This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json) Hash identifier: ZytA+clM2uqmDWiH3AlUjq2vLjUX83XiqyKTgptiRjQ= Subject key identifier: 4C:EB:C2:7C:7F:AB:DB:0F:CA:AD:C9:99:82:13:5D:6C:C4:3D:0B:CC Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2DA830D240EDD23B7D011784DF3EA178D746E4A0 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa Signing time: Wed 10 Dec 2025 06:30:12 +0000 ROA not before: Wed 10 Dec 2025 06:30:12 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.127.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:a8:30:d2:40:ed:d2:3b:7d:01:17:84:df:3e:a1:78:d7:46:e4:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:12 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b8030b692b3a1f9eeb5165de16db9817c195604955b3033f34710d5dc8b6b78c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:45:9c:2f:ae:4e:a8:f8:3f:0b:d3:cb:c2:a5: e2:17:11:2c:ea:26:51:7a:a2:31:1e:39:17:6c:ca: 64:37:15:5c:9c:da:6c:56:f6:a2:2f:5f:d7:fa:3c: 79:c9:04:63:be:8a:cb:6f:ca:f4:39:71:44:ad:24: 2b:01:13:b0:9b:50:8f:9e:86:bf:8b:61:87:7a:5f: 9c:0e:09:80:9a:c9:0b:38:86:44:81:43:db:8e:1b: 71:80:56:68:03:f3:01:81:39:20:00:9f:67:19:7a: ab:31:e8:0b:63:31:13:ee:b1:c2:91:ab:04:ef:19: 41:0f:00:0b:af:78:47:c4:63:f9:9c:7a:7b:9f:4e: 11:1e:bf:c3:d2:e6:7e:a9:fd:46:f4:12:8a:cd:49: 95:71:de:f1:f5:ef:51:c4:d2:b4:04:82:af:fb:e3: 26:04:d4:6c:7c:d8:a4:c7:7e:8a:8c:38:22:94:80: 54:2e:86:14:ab:71:0a:09:66:72:73:fa:8f:e3:cc: 0c:01:1d:4d:bc:0e:3f:4e:00:f6:70:2d:a8:6a:fc: cb:72:6d:43:7b:82:a9:9b:74:e1:b8:79:ca:01:e2: 0f:b5:7c:87:61:88:82:77:e4:55:f9:dc:94:ed:4d: 49:93:59:0f:50:dd:1e:5e:9d:3f:27:29:0d:2a:2b: f2:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:EB:C2:7C:7F:AB:DB:0F:CA:AD:C9:99:82:13:5D:6C:C4:3D:0B:CC X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.127.0.0/16 Signature Algorithm: sha256WithRSAEncryption 4f:85:a8:b9:09:88:a0:43:b6:69:b9:18:78:b8:1b:ca:0e:a5: b7:f2:7b:cf:2e:60:a4:73:87:b0:0e:10:13:a3:48:4d:fb:a8: 0c:d7:df:8e:26:64:fa:c5:f0:c6:01:6b:c4:2e:dc:2b:18:fe: 0a:4b:76:ca:18:e0:4e:b8:27:51:25:f4:f9:7b:b4:ab:46:d9: 85:88:a6:84:6e:08:b0:3f:e1:b5:77:10:12:33:5d:59:ba:cb: c8:67:94:1f:3a:8a:ac:f0:50:2d:2f:f0:34:88:bb:4f:7e:de: 58:68:94:0c:49:28:0e:b3:ce:03:ba:b0:4e:f3:a5:a0:ec:83: bc:46:e8:34:e3:ad:77:e3:34:85:48:21:af:10:5a:1a:f0:42: 43:ac:0d:c2:7d:30:8b:e6:7b:a2:bc:0b:3d:6b:dd:f0:05:99: ac:a0:cc:59:42:ad:82:be:55:bf:44:c6:54:01:2b:b6:bb:3a: 13:d7:60:70:f1:3a:df:c1:9d:99:df:c2:fa:8e:c2:c7:55:34: ec:62:5b:e7:72:48:51:0f:6a:5c:01:e2:65:4d:eb:98:fe:42: 75:e4:ed:fd:6e:9a:a1:9f:60:4f:3a:b7:fb:2c:20:d4:18:2a: 9e:24:d9:03:5f:7c:05:07:e1:50:75:4c:aa:bb:db:73:65:7d: 8a:84:f5:19 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIULagw0kDt0jt9AReE3z6heNdG5KAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGI4MDMwYjY5MmIzYTFmOWVlYjUxNjVkZTE2ZGI5ODE3YzE5NTYwNDk1NWIz MDMzZjM0NzEwZDVkYzhiNmI3OGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOBFnC+uTqj4PwvTy8Kl4hcRLOomUXqiMR45F2zKZDcVXJzabFb2oi9f1/o8 eckEY76Ky2/K9DlxRK0kKwETsJtQj56Gv4thh3pfnA4JgJrJCziGRIFD244bcYBW aAPzAYE5IACfZxl6qzHoC2MxE+6xwpGrBO8ZQQ8AC694R8Rj+Zx6e59OER6/w9Lm fqn9RvQSis1JlXHe8fXvUcTStASCr/vjJgTUbHzYpMd+iow4IpSAVC6GFKtxCglm cnP6j+PMDAEdTbwOP04A9nAtqGr8y3JtQ3uCqZt04bh5ygHiD7V8h2GIgnfkVfnc lO1NSZNZD1DdHl6dPycpDSor8hMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRM68J8 f6vbD8qtyZmCE11sxD0LzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G CSqGSIb3DQEBCwUAA4IBAQBPhai5CYigQ7ZpuRh4uBvKDqW38nvPLmCkc4ewDhAT o0hN+6gM19+OJmT6xfDGAWvELtwrGP4KS3bKGOBOuCdRJfT5e7SrRtmFiKaEbgiw P+G1dxASM11ZusvIZ5QfOoqs8FAtL/A0iLtPft5YaJQMSSgOs84DurBO86Wg7IO8 Rug046134zSFSCGvEFoa8EJDrA3CfTCL5nuivAs9a93wBZmsoMxZQq2CvlW/RMZU ASu2uzoT12Bw8TrfwZ2Z38L6jsLHVTTsYlvnckhRD2pcAeJlTeuY/kJ15O39bpqh n2BPOrf7LCDUGCqeJNkDX3wFB+FQdUyqu9tzZX2KhPUZ -----END CERTIFICATE-----Generated at Thu Dec 18 07:59:17 2025 by rpki-client