This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json) Hash identifier: OZLiwtxhioryulM8kpFCyNyBcjTArz73j6piiLcD6jY= Subject key identifier: 9D:BD:40:21:C7:56:61:DA:30:FB:63:26:AB:71:DB:E3:25:FE:7C:E5 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7F50F88B208D7C68479E144B187FCC1AD97AB1D0 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa Signing time: Wed 10 Dec 2025 06:30:15 +0000 ROA not before: Wed 10 Dec 2025 06:30:15 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.139.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:50:f8:8b:20:8d:7c:68:47:9e:14:4b:18:7f:cc:1a:d9:7a:b1:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:15 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=bb311f1a950ebb05375be724789375b5a3c644d697b68f95fe91e824ad24fc18, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1f:b1:80:18:2e:ce:f6:11:3d:38:b0:7e:ff: 20:6d:e8:94:eb:ee:93:f9:45:ac:70:b8:17:34:1d: 63:04:a0:72:2a:fa:b6:0c:7d:c7:91:99:e9:24:e8: 63:37:25:16:7a:4c:04:08:dd:32:b3:80:c2:6f:4b: 2c:b1:91:7a:66:40:e3:e9:62:c2:06:36:73:89:93: 30:f7:73:bb:25:4f:e0:dd:03:4f:b9:51:39:7c:30: f2:fb:b6:5d:a1:4f:85:a7:9b:5b:02:e4:6c:f4:70: ad:34:87:6d:f4:df:39:5c:f1:54:7d:c0:8e:8a:e2: aa:da:e9:c7:71:8e:5a:f9:a4:63:0e:af:ec:2b:4e: ce:71:db:45:54:64:66:9f:5e:51:13:16:31:49:12: 41:71:a6:a4:8d:2d:01:08:78:10:56:00:44:30:70: 90:82:c2:7e:27:a8:ac:b2:d4:f5:14:47:a7:49:64: 02:19:42:f6:af:67:4e:0c:44:2c:01:bd:29:d6:be: 0f:05:54:99:a6:b8:25:6d:0e:49:c3:36:f8:f1:be: 53:38:ad:c8:0f:b4:63:31:7c:c0:01:82:7d:b9:9b: 15:d0:b5:95:d7:2a:27:6b:f7:99:a9:db:52:da:e2: a7:a9:af:bb:43:ec:48:96:f6:d1:da:dd:aa:fa:ff: f8:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:BD:40:21:C7:56:61:DA:30:FB:63:26:AB:71:DB:E3:25:FE:7C:E5 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.139.0.0/16 Signature Algorithm: sha256WithRSAEncryption 80:f7:06:9f:a6:28:5d:71:0c:1c:79:b8:5d:d9:9b:06:b3:8a: c6:88:83:e8:1a:1c:a3:3c:3d:c2:a2:42:04:e8:3d:32:a2:34: 90:f9:65:11:c3:c9:d2:0e:2f:cc:f4:f1:74:2f:c3:c5:63:34: 41:88:e7:79:0f:76:b7:23:dc:ac:10:3a:16:98:4e:94:d2:e6: 5d:74:6d:8b:3a:fb:aa:a2:ac:8b:d5:a6:e3:77:7a:34:b4:e0: d6:45:82:6e:b2:12:60:6c:ee:f3:64:5f:bc:58:10:60:98:bc: 34:b8:a2:84:73:c6:da:29:25:22:07:06:4e:ca:1a:f2:89:57: 32:9c:cf:57:fe:45:7d:e7:39:d6:61:80:a5:c4:01:4a:f4:c2: fa:e8:96:a5:ef:2f:3f:da:55:1e:7f:f0:05:8f:82:87:2a:8b: 2d:2c:a9:2b:22:c1:e2:2b:4b:f4:fa:f4:7e:5d:71:dd:79:94: 90:16:f5:38:16:7e:90:8e:09:39:5a:1e:ac:ed:1c:35:5d:04: 6b:13:c6:09:53:94:b3:61:a2:47:86:42:19:11:c9:6c:33:e1: 07:70:8b:57:68:87:9e:7d:5d:5e:4e:24:17:4c:b3:69:84:db: 0a:6d:c2:68:ba:c4:f6:23:9f:41:ee:8d:4b:67:eb:12:90:50: 29:5f:65:5c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUf1D4iyCNfGhHnhRLGH/MGtl6sdAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJiMzExZjFhOTUwZWJiMDUzNzViZTcyNDc4OTM3NWI1YTNjNjQ0ZDY5N2I2 OGY5NWZlOTFlODI0YWQyNGZjMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKofsYAYLs72ET04sH7/IG3olOvuk/lFrHC4FzQdYwSgcir6tgx9x5GZ6STo YzclFnpMBAjdMrOAwm9LLLGRemZA4+liwgY2c4mTMPdzuyVP4N0DT7lROXww8vu2 XaFPhaebWwLkbPRwrTSHbfTfOVzxVH3Ajoriqtrpx3GOWvmkYw6v7CtOznHbRVRk Zp9eURMWMUkSQXGmpI0tAQh4EFYARDBwkILCfieorLLU9RRHp0lkAhlC9q9nTgxE LAG9Kda+DwVUmaa4JW0OScM2+PG+UzityA+0YzF8wAGCfbmbFdC1ldcqJ2v3manb Utrip6mvu0PsSJb20drdqvr/+M0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSdvUAh x1Zh2jD7YyarcdvjJf585TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G CSqGSIb3DQEBCwUAA4IBAQCA9wafpihdcQwcebhd2ZsGs4rGiIPoGhyjPD3CokIE 6D0yojSQ+WURw8nSDi/M9PF0L8PFYzRBiOd5D3a3I9ysEDoWmE6U0uZddG2LOvuq oqyL1abjd3o0tODWRYJushJgbO7zZF+8WBBgmLw0uKKEc8baKSUiBwZOyhryiVcy nM9X/kV95znWYYClxAFK9ML66Jal7y8/2lUef/AFj4KHKostLKkrIsHiK0v0+vR+ XXHdeZSQFvU4Fn6Qjgk5Wh6s7Rw1XQRrE8YJU5SzYaJHhkIZEclsM+EHcItXaIee fV1eTiQXTLNphNsKbcJousT2I59B7o1LZ+sSkFApX2Vc -----END CERTIFICATE-----Generated at Tue Dec 16 21:16:19 2025 by rpki-client