This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json) Hash identifier: TyIQfs2hkoS9/VGKtCz/KAt4CeAXv/VXk+AFq50qrOA= Subject key identifier: 2B:A6:CC:E8:87:6F:DC:36:FC:DA:76:ED:0E:42:1D:97:E9:0C:EB:65 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6502C639A31DCB5161220EED53C79AB603110183 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa Signing time: Wed 10 Dec 2025 06:50:45 +0000 ROA not before: Wed 10 Dec 2025 06:50:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.32.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:02:c6:39:a3:1d:cb:51:61:22:0e:ed:53:c7:9a:b6:03:11:01:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=27dd9631848045ac05c456724d28d884d89f6eabbe2d67272e733b8bee791220, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:78:02:7f:14:0c:66:b7:f0:c4:95:0d:ce:21: 90:b3:cd:3f:04:e8:16:bf:92:12:42:30:0a:0a:7a: af:77:07:68:76:3b:7e:27:35:94:01:db:52:80:a7: 20:21:50:96:f2:f1:88:c8:5d:45:3a:f5:28:05:bc: 74:24:7f:3a:b0:3a:85:7a:95:29:8d:bb:cc:a0:b7: 05:a3:78:7e:49:02:4e:23:a0:3e:14:60:b2:54:29: 92:4d:4d:bc:44:0e:1d:c8:27:1e:4c:f8:65:dd:9d: aa:ff:b0:fa:74:e8:95:54:a4:28:11:d6:0d:4b:b6: df:da:66:7b:62:d3:3e:65:3c:16:af:88:ac:e7:48: ca:5c:0a:d6:d9:1e:74:4a:5e:a9:a3:16:7b:1b:fa: 8c:6d:f6:ec:d2:53:81:8a:37:e4:59:29:1e:45:8c: 76:6a:a3:08:10:67:a9:b4:3d:89:bf:e1:9e:2e:a7: 36:40:4f:6a:a2:a6:e2:0e:6e:b6:b8:f2:29:cb:7d: 3d:b6:f6:77:97:68:9f:c0:92:15:d6:d1:5d:2a:85: c4:4f:52:b5:4d:f3:c6:bf:9c:9c:30:62:3f:4b:b7: 9d:32:80:1b:5b:36:68:53:e1:73:4d:02:69:fa:cb: 96:4b:0d:07:3a:60:06:e2:7d:96:a8:c6:5f:69:a0: 20:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:A6:CC:E8:87:6F:DC:36:FC:DA:76:ED:0E:42:1D:97:E9:0C:EB:65 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.32.0.0/16 Signature Algorithm: sha256WithRSAEncryption 78:04:13:60:88:6f:07:5e:de:28:e3:ce:8e:ab:d1:d3:bd:0f: 6c:75:ff:96:ac:ec:5d:3f:fa:78:de:bc:7a:1a:2d:8e:cf:56: 8e:df:4a:4d:3c:c2:99:a0:de:a3:34:e4:ec:66:f5:9e:05:7f: 0c:ee:42:8a:58:d6:b9:aa:4f:94:0d:49:c1:f4:33:54:13:87: 3c:8e:b8:25:90:fb:3a:a9:fa:50:3d:43:e3:db:19:e2:f1:a6: 8f:b0:d3:48:8f:c2:12:3e:dd:2e:4e:df:fc:b8:2b:f0:bc:82: c3:f3:66:bc:eb:54:97:23:55:69:1b:eb:a0:3b:32:70:35:50: 92:7d:67:c6:a3:8b:90:7d:1b:53:d0:79:7f:e3:ce:12:26:f4: 5e:b6:03:fa:94:9f:c0:93:aa:15:17:4a:05:0e:3f:66:36:98: 17:3b:77:aa:5a:b1:cc:61:14:e2:35:cc:57:34:92:16:a5:9e: 1b:16:54:e4:a8:7c:82:11:11:b1:09:7a:69:80:24:35:dc:7b: 1c:d4:cb:7c:45:f3:2d:ca:7f:a9:2c:10:a2:4f:35:9f:e0:e4: 3a:e1:21:98:90:b8:88:d5:e7:7b:7c:8f:ad:2d:2d:37:59:78: a2:c2:c5:63:e8:8a:01:76:e0:92:1a:c2:52:94:65:cb:25:db: 18:94:0a:14 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUZQLGOaMdy1FhIg7tU8eatgMRAYMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI3ZGQ5NjMxODQ4MDQ1YWMwNWM0NTY3MjRkMjhkODg0ZDg5ZjZlYWJiZTJk NjcyNzJlNzMzYjhiZWU3OTEyMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANJ4An8UDGa38MSVDc4hkLPNPwToFr+SEkIwCgp6r3cHaHY7fic1lAHbUoCn ICFQlvLxiMhdRTr1KAW8dCR/OrA6hXqVKY27zKC3BaN4fkkCTiOgPhRgslQpkk1N vEQOHcgnHkz4Zd2dqv+w+nTolVSkKBHWDUu239pme2LTPmU8Fq+IrOdIylwK1tke dEpeqaMWexv6jG327NJTgYo35FkpHkWMdmqjCBBnqbQ9ib/hni6nNkBPaqKm4g5u trjyKct9Pbb2d5don8CSFdbRXSqFxE9StU3zxr+cnDBiP0u3nTKAG1s2aFPhc00C afrLlksNBzpgBuJ9lqjGX2mgIPUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQrpszo h2/cNvzadu0OQh2X6QzrZTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G CSqGSIb3DQEBCwUAA4IBAQB4BBNgiG8HXt4o486Oq9HTvQ9sdf+WrOxdP/p43rx6 Gi2Oz1aO30pNPMKZoN6jNOTsZvWeBX8M7kKKWNa5qk+UDUnB9DNUE4c8jrglkPs6 qfpQPUPj2xni8aaPsNNIj8ISPt0uTt/8uCvwvILD82a861SXI1VpG+ugOzJwNVCS fWfGo4uQfRtT0Hl/484SJvRetgP6lJ/Ak6oVF0oFDj9mNpgXO3eqWrHMYRTiNcxX NJIWpZ4bFlTkqHyCERGxCXppgCQ13Hsc1Mt8RfMtyn+pLBCiTzWf4OQ64SGYkLiI 1ed7fI+tLS03WXiiwsVj6IoBduCSGsJSlGXLJdsYlAoU -----END CERTIFICATE-----Generated at Thu Jan 22 22:19:47 2026 by rpki-client