This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/971d110a-753d-40c9-8ca6-28f0090c8f7e.roa File: 971d110a-753d-40c9-8ca6-28f0090c8f7e.roa (raw, json) Hash identifier: 2XV1NYLm8j40I2ry2ITU3Ll5Lcv4VMpZCoItGtrBx34= Subject key identifier: 97:59:1E:F2:D4:04:80:5F:56:8C:A4:47:37:59:25:9B:38:99:EE:2B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4342C9BE0F47CF0FE40A84C5DA5BDB2C35CD1D5E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/971d110a-753d-40c9-8ca6-28f0090c8f7e.roa Signing time: Tue 20 Jan 2026 17:22:59 +0000 ROA not before: Tue 20 Jan 2026 17:22:59 +0000 ROA not after: Mon 20 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 57.87.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:42:c9:be:0f:47:cf:0f:e4:0a:84:c5:da:5b:db:2c:35:cd:1d:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Jan 20 17:22:59 2026 GMT Not After : Apr 20 23:59:59 2026 GMT Subject: serialNumber=735e9cc748fc711329238a5b36c492accda8693db3680ac41d0fd47fd3f20ebc, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:24:cb:1b:0f:a4:cd:20:c0:33:5a:e8:b4:86: b1:a9:22:3f:a0:22:fc:51:36:ba:a6:cc:48:81:81: 69:b2:62:a6:f8:46:29:1e:a9:b4:43:cc:e3:e4:73: f2:55:28:6d:d2:61:19:89:85:2a:3b:a3:4f:63:11: ee:b0:46:87:ed:dd:94:9c:f1:14:6a:c2:5f:61:96: a1:b5:9f:e9:87:40:07:99:3f:10:d6:61:4d:4f:3f: ff:6b:74:e4:ba:28:ec:83:ac:5e:fb:5b:c4:45:7d: 3e:05:96:6e:82:b1:6f:77:9e:94:01:ad:44:26:a6: a4:91:41:3f:51:82:23:53:09:e7:f5:bc:50:f6:25: 36:6a:78:4b:5b:25:96:fd:81:38:08:ed:25:d5:39: 77:9d:13:1c:7a:33:29:2c:69:25:ac:6e:ed:41:9d: fe:3e:00:75:98:05:a3:f8:f3:43:64:ed:93:3c:10: 56:84:6a:ac:a2:c2:cb:bc:fd:bc:4d:e0:de:6d:c9: 16:2b:14:88:ea:24:68:03:a6:ca:c3:ce:8a:cf:8a: 45:8d:8a:76:65:c9:e4:ef:51:33:76:33:52:cb:1a: 60:c0:9f:98:00:1d:67:a2:38:d2:af:da:f5:18:78: cb:20:91:ae:1f:ba:c1:70:33:5c:02:0f:49:66:d8: f7:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:59:1E:F2:D4:04:80:5F:56:8C:A4:47:37:59:25:9B:38:99:EE:2B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/971d110a-753d-40c9-8ca6-28f0090c8f7e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.87.0.0/16 Signature Algorithm: sha256WithRSAEncryption 19:9a:eb:84:4c:08:28:34:9d:ae:62:c8:f0:f8:ea:f2:8e:4f: 72:81:e7:e9:3f:dc:8f:a8:e2:fc:45:05:b9:7b:03:78:aa:81: df:40:64:7a:3a:dd:88:65:23:ca:be:96:fc:f6:73:81:ab:11: 96:18:2b:41:2a:81:36:4a:f0:3f:d6:cc:42:c4:e1:bc:ee:5b: f0:c2:ec:86:9b:b7:9e:ea:90:34:0d:17:f7:d1:56:d0:72:52: 6e:ae:f6:eb:53:73:ad:9b:55:8b:94:65:5e:4f:ac:31:57:7c: 51:cb:9b:77:df:12:8e:c3:bc:17:a9:40:9c:0e:4e:99:c7:5b: 2d:d6:63:da:81:56:96:09:e3:2e:df:f2:ac:52:4a:92:c9:9c: 27:89:02:4a:2b:11:5c:8d:9d:c3:e6:2a:68:a3:3e:d1:9e:2a: cb:4b:38:1b:be:63:ed:9f:df:a8:44:98:31:48:25:4e:cd:6c: 08:4c:d7:00:de:b4:b8:10:a8:b3:a4:c9:88:30:95:ae:74:cf: 00:2e:7d:4e:b0:0d:70:0a:a0:e8:50:ee:f6:18:bb:0c:63:e5: 17:47:a2:0a:a8:e9:a4:a2:de:43:44:60:52:b2:a6:6f:6e:ed: 74:10:2c:bd:7b:28:03:40:15:65:c5:69:9d:86:7a:4b:a9:55: 88:5b:a0:03 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUQ0LJvg9Hzw/kCoTF2lvbLDXNHV4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNjAxMjAxNzIyNTlaFw0yNjA0MjAyMzU5NTlaMHoxSTBHBgNV BAUTQDczNWU5Y2M3NDhmYzcxMTMyOTIzOGE1YjM2YzQ5MmFjY2RhODY5M2RiMzY4 MGFjNDFkMGZkNDdmZDNmMjBlYmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYkyxsPpM0gwDNa6LSGsakiP6Ai/FE2uqbMSIGBabJipvhGKR6ptEPM4+Rz 8lUobdJhGYmFKjujT2MR7rBGh+3dlJzxFGrCX2GWobWf6YdAB5k/ENZhTU8//2t0 5Loo7IOsXvtbxEV9PgWWboKxb3eelAGtRCampJFBP1GCI1MJ5/W8UPYlNmp4S1sl lv2BOAjtJdU5d50THHozKSxpJaxu7UGd/j4AdZgFo/jzQ2TtkzwQVoRqrKLCy7z9 vE3g3m3JFisUiOokaAOmysPOis+KRY2KdmXJ5O9RM3YzUssaYMCfmAAdZ6I40q/a 9Rh4yyCRrh+6wXAzXAIPSWbY90MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXWR7y 1ASAX1aMpEc3WSWbOJnuKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTcxZDExMGEtNzUzZC00MGM5LThjYTYtMjhmMDA5MGM4ZjdlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlXMA0G CSqGSIb3DQEBCwUAA4IBAQAZmuuETAgoNJ2uYsjw+Oryjk9ygefpP9yPqOL8RQW5 ewN4qoHfQGR6Ot2IZSPKvpb89nOBqxGWGCtBKoE2SvA/1sxCxOG87lvwwuyGm7ee 6pA0DRf30VbQclJurvbrU3Otm1WLlGVeT6wxV3xRy5t33xKOw7wXqUCcDk6Zx1st 1mPagVaWCeMu3/KsUkqSyZwniQJKKxFcjZ3D5ipooz7RnirLSzgbvmPtn9+oRJgx SCVOzWwITNcA3rS4EKizpMmIMJWudM8ALn1OsA1wCqDoUO72GLsMY+UXR6IKqOmk ot5DRGBSsqZvbu10ECy9eygDQBVlxWmdhnpLqVWIW6AD -----END CERTIFICATE-----Generated at Thu Jan 22 22:15:43 2026 by rpki-client