This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json) Hash identifier: huPpP3gdVmLSu3KCI8IB2qaWjTriP7P5uWMeoR8BGtM= Subject key identifier: 6C:EB:DC:79:22:B4:BE:4E:D5:A5:3C:1A:6D:6B:74:4A:64:D4:73:80 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0F24B27FF575218E4721B4D54EBE8AE2A27A0FAE Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa Signing time: Wed 10 Dec 2025 06:30:13 +0000 ROA not before: Wed 10 Dec 2025 06:30:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.114.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:24:b2:7f:f5:75:21:8e:47:21:b4:d5:4e:be:8a:e2:a2:7a:0f:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3a58bef428bf0f1441f26c1a260aab718cc0ccac6c32a3c460082e7c56b56c98, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:6c:71:74:db:e8:22:67:bb:d7:82:b0:61:a7: 97:b2:64:8e:1c:87:c3:2a:fd:03:63:e7:be:82:ca: 11:b7:3c:3d:dc:84:01:ec:0f:96:f4:b6:a3:af:66: ba:a6:b2:75:d0:90:80:cb:15:ff:92:1c:6b:a0:d3: a7:c6:e5:a2:af:3a:ca:4b:cb:a5:aa:bf:6c:4c:6e: 72:83:1b:8a:5d:76:68:c9:a3:cb:87:13:79:fa:41: 2b:8c:8a:bb:36:38:7a:1d:a6:dd:c9:8b:b8:a0:1f: 55:71:f1:fd:41:80:e3:46:d5:e7:67:6b:ce:93:cc: 06:ed:a7:6c:cd:b7:2b:f3:ba:b5:d4:13:d1:0b:d9: 7d:fd:54:30:79:2c:71:a8:61:c8:a6:b9:c6:ec:c7: 48:ae:47:43:38:1f:57:d5:16:0b:18:20:c2:80:52: 1f:10:71:96:fc:47:fd:e7:28:c6:d9:c4:2d:cf:50: f7:ed:05:ce:d0:06:8a:67:af:dd:87:16:89:5e:f8: 71:37:5c:dc:71:fd:2f:6b:c1:c1:51:fb:10:06:2d: 5e:77:6b:4c:6a:e9:21:10:f8:b0:45:6d:90:26:58: e9:14:83:28:29:c5:77:e5:82:e2:7b:0f:85:cc:0f: 0b:c4:5b:3c:71:b4:2e:9a:d8:ff:8f:18:b4:1b:e8: 08:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:EB:DC:79:22:B4:BE:4E:D5:A5:3C:1A:6D:6B:74:4A:64:D4:73:80 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.114.0.0/16 Signature Algorithm: sha256WithRSAEncryption d5:02:fa:09:b0:50:98:7d:f0:d3:e9:c4:8e:9d:dc:ff:7d:09: e4:05:f4:33:d5:ec:80:a8:7f:6a:cc:3a:f2:78:ed:6e:13:e4: 21:cf:59:a9:93:78:7b:f0:6c:66:2d:83:51:4b:ed:b4:b8:c7: ef:52:2f:68:26:74:9f:bc:2f:71:40:72:37:3c:79:7e:6f:28: 01:a1:9a:06:53:f0:63:f0:09:1e:e8:59:90:63:07:29:8e:cd: 90:a9:81:7a:22:b5:f0:6d:6c:29:59:88:28:fe:52:7b:7d:51: e9:36:8b:ad:17:71:4d:12:7c:39:9f:02:d3:72:55:a5:5b:93: 67:d3:6e:3f:5d:27:89:e3:6a:28:72:ea:76:88:ad:94:28:93: 54:db:f1:36:b9:9e:24:1f:33:9c:69:ba:22:96:da:4c:17:9f: 24:38:eb:13:80:dc:1e:fc:80:99:40:8c:eb:47:74:f3:1b:ac: f6:b1:45:28:84:45:7e:30:48:d8:1f:b6:7b:43:10:12:70:53: fd:eb:7e:89:e6:8b:a3:8a:a9:d3:ad:50:7b:fa:22:1d:c2:2b: 71:a9:17:54:2a:50:1f:00:8e:09:a4:98:28:a7:4f:b4:fb:ae: c3:af:fd:9b:97:9a:da:32:77:15:3c:32:a8:46:8b:f2:b8:2f: 4d:25:a0:1b -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUDySyf/V1IY5HIbTVTr6K4qJ6D64wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNhNThiZWY0MjhiZjBmMTQ0MWYyNmMxYTI2MGFhYjcxOGNjMGNjYWM2YzMy YTNjNDYwMDgyZTdjNTZiNTZjOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANFscXTb6CJnu9eCsGGnl7JkjhyHwyr9A2PnvoLKEbc8PdyEAewPlvS2o69m uqayddCQgMsV/5Ica6DTp8bloq86ykvLpaq/bExucoMbil12aMmjy4cTefpBK4yK uzY4eh2m3cmLuKAfVXHx/UGA40bV52drzpPMBu2nbM23K/O6tdQT0QvZff1UMHks cahhyKa5xuzHSK5HQzgfV9UWCxggwoBSHxBxlvxH/ecoxtnELc9Q9+0FztAGimev 3YcWiV74cTdc3HH9L2vBwVH7EAYtXndrTGrpIRD4sEVtkCZY6RSDKCnFd+WC4nsP hcwPC8RbPHG0LprY/48YtBvoCKkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRs69x5 IrS+TtWlPBpta3RKZNRzgDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G CSqGSIb3DQEBCwUAA4IBAQDVAvoJsFCYffDT6cSOndz/fQnkBfQz1eyAqH9qzDry eO1uE+Qhz1mpk3h78GxmLYNRS+20uMfvUi9oJnSfvC9xQHI3PHl+bygBoZoGU/Bj 8Ake6FmQYwcpjs2QqYF6IrXwbWwpWYgo/lJ7fVHpNoutF3FNEnw5nwLTclWlW5Nn 024/XSeJ42oocup2iK2UKJNU2/E2uZ4kHzOcaboiltpMF58kOOsTgNwe/ICZQIzr R3TzG6z2sUUohEV+MEjYH7Z7QxAScFP9636J5oujiqnTrVB7+iIdwitxqRdUKlAf AI4JpJgop0+0+67Dr/2bl5raMncVPDKoRovyuC9NJaAb -----END CERTIFICATE-----Generated at Thu Dec 18 08:34:54 2025 by rpki-client