This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json) Hash identifier: z03g20l8kznSntBErWABpClVTe9TLPdteews01e2fdQ= Subject key identifier: 3B:FE:60:E7:C4:FE:B9:14:B8:58:99:F4:18:B5:97:AD:1E:4B:23:C0 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5A55C7AC174D49489B143E187F9A99AEF6C91DB9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa Signing time: Wed 10 Dec 2025 06:30:11 +0000 ROA not before: Wed 10 Dec 2025 06:30:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.90.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:55:c7:ac:17:4d:49:48:9b:14:3e:18:7f:9a:99:ae:f6:c9:1d:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=31c9eba5a5c7c151a794a67aa1d1b06b79df579f8e5b933895dc44a02070d4f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:39:21:ca:73:b1:09:20:0b:e8:d9:3f:29:92: 09:8b:54:bf:d6:98:b4:37:73:c0:35:3f:e5:9f:3f: 3c:8e:3e:c8:7b:55:42:cf:01:81:1d:ed:4b:d7:7e: 01:12:06:64:93:7f:35:c7:35:03:68:32:bd:d0:ce: aa:68:f6:d3:b3:e3:2b:6b:6e:b5:93:f5:bd:0c:e8: e4:58:24:ef:e5:2f:2d:c1:58:9d:ab:ac:5d:7b:24: 02:47:c4:6f:d7:fd:ef:69:99:6a:cf:ea:5f:6c:d0: be:10:c4:bc:d9:1b:89:50:20:51:c3:c9:9c:2a:71: c7:8d:ea:65:5c:f0:24:cc:e7:b2:6f:e7:a6:38:85: 55:a9:8c:c8:d2:a6:36:31:3e:38:82:b3:49:45:1c: 47:43:03:b1:b1:80:85:7a:b1:73:b3:d4:9d:ae:6b: e0:18:bd:45:7c:e0:1c:1a:38:6d:0a:6d:da:50:6a: 4d:a0:ea:a1:7f:4b:5d:a4:9d:29:ed:e4:2f:04:bc: 61:87:6b:a5:02:47:54:ed:26:b8:72:55:c9:41:15: 86:56:df:c0:3d:a8:8d:37:5c:8b:d9:38:c7:f7:e6: ac:e4:78:5c:a3:d6:94:0b:54:71:ad:33:51:9d:2e: d5:50:ae:11:85:ee:85:ac:92:50:b3:e0:bb:7f:48: 9a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:FE:60:E7:C4:FE:B9:14:B8:58:99:F4:18:B5:97:AD:1E:4B:23:C0 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.90.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1a:f2:50:ce:85:6f:54:9d:7d:d6:c6:01:1c:a7:53:47:e5:fd: 5e:c2:fa:af:17:64:26:f9:47:94:a6:dd:7e:ec:26:b5:fc:48: dd:34:a4:b9:9c:b6:b9:bc:40:73:c1:ee:fa:f4:76:b6:c2:19: a6:bb:69:b9:d6:44:d6:8c:ab:2e:3e:61:5b:69:b3:c4:0a:cb: 12:a4:50:81:13:05:f3:da:cd:7d:42:8f:0e:b3:e0:12:66:aa: 41:51:e3:6e:68:a1:63:9a:ea:dd:c3:c0:c9:2b:03:06:0c:65: a3:4a:0b:b4:a6:2b:72:c2:6a:30:b6:0a:63:a4:af:c5:40:e3: 8b:6f:13:8d:5b:b3:40:00:25:3b:c8:1e:3f:06:a6:79:1c:be: 3c:0b:d8:03:08:7d:6b:11:b3:00:a4:ba:67:96:35:4f:2b:59: 1e:7b:d5:a7:bd:bb:50:c0:c1:e6:4e:47:0d:08:f6:23:a4:e0: 5e:cc:dc:a6:f3:bb:09:49:d3:e0:85:b7:bb:ae:04:95:8a:0f: 07:fa:58:e4:c8:58:00:25:60:bf:20:21:4f:87:48:fe:9d:c7: 21:9f:1e:37:eb:74:61:09:bb:35:ec:f5:09:84:c7:bf:92:e7: 1d:a8:d7:86:9d:63:8c:c6:86:44:0b:12:05:c6:5a:92:c2:18: ee:6b:9e:15 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUWlXHrBdNSUibFD4Yf5qZrvbJHbkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDMxYzllYmE1YTVjN2MxNTFhNzk0YTY3YWExZDFiMDZiNzlkZjU3OWY4ZTVi OTMzODk1ZGM0NGEwMjA3MGQ0ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALA5IcpzsQkgC+jZPymSCYtUv9aYtDdzwDU/5Z8/PI4+yHtVQs8BgR3tS9d+ ARIGZJN/Ncc1A2gyvdDOqmj207PjK2tutZP1vQzo5Fgk7+UvLcFYnausXXskAkfE b9f972mZas/qX2zQvhDEvNkbiVAgUcPJnCpxx43qZVzwJMznsm/npjiFVamMyNKm NjE+OIKzSUUcR0MDsbGAhXqxc7PUna5r4Bi9RXzgHBo4bQpt2lBqTaDqoX9LXaSd Ke3kLwS8YYdrpQJHVO0muHJVyUEVhlbfwD2ojTdci9k4x/fmrOR4XKPWlAtUca0z UZ0u1VCuEYXuhaySULPgu39Imi0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7/mDn xP65FLhYmfQYtZetHksjwDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G CSqGSIb3DQEBCwUAA4IBAQAa8lDOhW9UnX3WxgEcp1NH5f1ewvqvF2Qm+UeUpt1+ 7Ca1/EjdNKS5nLa5vEBzwe769Ha2whmmu2m51kTWjKsuPmFbabPECssSpFCBEwXz 2s19Qo8Os+ASZqpBUeNuaKFjmurdw8DJKwMGDGWjSgu0pitywmowtgpjpK/FQOOL bxONW7NAACU7yB4/BqZ5HL48C9gDCH1rEbMApLpnljVPK1kee9WnvbtQwMHmTkcN CPYjpOBezNym87sJSdPghbe7rgSVig8H+ljkyFgAJWC/ICFPh0j+ncchnx4363Rh Cbs17PUJhMe/kucdqNeGnWOMxoZECxIFxlqSwhjua54V -----END CERTIFICATE-----Generated at Thu Dec 18 15:29:31 2025 by rpki-client