This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json) Hash identifier: 7WHSaWAZvpv8he2JWSKsRunUf0UtzgxQLZJ9scDVi+Y= Subject key identifier: 5E:00:F1:57:82:A9:7C:17:DC:57:EA:1E:8D:1E:ED:B8:90:39:72:06 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4E3FAD40386599BF1BDB3F0988082AFBA75802D1 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa Signing time: Wed 10 Dec 2025 06:50:35 +0000 ROA not before: Wed 10 Dec 2025 06:50:35 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.156.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:3f:ad:40:38:65:99:bf:1b:db:3f:09:88:08:2a:fb:a7:58:02:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:35 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3472cf674c5b2bfa6009614f7be3589f63d2a1038752c1ce1bb49c037af88a57, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:97:93:d9:c2:60:9e:a4:61:3a:8f:c9:b0:62: ca:df:e1:9f:65:de:5b:90:c3:84:6d:8a:b1:be:29: 05:2f:24:12:a1:91:93:30:5f:0d:43:6a:d5:b8:c6: c7:b7:be:33:44:ac:f5:e9:2b:06:d3:e5:63:ae:33: 2e:32:ab:2f:98:a4:e4:ba:6e:94:dd:59:29:eb:15: 7e:a6:ff:5c:51:51:c3:75:64:46:c4:67:5e:d5:63: 70:5f:bf:c9:c2:6e:da:d8:6c:d7:ac:14:bf:7d:28: ee:6f:e1:56:bc:84:9d:fb:d4:a2:64:76:d5:7d:de: d7:68:28:77:85:0b:56:9a:ff:58:a1:7c:82:50:3c: 01:62:29:02:93:82:ad:71:2c:ce:4a:13:13:e7:c4: 39:66:19:51:00:af:17:cc:5e:44:2a:a5:3c:d2:88: 30:f4:e0:c4:82:4d:94:14:62:f1:9d:4f:69:7d:56: 79:f8:e0:6e:6f:3e:12:8a:44:52:62:fd:e7:d4:51: 06:f8:30:ea:6b:11:70:f4:42:d7:4f:52:40:c3:37: 46:4a:4b:a0:a7:30:41:79:40:44:7f:fc:f6:40:7b: e2:c7:f1:a0:e4:65:e8:d1:ca:68:90:1a:63:bc:19: 75:bf:24:65:f2:b0:98:6d:eb:df:86:35:de:93:e0: 93:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:00:F1:57:82:A9:7C:17:DC:57:EA:1E:8D:1E:ED:B8:90:39:72:06 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.156.0.0/15 Signature Algorithm: sha256WithRSAEncryption 0e:0c:a7:42:29:e7:62:66:25:ef:0b:59:1c:58:80:46:a4:f6: cc:ce:f5:69:a9:a3:93:8d:75:84:49:95:c2:ce:33:79:b9:8e: ec:00:00:f1:22:21:32:05:fc:6d:76:ed:80:ca:fa:3a:78:88: 46:55:d6:51:ac:a2:f7:1b:ad:a4:db:53:38:d8:00:99:cc:e9: fb:ed:f3:a4:19:56:b1:79:10:6f:62:90:5e:e4:d2:38:c4:ad: 33:a6:55:8e:a6:01:af:9a:69:a5:31:db:b8:a7:67:7c:95:16: c7:5b:c8:91:6e:34:80:7d:cb:11:17:42:ed:29:49:c2:8c:a7: 92:a7:4f:c0:92:47:1c:fe:18:ae:94:76:44:70:41:ef:79:79: b8:a3:2a:5a:ab:55:df:26:0c:d4:36:b0:c0:9e:bd:a7:f3:a9: df:fa:6b:dc:8c:eb:e8:66:a6:4e:de:27:ff:71:9a:0e:76:ac: 2d:39:64:69:33:ea:15:78:75:66:9c:a9:90:b3:2d:98:09:ad: eb:45:50:f0:02:7d:4c:0d:c4:e7:0f:22:1f:e0:a6:f3:86:ce: 1b:47:d5:09:f5:11:c2:f2:7a:ac:4b:91:eb:4f:a0:23:8f:5c: bd:0b:39:34:c9:51:2c:45:8e:80:44:07:cf:0b:a9:24:65:cf: 27:08:4c:fc -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUTj+tQDhlmb8b2z8JiAgq+6dYAtEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDM0NzJjZjY3NGM1YjJiZmE2MDA5NjE0ZjdiZTM1ODlmNjNkMmExMDM4NzUy YzFjZTFiYjQ5YzAzN2FmODhhNTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANSXk9nCYJ6kYTqPybBiyt/hn2XeW5DDhG2Ksb4pBS8kEqGRkzBfDUNq1bjG x7e+M0Ss9ekrBtPlY64zLjKrL5ik5LpulN1ZKesVfqb/XFFRw3VkRsRnXtVjcF+/ ycJu2ths16wUv30o7m/hVryEnfvUomR21X3e12god4ULVpr/WKF8glA8AWIpApOC rXEszkoTE+fEOWYZUQCvF8xeRCqlPNKIMPTgxIJNlBRi8Z1PaX1Wefjgbm8+EopE UmL959RRBvgw6msRcPRC109SQMM3RkpLoKcwQXlARH/89kB74sfxoORl6NHKaJAa Y7wZdb8kZfKwmG3r34Y13pPgk4cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBReAPFX gql8F9xX6h6NHu24kDlyBjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G CSqGSIb3DQEBCwUAA4IBAQAODKdCKediZiXvC1kcWIBGpPbMzvVpqaOTjXWESZXC zjN5uY7sAADxIiEyBfxtdu2Ayvo6eIhGVdZRrKL3G62k21M42ACZzOn77fOkGVax eRBvYpBe5NI4xK0zplWOpgGvmmmlMdu4p2d8lRbHW8iRbjSAfcsRF0LtKUnCjKeS p0/Akkcc/hiulHZEcEHveXm4oypaq1XfJgzUNrDAnr2n86nf+mvcjOvoZqZO3if/ cZoOdqwtOWRpM+oVeHVmnKmQsy2YCa3rRVDwAn1MDcTnDyIf4Kbzhs4bR9UJ9RHC 8nqsS5HrT6Ajj1y9Czk0yVEsRY6ARAfPC6kkZc8nCEz8 -----END CERTIFICATE-----Generated at Fri Dec 12 10:55:36 2025 by rpki-client