This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json) Hash identifier: k9Z8c5K2g9oJpkvan3Sm/0Kojc0vYmBGJNHhIKKVf6I= Subject key identifier: BF:5C:A9:DA:32:16:3E:76:B2:78:70:51:49:24:F1:4F:0E:8A:EF:A7 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 224D174065F901BE36E79DD98E90C3F9240577C0 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa Signing time: Wed 10 Dec 2025 06:50:08 +0000 ROA not before: Wed 10 Dec 2025 06:50:08 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.176.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:4d:17:40:65:f9:01:be:36:e7:9d:d9:8e:90:c3:f9:24:05:77:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:08 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=11a406d1588cf37a471340ec8e3ed110d25416269a10b7a6b01264f02158c22b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b9:db:f4:42:47:d2:1c:6c:ee:f0:1c:d1:99: 8b:6c:7a:c9:61:b4:a6:8e:bf:3f:ad:c4:a8:a5:c4: 56:55:f0:ae:eb:ec:cd:32:17:1c:b5:b6:f4:ac:34: e1:9d:bb:b8:80:d8:8b:1f:ee:ca:1f:b8:80:46:25: 09:87:7b:1b:24:0e:c1:86:5c:f7:2c:ce:24:6e:41: 14:5f:78:c3:69:7c:8a:fe:91:e2:83:85:98:a2:70: 0d:1a:5a:4d:53:53:fd:15:14:f9:65:27:8d:5b:12: 2b:72:1c:64:29:f1:98:d9:40:c8:60:34:e4:d8:4c: 1a:a0:3f:f1:cf:83:97:a0:a9:0f:b7:8e:08:d6:68: c8:68:09:db:36:d2:7b:1b:1a:33:fe:c3:03:05:9f: b5:25:1e:61:a5:74:85:2d:5c:1d:5e:ec:63:ea:52: 5c:b1:bf:f6:1c:60:c8:71:49:dc:c5:e9:a1:c7:50: cc:77:33:74:7b:ff:5b:65:c6:b5:93:9b:97:48:7a: 10:25:70:51:7a:dd:f6:8f:b2:25:d7:76:d9:dd:6c: 5e:48:01:db:b6:2f:f6:d3:cd:c6:64:80:58:01:04: 44:a3:f6:7c:03:61:31:a4:59:e4:8f:df:26:4f:d7: c1:64:a7:06:aa:7a:03:cb:0c:58:43:bf:d0:8a:ad: 6d:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:5C:A9:DA:32:16:3E:76:B2:78:70:51:49:24:F1:4F:0E:8A:EF:A7 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.176.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7f:2b:03:dc:9f:fd:18:56:65:8f:b4:2a:6a:22:34:e7:e6:c3: 4c:93:de:dd:7f:1f:4e:22:68:d2:5e:33:0f:3e:94:a1:9a:68: 4d:86:80:f2:4d:04:d4:b5:c7:7d:d0:4c:56:17:52:5b:68:1d: 26:d7:01:c0:01:8f:3c:61:e0:d7:a3:2f:18:68:9f:69:1d:b0: 5f:69:f4:1b:ab:2d:9a:5b:3c:11:85:00:1c:98:24:f8:ad:07: cb:f0:26:99:bb:15:5a:9a:1b:93:8a:68:b0:f4:d0:b9:66:08: 37:cf:db:a0:62:00:37:f1:05:14:6e:68:81:64:65:d1:fb:a0: 68:9b:7d:9c:f8:bf:34:52:b1:63:8f:ac:4a:5d:04:cb:bf:d0: 48:e7:2a:65:18:c3:3a:d6:a5:e2:e2:b3:dd:4f:47:b2:ea:74: 79:f9:ea:35:c8:a9:46:cb:39:14:ce:db:23:55:88:8d:43:55: 6c:05:8a:9e:47:55:62:d0:ef:d7:d1:78:f7:4b:e0:ec:24:e9: 48:77:b3:a5:20:80:d2:b5:ba:9b:35:40:92:46:64:4a:5a:6e: 1e:9c:b6:64:94:8a:e7:87:b6:4b:5b:98:7a:47:b0:23:7b:82: 91:d4:fe:4d:5c:96:f0:91:1f:50:fc:63:4e:7a:20:7f:43:14: ab:c3:13:68 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUIk0XQGX5Ab42553ZjpDD+SQFd8AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDExYTQwNmQxNTg4Y2YzN2E0NzEzNDBlYzhlM2VkMTEwZDI1NDE2MjY5YTEw YjdhNmIwMTI2NGYwMjE1OGMyMmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMG52/RCR9IcbO7wHNGZi2x6yWG0po6/P63EqKXEVlXwruvszTIXHLW29Kw0 4Z27uIDYix/uyh+4gEYlCYd7GyQOwYZc9yzOJG5BFF94w2l8iv6R4oOFmKJwDRpa TVNT/RUU+WUnjVsSK3IcZCnxmNlAyGA05NhMGqA/8c+Dl6CpD7eOCNZoyGgJ2zbS exsaM/7DAwWftSUeYaV0hS1cHV7sY+pSXLG/9hxgyHFJ3MXpocdQzHczdHv/W2XG tZObl0h6ECVwUXrd9o+yJdd22d1sXkgB27Yv9tPNxmSAWAEERKP2fANhMaRZ5I/f Jk/XwWSnBqp6A8sMWEO/0IqtbZsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/XKna MhY+drJ4cFFJJPFPDorvpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G CSqGSIb3DQEBCwUAA4IBAQB/KwPcn/0YVmWPtCpqIjTn5sNMk97dfx9OImjSXjMP PpShmmhNhoDyTQTUtcd90ExWF1JbaB0m1wHAAY88YeDXoy8YaJ9pHbBfafQbqy2a WzwRhQAcmCT4rQfL8CaZuxVamhuTimiw9NC5Zgg3z9ugYgA38QUUbmiBZGXR+6Bo m32c+L80UrFjj6xKXQTLv9BI5yplGMM61qXi4rPdT0ey6nR5+eo1yKlGyzkUztsj VYiNQ1VsBYqeR1Vi0O/X0Xj3S+DsJOlId7OlIIDStbqbNUCSRmRKWm4enLZklIrn h7ZLW5h6R7Aje4KR1P5NXJbwkR9Q/GNOeiB/QxSrwxNo -----END CERTIFICATE-----Generated at Sun Dec 21 16:04:51 2025 by rpki-client