This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json) Hash identifier: Tz8FqQAMww5IbMyvMj+C99q2SyvcZaQGqfbUoMdQfSE= Subject key identifier: A5:3B:E0:01:2E:61:33:CA:CB:9C:5C:99:E8:FF:39:55:C9:E9:02:F2 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7E1D0352CBE86F0B01CF204A9FE13284F689168E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa Signing time: Wed 10 Dec 2025 06:40:23 +0000 ROA not before: Wed 10 Dec 2025 06:40:23 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.188.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:1d:03:52:cb:e8:6f:0b:01:cf:20:4a:9f:e1:32:84:f6:89:16:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:23 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=27f0db8f15a0b87382048036596a7d283dcac179f131f7c3a96d67c6eeef6c25, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:16:ec:b2:dd:09:32:e5:7c:fc:69:d2:b3:0a: 49:94:38:67:40:b3:3e:ba:8e:ef:ed:95:0b:69:0a: 67:8b:3a:31:69:68:38:d0:72:ea:64:b2:e1:67:d7: 2c:9b:1e:3d:55:6f:c6:64:82:b2:5e:d6:c6:26:bb: 53:d0:a9:e4:83:d9:2d:80:00:1e:d5:54:f2:a4:9f: 6f:d7:9f:93:a4:3c:c9:dc:9c:9c:91:8c:9a:20:f7: 20:94:fd:5a:23:c9:c7:03:66:50:20:93:46:d2:bc: 55:42:b9:64:b7:db:81:8d:da:5c:3e:f6:9f:b4:ea: 11:ee:df:ee:f3:44:c2:70:cf:90:90:39:54:4d:82: 80:13:cf:20:2d:cf:01:82:25:be:35:05:7c:b2:62: d3:e1:4f:5d:eb:b4:32:84:3e:9a:20:21:04:aa:3f: cb:c7:f7:82:ef:ca:cd:c0:47:4e:44:cf:01:d0:7c: 80:24:95:55:cc:d7:5b:65:69:55:7d:10:46:8e:db: 15:b4:c1:22:a5:39:74:4f:0b:84:b7:80:d6:ba:b3: a5:03:36:aa:1b:8d:de:f5:65:37:54:5f:75:04:4b: de:75:d1:92:02:8a:bc:f3:5d:47:68:1b:f7:86:aa: c7:d9:ce:82:3e:76:7d:f0:f8:f3:2d:03:54:78:e0: ff:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:3B:E0:01:2E:61:33:CA:CB:9C:5C:99:E8:FF:39:55:C9:E9:02:F2 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.188.0.0/15 Signature Algorithm: sha256WithRSAEncryption 9e:34:80:88:2d:55:63:4b:15:58:be:3e:2f:8d:6f:aa:71:7f: 72:69:34:a5:48:7e:44:f0:93:11:46:24:40:1e:dd:20:01:33: 6d:f7:12:53:5f:4d:26:34:9b:b7:fb:c7:64:ba:e1:3e:c9:89: 37:d5:42:4a:1b:08:21:57:d3:7c:67:cb:20:c1:6b:8d:58:d9: 53:15:20:33:f1:f7:d9:ac:56:bd:aa:9b:00:4f:8d:df:ca:18: c9:f8:a9:57:28:e6:38:cd:f4:1d:81:2f:d5:e9:d3:65:43:ab: 11:5c:6f:2c:ab:86:86:d6:16:04:7d:90:ec:d7:71:ee:6d:11: 13:c6:7b:be:f6:5f:89:93:86:d4:50:45:76:e3:a2:25:f6:94: 91:0f:a5:07:ca:cc:b2:6f:25:a2:08:c5:46:b2:42:0b:bf:79: 28:3c:11:d3:ec:c3:c7:4d:a1:65:68:dc:f3:96:4d:cc:8d:66: e8:cd:18:14:5d:14:61:ae:b4:a1:b4:fe:30:86:a9:e0:48:75: ec:09:ee:22:af:3c:3b:e6:98:2e:07:b1:06:0a:16:03:1a:75: 2f:d1:d6:0a:e9:da:9b:8f:b1:c5:80:d5:b8:79:93:4f:ca:fa: df:dd:17:f6:1f:7a:0b:92:11:b3:d0:7a:58:16:ef:2e:99:2e: fb:1c:35:94 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUfh0DUsvobwsBzyBKn+EyhPaJFo4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMjNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI3ZjBkYjhmMTVhMGI4NzM4MjA0ODAzNjU5NmE3ZDI4M2RjYWMxNzlmMTMx ZjdjM2E5NmQ2N2M2ZWVlZjZjMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM4W7LLdCTLlfPxp0rMKSZQ4Z0CzPrqO7+2VC2kKZ4s6MWloONBy6mSy4WfX LJsePVVvxmSCsl7Wxia7U9Cp5IPZLYAAHtVU8qSfb9efk6Q8ydycnJGMmiD3IJT9 WiPJxwNmUCCTRtK8VUK5ZLfbgY3aXD72n7TqEe7f7vNEwnDPkJA5VE2CgBPPIC3P AYIlvjUFfLJi0+FPXeu0MoQ+miAhBKo/y8f3gu/KzcBHTkTPAdB8gCSVVczXW2Vp VX0QRo7bFbTBIqU5dE8LhLeA1rqzpQM2qhuN3vVlN1RfdQRL3nXRkgKKvPNdR2gb 94aqx9nOgj52ffD48y0DVHjg/4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSlO+AB LmEzysucXJno/zlVyekC8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G CSqGSIb3DQEBCwUAA4IBAQCeNICILVVjSxVYvj4vjW+qcX9yaTSlSH5E8JMRRiRA Ht0gATNt9xJTX00mNJu3+8dkuuE+yYk31UJKGwghV9N8Z8sgwWuNWNlTFSAz8ffZ rFa9qpsAT43fyhjJ+KlXKOY4zfQdgS/V6dNlQ6sRXG8sq4aG1hYEfZDs13HubRET xnu+9l+Jk4bUUEV246Il9pSRD6UHysyybyWiCMVGskILv3koPBHT7MPHTaFlaNzz lk3MjWbozRgUXRRhrrShtP4whqngSHXsCe4irzw75pguB7EGChYDGnUv0dYK6dqb j7HFgNW4eZNPyvrf3Rf2H3oLkhGz0HpYFu8umS77HDWU -----END CERTIFICATE-----Generated at Thu Jan 22 22:17:54 2026 by rpki-client