This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa File: 2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa (raw, json) Hash identifier: MZwGPP2wC6H5hayB7ZNwEXzx6tnBF2gFLHgBPfqx+Cw= Subject key identifier: 3E:22:5C:A7:D1:32:B0:C0:8B:35:B4:A7:35:82:1E:78:E5:D1:A1:26 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 20861338C2E3DAAEBE874EAAAECD5F9EAD41FDA1 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa Signing time: Tue 20 Jan 2026 17:21:49 +0000 ROA not before: Tue 20 Jan 2026 17:21:49 +0000 ROA not after: Mon 20 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 57.81.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:86:13:38:c2:e3:da:ae:be:87:4e:aa:ae:cd:5f:9e:ad:41:fd:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Jan 20 17:21:49 2026 GMT Not After : Apr 20 23:59:59 2026 GMT Subject: serialNumber=773f19d3dbd76ab944bfabc08ab8eb2ad47cda919b989986ee7ec3496e0c3a6b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:3e:f5:6e:0f:5b:3b:37:77:3e:37:02:25:ae: 3e:06:89:1c:ba:81:34:8a:7c:87:ee:2a:2b:f0:c3: e0:b5:3b:13:42:c1:de:3a:f6:42:3f:0e:70:a9:75: f8:fe:0c:ec:35:8c:4b:f1:ce:1b:5f:5c:ab:03:4d: dd:dd:c1:fe:f9:d4:91:c3:9c:15:c5:58:e2:50:10: 2f:b0:00:ef:a1:fe:21:b6:f2:00:d7:6c:88:7b:84: 83:00:fb:83:7f:e6:33:fe:c4:17:9e:2f:1c:6f:18: 1b:6e:bb:58:d2:27:36:2f:8a:66:3c:d0:84:96:6f: c6:24:ce:be:31:53:98:d7:06:b9:4a:cb:58:f1:0b: 13:3f:a2:47:24:0c:a8:3b:a6:bc:d7:83:93:a5:0f: 60:91:84:ae:b4:f5:4c:9c:63:14:e7:11:d8:03:2a: 16:3e:d8:b3:25:5d:29:15:7b:68:b7:dd:b7:2d:36: b2:99:be:03:c2:33:e1:de:74:28:45:9a:a2:24:3e: c1:b1:a0:a9:ed:c8:eb:d4:e7:0d:8e:35:65:a4:61: 93:2a:31:73:90:e9:fd:14:d4:2a:d2:8e:76:d4:9d: 83:c4:a5:3a:98:8c:58:7f:90:89:06:c2:b6:1d:c0: 3b:eb:8e:c5:9c:18:aa:6b:db:25:af:91:17:31:a3: 5c:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:22:5C:A7:D1:32:B0:C0:8B:35:B4:A7:35:82:1E:78:E5:D1:A1:26 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.81.0.0/16 Signature Algorithm: sha256WithRSAEncryption 00:a3:69:03:46:45:a5:f5:f2:a5:14:78:d2:a9:27:6a:44:08: ae:73:9d:19:85:bd:0c:c5:a7:08:86:74:62:93:74:4e:b9:c0: 32:aa:49:fe:92:47:d4:d0:3a:fe:99:60:2a:27:32:6b:6f:eb: f8:00:bb:f6:7d:0a:07:2c:75:2a:18:50:0c:68:ea:ef:54:43: c1:ae:03:95:0a:7e:72:45:7a:ac:26:c5:44:35:d6:a2:48:6d: 80:fe:7a:51:ae:e6:70:c8:73:77:7c:77:dd:ca:17:e8:fd:a8: 04:9b:5e:b4:10:b8:b8:53:fc:ca:9e:47:64:60:3f:a3:25:e0: 39:50:d2:42:8d:27:87:5d:4e:a4:ba:b5:2b:62:ef:7c:97:e5: 41:11:27:09:31:9c:00:d6:a8:e2:8f:b6:10:5c:89:83:a9:8e: 5a:7c:d6:db:85:ec:85:75:76:81:6a:50:96:ad:fd:03:b5:5a: 2b:e3:6e:fd:ea:8f:6a:c6:4a:e6:40:87:aa:61:f3:05:6d:1e: a2:a1:48:62:8c:fc:e5:8a:a1:dd:47:55:21:31:51:73:e4:11: 6a:09:c5:b4:2c:ed:2f:84:1d:07:5b:c5:0f:5e:fa:27:e6:cc: 58:8b:4a:0f:a6:f0:5f:70:20:9f:d0:cd:d9:5f:18:cc:43:5c: 76:48:82:e4 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUIIYTOMLj2q6+h06qrs1fnq1B/aEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNjAxMjAxNzIxNDlaFw0yNjA0MjAyMzU5NTlaMHoxSTBHBgNV BAUTQDc3M2YxOWQzZGJkNzZhYjk0NGJmYWJjMDhhYjhlYjJhZDQ3Y2RhOTE5Yjk4 OTk4NmVlN2VjMzQ5NmUwYzNhNmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANY+9W4PWzs3dz43AiWuPgaJHLqBNIp8h+4qK/DD4LU7E0LB3jr2Qj8OcKl1 +P4M7DWMS/HOG19cqwNN3d3B/vnUkcOcFcVY4lAQL7AA76H+IbbyANdsiHuEgwD7 g3/mM/7EF54vHG8YG267WNInNi+KZjzQhJZvxiTOvjFTmNcGuUrLWPELEz+iRyQM qDumvNeDk6UPYJGErrT1TJxjFOcR2AMqFj7YsyVdKRV7aLfdty02spm+A8Iz4d50 KEWaoiQ+wbGgqe3I69TnDY41ZaRhkyoxc5Dp/RTUKtKOdtSdg8SlOpiMWH+QiQbC th3AO+uOxZwYqmvbJa+RFzGjXBMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ+Ilyn 0TKwwIs1tKc1gh545dGhJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmE1OTA0NGQtZWM3ZS00NWZmLWE1YmItYjlhYjU0ZjVjZmI4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlRMA0G CSqGSIb3DQEBCwUAA4IBAQAAo2kDRkWl9fKlFHjSqSdqRAiuc50Zhb0MxacIhnRi k3ROucAyqkn+kkfU0Dr+mWAqJzJrb+v4ALv2fQoHLHUqGFAMaOrvVEPBrgOVCn5y RXqsJsVENdaiSG2A/npRruZwyHN3fHfdyhfo/agEm160ELi4U/zKnkdkYD+jJeA5 UNJCjSeHXU6kurUrYu98l+VBEScJMZwA1qjij7YQXImDqY5afNbbheyFdXaBalCW rf0DtVor42796o9qxkrmQIeqYfMFbR6ioUhijPzliqHdR1UhMVFz5BFqCcW0LO0v hB0HW8UPXvon5sxYi0oPpvBfcCCf0M3ZXxjMQ1x2SILk -----END CERTIFICATE-----Generated at Thu Jan 22 22:15:45 2026 by rpki-client