6B:72:5E:54:9D:91:52 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 010B6373EB075C0B04BC2044E1D0772B84E0EA46 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa Signing time: Wed 10 Dec 2025 06:50:09 +0000 ROA not before: Wed 10 Dec 2025 06:50:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.134.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0b:63:73:eb:07:5c:0b:04:bc:20:44:e1:d0:77:2b:84:e0:ea:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=830f47c261be2ee55f6d09e956b86615c045f8b0020eba5973f6e68cbf4edd91, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:dd:cb:44:98:d8:cc:ea:c3:cd:c8:78:19:11: 53:a9:67:f5:26:0d:d6:f8:bc:75:f7:db:42:c6:bd: 75:ef:22:87:db:e9:47:0f:83:f3:cc:7b:e0:a2:1b: 73:bf:a7:67:fc:e7:6e:0c:62:d3:4c:c1:1b:ed:fd: af:6e:49:19:dc:38:09:d5:a7:2e:3c:a1:48:7e:eb: 76:28:3c:11:99:93:a2:6b:d2:e7:3e:55:40:a0:71: f0:7c:53:8c:5a:88:c9:1f:10:c0:29:0d:1c:ca:6e: 13:3c:6d:45:41:d5:45:92:54:69:29:00:e2:23:22: 9a:91:31:f6:b7:0c:61:49:e8:63:37:4e:55:e2:4c: b2:91:20:0d:23:e2:1a:8b:ec:ed:e7:3a:84:3a:d8: 17:58:1f:87:41:a7:d4:59:69:26:13:3e:67:09:cb: ce:e3:83:db:94:43:b1:9b:86:91:f7:df:1a:b1:c9: e4:01:c7:de:1d:4c:80:07:f0:56:95:1e:2d:2c:c5: a1:95:9a:df:9a:f2:93:77:c9:eb:10:62:e2:50:ca: aa:71:48:54:6e:06:6e:d0:fd:9f:74:a7:ac:2c:43: 8f:75:ba:31:af:16:d9:8e:40:76:04:d7:89:c4:1d: 1f:20:7a:93:cd:53:d2:ca:42:eb:47:f1:39:76:2f: 28:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2A:5E:23:C3:7C:08:D9:57:36:19:E4:97:6B:72:5E:54:9D:91:52 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.134.0.0/16 Signature Algorithm: sha256WithRSAEncryption c8:b9:e0:57:fd:ca:39:dd:f4:3b:48:c2:ad:e2:1c:d6:fa:93: 8d:33:12:6e:04:be:af:c1:04:77:21:50:3f:81:67:db:bf:fc: a9:29:72:ce:41:a6:91:d3:49:a5:d3:b2:71:d8:30:12:27:d5: ee:84:01:2a:9a:17:cc:0f:db:2d:2f:e9:e4:2b:76:f7:22:78: 82:d4:f3:4f:9a:0f:6c:b0:6f:5a:97:94:7c:0d:66:62:dc:e2: 84:7a:9e:e7:3b:6b:73:a5:a9:01:1b:45:28:49:56:68:89:4a: 69:7b:38:91:57:15:af:e5:81:81:4f:b6:38:99:66:f3:c0:80: da:cb:3f:38:fc:fe:f2:b4:89:49:7e:c3:5c:09:6c:81:6c:10: ec:bd:4a:11:2b:33:a6:f4:40:8c:bf:9e:3a:9e:e7:97:a8:5d: af:c5:7f:9e:2d:56:d8:1c:e0:24:1e:cf:8a:81:96:59:fa:b0: 1c:c5:c2:c4:0e:b3:bb:6b:64:ad:d7:94:79:22:fe:5b:b1:e3: 3e:d2:2f:13:53:3e:ab:c1:35:9c:f5:91:b9:dd:13:f6:3b:e7: 53:52:f0:4d:54:73:dc:92:33:26:59:10:e3:2a:26:66:13:78: 58:32:37:03:69:05:0f:c3:bd:7d:2f:18:65:22:ca:fa:4d:a9: c0:7d:6a:3e -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUAQtjc+sHXAsEvCBE4dB3K4Tg6kYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDgzMGY0N2MyNjFiZTJlZTU1ZjZkMDllOTU2Yjg2NjE1YzA0NWY4YjAwMjBl YmE1OTczZjZlNjhjYmY0ZWRkOTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJfdy0SY2Mzqw83IeBkRU6ln9SYN1vi8dffbQsa9de8ih9vpRw+D88x74KIb c7+nZ/znbgxi00zBG+39r25JGdw4CdWnLjyhSH7rdig8EZmTomvS5z5VQKBx8HxT jFqIyR8QwCkNHMpuEzxtRUHVRZJUaSkA4iMimpEx9rcMYUnoYzdOVeJMspEgDSPi Govs7ec6hDrYF1gfh0Gn1FlpJhM+ZwnLzuOD25RDsZuGkfffGrHJ5AHH3h1MgAfw VpUeLSzFoZWa35ryk3fJ6xBi4lDKqnFIVG4GbtD9n3SnrCxDj3W6Ma8W2Y5AdgTX icQdHyB6k81T0spC60fxOXYvKLsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSyKl4j w3wI2Vc2GeSXa3JeVJ2RUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MWIzOWU5YTctNGYzZC00Y2ZjLTk3NWYtZDllYWNlZWQwZWQyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G CSqGSIb3DQEBCwUAA4IBAQDIueBX/co53fQ7SMKt4hzW+pONMxJuBL6vwQR3IVA/ gWfbv/ypKXLOQaaR00ml07Jx2DASJ9XuhAEqmhfMD9stL+nkK3b3IniC1PNPmg9s sG9al5R8DWZi3OKEep7nO2tzpakBG0UoSVZoiUppeziRVxWv5YGBT7Y4mWbzwIDa yz84/P7ytIlJfsNcCWyBbBDsvUoRKzOm9ECMv546nueXqF2vxX+eLVbYHOAkHs+K gZZZ+rAcxcLEDrO7a2St15R5Iv5bseM+0i8TUz6rwTWc9ZG53RP2O+dTUvBNVHPc kjMmWRDjKiZmE3hYMjcDaQUPw719LxhlIsr6TanAfWo+ -----END CERTIFICATE-----Generated at Thu Jan 22 22:17:53 2026 by rpki-client