This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa File: 4a35eec8-470f-4ad0-852b-9006065bbbb0.roa (raw, json) Hash identifier: 07mCyDr/vh1gcOMpmA8YR0JajREWBUDpUbpGGmsyxgM= Subject key identifier: 3D:E5:2B:AD:BA:8B:DE:31:6C:E1:F0:AC:E5:08:9C:5F:13:69:20:56 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5BAD8953F7933523E10C8B5A1009DEC0D5368101 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa Signing time: Wed 10 Dec 2025 06:40:17 +0000 ROA not before: Wed 10 Dec 2025 06:40:17 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.166.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:ad:89:53:f7:93:35:23:e1:0c:8b:5a:10:09:de:c0:d5:36:81:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:17 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3696dc4d8b2a6eefed7ee8bdaa487548eb7f78283fbd78851993a0cb1d2051fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:f4:53:f3:d1:63:3f:26:78:e7:de:c1:a3:fe: ee:b3:de:9c:9d:f1:ec:4a:0e:08:f8:5c:c9:11:1e: 29:51:3c:aa:12:ec:9a:85:61:cc:18:05:5f:d9:27: 26:db:16:70:4e:b0:91:f5:df:cd:d0:8b:5c:cc:dd: b6:2e:c5:53:5b:9f:e6:06:53:ee:dc:4d:ae:71:b3: 31:94:be:75:b6:09:f8:4a:07:e3:ed:0c:7c:fb:fc: d9:d9:0a:d1:d1:14:6a:95:b6:b9:f1:9f:42:c3:89: 0d:ad:55:51:c9:95:14:bf:44:14:b5:aa:f1:19:1e: da:b0:ab:29:45:db:5e:f4:70:21:dd:d4:7b:8d:71: 51:90:ba:95:01:b7:5f:1f:4d:f9:ea:03:07:e5:c5: 47:88:d5:a7:48:a4:b0:f2:7f:87:61:2e:6d:44:78: c3:38:95:05:6d:eb:5d:18:23:c5:ae:36:68:da:fc: b4:fd:b3:b8:70:fb:7f:d0:ff:f0:eb:4c:7d:53:b7: 88:98:f4:f9:77:2e:f3:d6:2d:99:7d:33:bc:82:5b: 78:38:84:88:56:85:23:17:0e:b2:71:b1:95:73:1a: 1c:10:95:ef:a9:22:35:b6:a1:9c:f3:c8:65:16:8c: 14:37:22:e7:59:89:0d:d1:34:86:65:36:a4:39:24: de:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:E5:2B:AD:BA:8B:DE:31:6C:E1:F0:AC:E5:08:9C:5F:13:69:20:56 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.166.0.0/15 Signature Algorithm: sha256WithRSAEncryption af:55:44:19:00:10:c3:89:4b:f1:2c:1c:08:5e:af:f7:7f:0c: c5:4c:3f:ab:75:bd:8b:85:e9:dd:43:a6:37:b3:77:7a:57:bd: 78:f9:4c:d0:77:b8:be:62:dd:1c:f3:46:ad:d1:f6:54:f9:17: cc:c3:2c:56:e3:2f:87:0f:56:33:68:4e:53:04:d1:f9:49:07: cb:8e:35:8d:54:10:90:71:2e:3a:3a:e0:79:1c:d3:5b:15:e3: 08:51:00:d0:94:31:54:ac:ad:bd:99:da:cb:9c:ce:b4:77:f3: 57:0b:2b:3c:cf:c4:32:5d:69:0e:1d:ac:c3:17:10:da:b1:04: 88:52:06:ae:a1:65:36:a9:c9:04:df:12:38:6d:11:83:f3:06: 2c:09:a8:5e:13:b3:87:12:17:10:48:44:ea:da:38:80:7b:c9: ae:c9:74:0c:10:53:48:9f:cd:ac:26:e9:dd:52:45:70:b8:43: 52:42:4a:a4:7a:92:6b:1d:5a:72:c6:99:81:ff:66:35:cd:61: 69:78:da:a8:9b:ac:12:96:2d:94:46:c0:3c:78:ec:30:e3:bf: ca:d4:55:67:51:26:72:bc:b6:2c:da:4d:e4:e6:2a:e1:82:65: 0d:8b:d2:a2:a3:74:6e:d8:fb:c4:ed:9c:bf:7d:43:0c:c3:0b: 58:06:93:dc -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUW62JU/eTNSPhDItaEAnewNU2gQEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMTdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDM2OTZkYzRkOGIyYTZlZWZlZDdlZThiZGFhNDg3NTQ4ZWI3Zjc4MjgzZmJk Nzg4NTE5OTNhMGNiMWQyMDUxZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANX0U/PRYz8meOfewaP+7rPenJ3x7EoOCPhcyREeKVE8qhLsmoVhzBgFX9kn JtsWcE6wkfXfzdCLXMzdti7FU1uf5gZT7txNrnGzMZS+dbYJ+EoH4+0MfPv82dkK 0dEUapW2ufGfQsOJDa1VUcmVFL9EFLWq8Rke2rCrKUXbXvRwId3Ue41xUZC6lQG3 Xx9N+eoDB+XFR4jVp0iksPJ/h2EubUR4wziVBW3rXRgjxa42aNr8tP2zuHD7f9D/ 8OtMfVO3iJj0+Xcu89YtmX0zvIJbeDiEiFaFIxcOsnGxlXMaHBCV76kiNbahnPPI ZRaMFDci51mJDdE0hmU2pDkk3kkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ95Sut uoveMWzh8KzlCJxfE2kgVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NGEzNWVlYzgtNDcwZi00YWQwLTg1MmItOTAwNjA2NWJiYmIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G CSqGSIb3DQEBCwUAA4IBAQCvVUQZABDDiUvxLBwIXq/3fwzFTD+rdb2LhendQ6Y3 s3d6V714+UzQd7i+Yt0c80at0fZU+RfMwyxW4y+HD1YzaE5TBNH5SQfLjjWNVBCQ cS46OuB5HNNbFeMIUQDQlDFUrK29mdrLnM60d/NXCys8z8QyXWkOHazDFxDasQSI UgauoWU2qckE3xI4bRGD8wYsCaheE7OHEhcQSETq2jiAe8muyXQMEFNIn82sJund UkVwuENSQkqkepJrHVpyxpmB/2Y1zWFpeNqom6wSli2URsA8eOww47/K1FVnUSZy vLYs2k3k5irhgmUNi9Kio3Ru2PvE7Zy/fUMMwwtYBpPc -----END CERTIFICATE-----Generated at Thu Jan 22 22:18:53 2026 by rpki-client