This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa File: 620d46e8-bb13-40cd-8918-677590eaf682.roa (raw, json) Hash identifier: U3e7D/jnzEovUXgr29OlP5oW3tWXcAHLhnNpzh16WQM= Subject key identifier: 43:A1:13:A4:BA:00:FE:9B:CE:2A:DB:E4:17:7E:7B:AA:97:A2:CE:64 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3B24D35A7D323844FE461DC22F9E7C0CCF7EC71E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa Signing time: Wed 10 Dec 2025 06:50:34 +0000 ROA not before: Wed 10 Dec 2025 06:50:34 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.226.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:24:d3:5a:7d:32:38:44:fe:46:1d:c2:2f:9e:7c:0c:cf:7e:c7:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:34 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=dff5abb536e37a7b24d1364674d76c9cffe5862d6943eeb318316d6c71907763, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2e:02:f0:ba:ce:b3:38:6a:c4:82:2d:94:05: cd:ab:72:4b:11:4b:4b:63:bb:1f:d5:d9:b2:1b:4e: 4e:96:64:60:30:ad:62:46:b2:28:4b:33:98:1f:7f: 6d:ba:83:92:d7:be:bd:41:81:32:e8:58:3e:7a:b3: e9:42:6e:b4:03:ac:39:c6:e3:5c:05:70:15:ad:c0: e5:3c:0b:92:14:4d:b7:45:fd:2d:f4:1b:c7:e3:4c: 7c:05:aa:ab:b9:e0:e1:06:76:b9:6a:7c:ea:64:79: 55:e1:07:28:d6:40:77:81:71:32:3f:06:11:70:50: b8:4e:eb:84:c7:da:bd:0d:cf:4d:e2:18:a4:c7:a1: be:84:48:8e:b3:68:36:7f:15:0e:f1:18:b0:0a:14: 11:14:76:af:2b:0f:17:4b:10:0d:eb:92:2a:90:31: cb:10:56:20:ad:aa:ae:47:89:78:63:98:3c:f5:99: e0:fd:62:5a:01:0e:57:ec:90:e2:b0:2e:f3:cf:87: e4:c0:22:38:e6:96:8f:15:61:ec:b4:55:5c:18:65: db:f8:36:dc:1e:08:d8:e0:be:45:22:28:79:3f:fd: 14:50:67:50:c7:ff:45:c3:98:ce:dd:dd:10:3a:46: d1:9d:50:6b:6d:10:14:0d:7b:cc:25:e8:a5:1a:55: 74:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:A1:13:A4:BA:00:FE:9B:CE:2A:DB:E4:17:7E:7B:AA:97:A2:CE:64 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.226.0.0/15 Signature Algorithm: sha256WithRSAEncryption 5e:78:30:7a:4e:78:49:d9:f1:e9:eb:6d:f0:b5:87:17:7d:3f: a4:75:00:6b:2d:bc:9f:cb:b4:35:33:18:60:85:6f:ca:90:0f: 1b:22:d0:52:d3:2b:8f:5e:0f:04:43:a4:7c:4e:3c:ad:14:60: 9e:2f:40:d8:64:05:d2:fa:44:31:b3:66:bd:c1:2e:24:95:bc: 12:37:79:2a:ca:00:b5:db:76:97:03:8a:94:dc:31:55:fc:de: e9:bc:38:e1:c3:03:30:b1:ce:2a:96:6e:4b:bf:68:11:43:3c: 66:00:a0:4f:35:a4:dd:d3:1b:4b:9e:37:e1:f9:e5:30:c1:45: 2a:14:70:ac:0f:a7:9d:cd:88:8e:14:49:1d:ea:6d:2c:5d:91: d5:34:ee:41:d5:52:3d:de:9f:64:b9:38:ed:ae:da:4a:78:de: 5e:13:66:bf:6a:b2:da:fd:f6:4a:82:26:cf:f4:03:a2:f9:9f: 39:43:da:94:c5:c2:ed:5c:80:c4:d9:b4:b7:1c:4b:48:38:05: ea:28:5b:54:4d:7c:ef:ee:33:51:c4:52:4a:35:32:77:ce:37: 76:2d:d5:fe:9d:7e:f7:72:15:a3:13:63:47:15:78:52:ea:e7: ed:b0:13:49:c1:c4:91:95:8a:4a:38:27:da:f7:d4:bd:cb:2d: 3c:77:e4:05 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUOyTTWn0yOET+Rh3CL558DM9+xx4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGRmZjVhYmI1MzZlMzdhN2IyNGQxMzY0Njc0ZDc2YzljZmZlNTg2MmQ2OTQz ZWViMzE4MzE2ZDZjNzE5MDc3NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwuAvC6zrM4asSCLZQFzatySxFLS2O7H9XZshtOTpZkYDCtYkayKEszmB9/ bbqDkte+vUGBMuhYPnqz6UJutAOsOcbjXAVwFa3A5TwLkhRNt0X9LfQbx+NMfAWq q7ng4QZ2uWp86mR5VeEHKNZAd4FxMj8GEXBQuE7rhMfavQ3PTeIYpMehvoRIjrNo Nn8VDvEYsAoUERR2rysPF0sQDeuSKpAxyxBWIK2qrkeJeGOYPPWZ4P1iWgEOV+yQ 4rAu88+H5MAiOOaWjxVh7LRVXBhl2/g23B4I2OC+RSIoeT/9FFBnUMf/RcOYzt3d EDpG0Z1Qa20QFA17zCXopRpVdM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRDoROk ugD+m84q2+QXfnuql6LOZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NjIwZDQ2ZTgtYmIxMy00MGNkLTg5MTgtNjc3NTkwZWFmNjgyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G CSqGSIb3DQEBCwUAA4IBAQBeeDB6TnhJ2fHp623wtYcXfT+kdQBrLbyfy7Q1Mxhg hW/KkA8bItBS0yuPXg8EQ6R8TjytFGCeL0DYZAXS+kQxs2a9wS4klbwSN3kqygC1 23aXA4qU3DFV/N7pvDjhwwMwsc4qlm5Lv2gRQzxmAKBPNaTd0xtLnjfh+eUwwUUq FHCsD6edzYiOFEkd6m0sXZHVNO5B1VI93p9kuTjtrtpKeN5eE2a/arLa/fZKgibP 9AOi+Z85Q9qUxcLtXIDE2bS3HEtIOAXqKFtUTXzv7jNRxFJKNTJ3zjd2LdX+nX73 chWjE2NHFXhS6uftsBNJwcSRlYpKOCfa99S9yy08d+QF -----END CERTIFICATE-----Generated at Fri Jan 9 00:51:54 2026 by rpki-client