This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json) Hash identifier: DhMY02bAzakhbU5hZeoPnk8WCMlzlShWVkFlR9V7Q90= Subject key identifier: 5E:32:EA:56:3A:DD:7F:0B:61:97:71:1D:24:3C:86:40:74:41:3D:37 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4C2723578B8B922874EDACE30D592A43251B12BA Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa Signing time: Wed 10 Dec 2025 06:40:24 +0000 ROA not before: Wed 10 Dec 2025 06:40:24 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.60.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:27:23:57:8b:8b:92:28:74:ed:ac:e3:0d:59:2a:43:25:1b:12:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:24 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e632565a70fcf376d66280bf12bd750c844ce161a30594a2c65a554dd540caf1, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:0d:51:13:b1:14:a3:f6:c7:f5:b1:ef:a8:18: 13:3f:dc:b9:b5:92:57:a6:48:52:3e:6b:1b:a2:69: ce:78:d3:55:22:d3:c7:d0:da:cf:86:b0:e4:85:62: 50:14:e0:b1:01:2a:95:9a:f0:1c:db:ba:12:d5:cf: 60:94:4d:0d:d4:31:2a:73:22:48:36:6e:3e:07:f4: ee:87:04:49:fa:cd:88:64:53:46:c4:57:a4:28:0e: a9:c7:95:89:fa:b6:56:8e:8e:44:8f:5b:41:c1:58: 79:e0:f6:8e:cc:b9:38:e0:20:30:17:dd:d7:91:a7: 02:29:60:c4:2f:57:91:1b:36:75:c6:68:2e:73:78: 9f:bd:a5:12:53:12:62:50:1b:38:ff:9a:a4:c2:75: 7a:ed:60:57:a1:82:73:ee:a7:9b:c2:d5:ea:9d:9b: cc:82:e9:a0:fb:15:ec:6e:45:ba:70:a4:94:ed:36: ef:d1:f3:11:d4:ca:46:31:d1:35:29:d8:b0:fb:15: 8b:ea:63:4b:50:35:1b:0b:b0:65:ad:2f:39:4e:a0: 89:20:92:b2:8d:fa:05:ef:3d:8e:28:81:a5:f5:e5: e5:ca:a3:15:57:d8:ee:f9:85:7f:9f:66:c8:9c:15: c8:f9:fd:5f:1d:b2:99:cd:d8:3f:50:b9:30:6b:b2: 57:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:32:EA:56:3A:DD:7F:0B:61:97:71:1D:24:3C:86:40:74:41:3D:37 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.60.0.0/16 Signature Algorithm: sha256WithRSAEncryption 33:de:69:e4:1e:0a:4c:da:53:ad:1e:0e:5a:36:6e:eb:87:e4: 75:54:ba:20:34:6c:09:89:ef:f7:d1:49:b6:4b:9d:ae:e6:33: e2:e4:4e:37:cd:16:dc:fe:23:54:18:25:bd:eb:ca:ac:84:2e: cd:1d:20:a4:15:3c:3d:43:02:ad:1b:9b:6b:42:7a:ad:5f:40: a6:2d:7d:c9:39:4d:45:d5:ba:15:36:7e:83:79:fa:22:33:1c: c7:55:05:70:4f:df:91:2b:61:04:8a:1a:38:4b:f7:4d:13:43: 71:78:a2:28:89:4f:b9:4d:85:07:5d:d8:12:df:a9:3f:1c:9e: ae:39:8a:4f:4b:26:e3:e6:25:56:10:d0:0d:4d:16:47:a8:d2: 64:5c:2b:20:a9:ad:55:2f:c4:e1:42:00:e2:a4:95:01:c2:4e: f4:ad:53:db:fb:92:9a:a0:f0:38:d7:d3:9d:e3:58:fe:95:1a: 2e:92:86:9b:bc:0d:6b:0d:6c:0b:2f:e7:57:1b:c9:85:41:48: 0e:d6:ca:ec:78:c1:6d:fb:b5:09:f4:ce:f1:16:1b:86:1f:d0: b9:ee:fc:de:d3:57:6b:a2:3a:8d:5c:ee:50:63:fb:b3:2d:fa: 08:b0:61:bd:7a:12:0c:50:57:7d:04:0a:0c:58:01:7a:79:d3: 3c:70:3d:ca -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUTCcjV4uLkih07azjDVkqQyUbErowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMjRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU2MzI1NjVhNzBmY2YzNzZkNjYyODBiZjEyYmQ3NTBjODQ0Y2UxNjFhMzA1 OTRhMmM2NWE1NTRkZDU0MGNhZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOgNUROxFKP2x/Wx76gYEz/cubWSV6ZIUj5rG6JpznjTVSLTx9Daz4aw5IVi UBTgsQEqlZrwHNu6EtXPYJRNDdQxKnMiSDZuPgf07ocESfrNiGRTRsRXpCgOqceV ifq2Vo6ORI9bQcFYeeD2jsy5OOAgMBfd15GnAilgxC9XkRs2dcZoLnN4n72lElMS YlAbOP+apMJ1eu1gV6GCc+6nm8LV6p2bzILpoPsV7G5FunCklO0279HzEdTKRjHR NSnYsPsVi+pjS1A1GwuwZa0vOU6giSCSso36Be89jiiBpfXl5cqjFVfY7vmFf59m yJwVyPn9Xx2ymc3YP1C5MGuyV8MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBReMupW Ot1/C2GXcR0kPIZAdEE9NzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G CSqGSIb3DQEBCwUAA4IBAQAz3mnkHgpM2lOtHg5aNm7rh+R1VLogNGwJie/30Um2 S52u5jPi5E43zRbc/iNUGCW968qshC7NHSCkFTw9QwKtG5trQnqtX0CmLX3JOU1F 1boVNn6DefoiMxzHVQVwT9+RK2EEiho4S/dNE0NxeKIoiU+5TYUHXdgS36k/HJ6u OYpPSybj5iVWENANTRZHqNJkXCsgqa1VL8ThQgDipJUBwk70rVPb+5KaoPA419Od 41j+lRoukoabvA1rDWwLL+dXG8mFQUgO1srseMFt+7UJ9M7xFhuGH9C57vze01dr ojqNXO5QY/uzLfoIsGG9ehIMUFd9BAoMWAF6edM8cD3K -----END CERTIFICATE-----Generated at Mon Dec 15 16:49:24 2025 by rpki-client