This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json) Hash identifier: Q2PQFSCcC9zgPbe7vJS8DKJBSrro5HNr6Ti9MC/mtVs= Subject key identifier: 61:A2:52:93:18:24:8C:13:E7:C7:82:07:F1:5D:24:9B:F5:32:8D:90 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 493415D5A3A64699CEC8753572A33F35A1C45873 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa Signing time: Wed 10 Dec 2025 06:50:46 +0000 ROA not before: Wed 10 Dec 2025 06:50:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.180.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:34:15:d5:a3:a6:46:99:ce:c8:75:35:72:a3:3f:35:a1:c4:58:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=db7852acfe4206b60a56a1896ae77c1cba41af5d1e4fadcf2822f1c09d3695e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:99:d9:d7:96:8d:6d:53:16:9f:c2:58:5e:a5: 45:30:82:a6:ce:ac:5b:8a:80:e9:81:e1:ee:3f:02: 2e:15:b2:10:76:ac:dc:5b:41:36:90:55:5c:d9:09: c0:70:62:27:66:13:2c:5a:79:6e:ae:fc:80:9b:25: d7:dc:c7:ea:9b:1b:bc:50:c7:0f:eb:5a:20:0c:78: 7d:b6:23:9c:1a:1f:02:ff:cb:02:91:76:96:72:11: 1a:c5:c7:e2:bc:86:d6:5c:b2:e4:b5:d8:97:fd:ab: 88:10:87:24:db:5b:e7:28:77:25:f8:2e:e4:bc:36: 2f:ee:7c:a3:82:25:60:1e:18:e7:ae:c8:b4:7c:af: de:c7:3b:a8:25:09:cc:9f:33:36:aa:31:16:83:43: fd:3f:e9:d3:53:13:87:32:53:7c:fd:4e:48:04:bb: c4:65:5f:ed:9c:6b:74:41:09:34:d8:d7:20:fa:c8: 1b:ed:7a:04:d9:5e:2a:ce:97:63:9d:e9:b9:f1:18: 42:ca:e3:d2:28:01:6f:f8:4d:93:74:c4:c5:d8:29: 35:26:47:c0:f9:1b:9f:eb:2d:98:b4:34:42:c6:4c: a4:e7:30:ac:2b:c3:7e:10:2a:6e:e5:91:3f:fe:d9: 7b:81:60:63:8d:27:b7:9e:c4:67:4d:77:d5:0b:97: 20:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:A2:52:93:18:24:8C:13:E7:C7:82:07:F1:5D:24:9B:F5:32:8D:90 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.180.0.0/15 Signature Algorithm: sha256WithRSAEncryption 59:da:34:ba:82:78:c9:a0:92:87:90:fb:15:e6:f3:f2:17:6e: cd:ab:1d:d4:32:37:a3:7e:8a:dd:49:0b:fc:45:d3:bd:51:de: 90:45:2d:47:92:38:a9:45:43:18:5c:14:0c:8b:d5:40:84:99: b5:96:03:fe:96:91:3b:b2:72:2e:5d:2a:00:11:4a:35:5d:6c: 44:7d:ce:56:aa:ae:25:ee:dd:38:70:31:2a:b4:4e:c9:08:76: b7:34:17:e3:ac:db:4f:a7:0e:f8:bc:77:78:10:af:75:2c:e1: ca:f3:ef:eb:05:3d:1a:cf:cf:fc:bd:c1:3d:1a:01:7b:40:29: 46:a8:cd:3c:fb:0e:0c:9f:35:1a:7e:b1:57:6d:52:63:99:c7: 0c:5b:ab:52:bb:5d:46:c3:da:0a:b8:49:f2:2d:3a:89:b4:f0: d8:90:7a:dd:45:a3:5a:08:cc:2e:d2:a3:40:d4:be:99:d2:f0: 5c:49:7b:ae:4c:66:ff:ce:3c:7c:df:ac:db:be:96:8a:f9:d0: b0:e5:58:9d:a7:fe:e3:71:39:2a:32:fb:7e:0a:1f:cd:c1:f4: 34:37:18:6d:ce:68:74:c8:a2:34:2b:00:e8:97:9a:7e:6f:14: 8f:55:e9:26:7e:6e:7f:b6:8e:d6:9a:2d:7e:ac:86:32:66:ab: cc:81:c3:66 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUSTQV1aOmRpnOyHU1cqM/NaHEWHMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGRiNzg1MmFjZmU0MjA2YjYwYTU2YTE4OTZhZTc3YzFjYmE0MWFmNWQxZTRm YWRjZjI4MjJmMWMwOWQzNjk1ZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKOZ2deWjW1TFp/CWF6lRTCCps6sW4qA6YHh7j8CLhWyEHas3FtBNpBVXNkJ wHBiJ2YTLFp5bq78gJsl19zH6psbvFDHD+taIAx4fbYjnBofAv/LApF2lnIRGsXH 4ryG1lyy5LXYl/2riBCHJNtb5yh3Jfgu5Lw2L+58o4IlYB4Y567ItHyv3sc7qCUJ zJ8zNqoxFoND/T/p01MThzJTfP1OSAS7xGVf7ZxrdEEJNNjXIPrIG+16BNleKs6X Y53pufEYQsrj0igBb/hNk3TExdgpNSZHwPkbn+stmLQ0QsZMpOcwrCvDfhAqbuWR P/7Ze4FgY40nt57EZ0131QuXIB0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRholKT GCSME+fHggfxXSSb9TKNkDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G CSqGSIb3DQEBCwUAA4IBAQBZ2jS6gnjJoJKHkPsV5vPyF27Nqx3UMjejfordSQv8 RdO9Ud6QRS1HkjipRUMYXBQMi9VAhJm1lgP+lpE7snIuXSoAEUo1XWxEfc5Wqq4l 7t04cDEqtE7JCHa3NBfjrNtPpw74vHd4EK91LOHK8+/rBT0az8/8vcE9GgF7QClG qM08+w4MnzUafrFXbVJjmccMW6tSu11Gw9oKuEnyLTqJtPDYkHrdRaNaCMwu0qNA 1L6Z0vBcSXuuTGb/zjx836zbvpaK+dCw5Vidp/7jcTkqMvt+Ch/NwfQ0Nxhtzmh0 yKI0KwDol5p+bxSPVekmfm5/to7Wmi1+rIYyZqvMgcNm -----END CERTIFICATE-----Generated at Thu Jan 22 22:18:54 2026 by rpki-client