This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json) Hash identifier: 8sXNNE1R6DHLCSbEEtfgrIVajuMyYvF0FLyydJX0BCU= Subject key identifier: 01:62:7E:01:93:86:AB:4C:F5:06:61:A3:34:04:A0:C0:E6:2D:90:C1 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 557309275BC830BE669491F76E6367ADAB7ED771 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa Signing time: Wed 10 Dec 2025 06:40:23 +0000 ROA not before: Wed 10 Dec 2025 06:40:23 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.82.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:73:09:27:5b:c8:30:be:66:94:91:f7:6e:63:67:ad:ab:7e:d7:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:23 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=edc5870b9092c719e8a2866cfb94e17ddfd3769b7894186ab86c8dc2002f18df, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:f2:be:b7:8e:0a:57:0b:29:7d:98:36:11:f5: e0:22:0d:ba:8c:0b:8e:14:6a:8e:fd:01:9a:1f:57: df:7a:c3:c7:7b:3d:bf:4d:e8:db:ae:b7:0d:ed:d6: 69:b0:1c:29:09:1e:4a:0c:84:bb:c5:1b:7e:ef:c6: cb:2f:da:63:2a:21:c4:77:07:f6:9b:d1:06:d3:80: b4:5f:af:0d:d0:b9:39:df:f1:e0:30:4e:df:69:29: 02:1c:f5:64:45:0c:bd:d9:45:fe:d2:a6:aa:0f:b0: d9:41:13:7f:5f:83:44:8f:4e:43:8f:05:95:64:b1: 2a:28:46:65:ed:0c:2b:67:4e:31:8d:06:70:4a:b9: b1:a2:fd:23:5e:48:41:6b:30:13:91:a4:45:f3:3f: 48:6d:2b:fe:b9:2c:14:ea:4f:8a:2e:34:16:b1:74: 8d:22:a1:f2:3a:41:93:ad:d7:66:6a:ae:c3:e9:92: 3b:3a:ae:5e:6c:13:ef:1f:5e:1b:91:4e:1b:7b:44: f8:4c:7c:d0:c8:23:aa:1b:29:4a:11:58:80:2d:c2: 56:54:ff:39:d0:e0:83:d0:af:53:12:eb:ee:6e:a2: 43:4e:99:c5:33:3b:36:9b:7a:ef:a2:2c:f7:6d:0d: 74:13:9b:21:99:26:a6:1e:7c:70:68:70:95:2b:e5: 31:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:62:7E:01:93:86:AB:4C:F5:06:61:A3:34:04:A0:C0:E6:2D:90:C1 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.82.0.0/16 Signature Algorithm: sha256WithRSAEncryption 6d:1d:e3:ca:33:4f:87:61:a6:ad:ec:b3:5c:4d:e8:c6:da:1c: 4f:99:92:bf:91:9f:65:bd:24:65:1d:fc:dd:22:92:d2:38:99: 7d:0d:e9:22:d7:99:25:58:b2:6b:17:9e:ed:a6:46:18:f8:0b: 38:12:f4:2c:1b:38:1e:13:e2:cc:1e:fb:0f:40:f3:4e:3c:32: c8:55:d0:c4:0c:86:43:24:19:c2:c6:f4:01:64:31:9b:1f:a8: 07:a1:ee:5e:61:b9:18:be:07:7f:0b:2d:9c:b7:70:7e:5c:79: 49:07:a1:9f:27:64:28:99:b7:8e:3e:9f:3f:02:e6:c2:b2:76: 84:36:8f:40:0f:be:f0:62:2d:0a:be:92:a1:f8:ba:d5:09:95: 15:be:fb:f1:58:67:c8:91:bb:3b:c4:21:da:3c:c1:a6:d9:e8: d1:d4:5b:c3:52:f2:fe:de:43:e0:d7:12:a8:c8:e9:53:a1:46: 99:76:5e:02:61:17:a2:da:69:55:50:e9:b1:99:f2:0d:2c:5f: 9e:fc:50:ce:c6:e4:89:f7:90:96:3c:96:2f:9b:2f:3f:45:4b: 9d:be:37:7f:a6:58:5b:bd:2f:56:6b:a8:9f:5c:f9:68:3e:a2: 6c:a2:ae:7d:7d:1f:b1:f0:57:5d:d8:b0:8d:6c:b8:81:95:e7: 90:b7:4b:af -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUVXMJJ1vIML5mlJH3bmNnrat+13EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMjNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVkYzU4NzBiOTA5MmM3MTllOGEyODY2Y2ZiOTRlMTdkZGZkMzc2OWI3ODk0 MTg2YWI4NmM4ZGMyMDAyZjE4ZGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOfyvreOClcLKX2YNhH14CINuowLjhRqjv0Bmh9X33rDx3s9v03o2663De3W abAcKQkeSgyEu8Ubfu/Gyy/aYyohxHcH9pvRBtOAtF+vDdC5Od/x4DBO32kpAhz1 ZEUMvdlF/tKmqg+w2UETf1+DRI9OQ48FlWSxKihGZe0MK2dOMY0GcEq5saL9I15I QWswE5GkRfM/SG0r/rksFOpPii40FrF0jSKh8jpBk63XZmquw+mSOzquXmwT7x9e G5FOG3tE+Ex80MgjqhspShFYgC3CVlT/OdDgg9CvUxLr7m6iQ06ZxTM7Npt676Is 920NdBObIZkmph58cGhwlSvlMfUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQBYn4B k4arTPUGYaM0BKDA5i2QwTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G CSqGSIb3DQEBCwUAA4IBAQBtHePKM0+HYaat7LNcTejG2hxPmZK/kZ9lvSRlHfzd IpLSOJl9Deki15klWLJrF57tpkYY+As4EvQsGzgeE+LMHvsPQPNOPDLIVdDEDIZD JBnCxvQBZDGbH6gHoe5eYbkYvgd/Cy2ct3B+XHlJB6GfJ2QombeOPp8/AubCsnaE No9AD77wYi0KvpKh+LrVCZUVvvvxWGfIkbs7xCHaPMGm2ejR1FvDUvL+3kPg1xKo yOlToUaZdl4CYRei2mlVUOmxmfINLF+e/FDOxuSJ95CWPJYvmy8/RUudvjd/plhb vS9Wa6ifXPloPqJsoq59fR+x8Fdd2LCNbLiBleeQt0uv -----END CERTIFICATE-----Generated at Fri Dec 12 11:10:04 2025 by rpki-client