This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json) Hash identifier: 7uKmsMyav5qt8mWtSK40zWaUtyHMJdtcm69jM/9YtR4= Subject key identifier: E3:EF:78:8C:AD:67:50:E9:FE:C9:78:2E:1B:57:17:F4:17:80:56:7C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 214ABBC70295CCA24570D8298364CEB10E5905AB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa Signing time: Thu 11 Dec 2025 01:00:25 +0000 ROA not before: Thu 11 Dec 2025 01:00:25 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:4a:bb:c7:02:95:cc:a2:45:70:d8:29:83:64:ce:b1:0e:59:05:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:25 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=431c320eafad8ef2ed6c474d75c674c1a0791971c7a9a17d00d65cc5aff30b45, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:14:ad:76:2c:d1:2c:3b:bb:47:4d:2d:97:9c: 92:de:66:ba:c8:39:46:29:46:03:6c:37:1b:b1:b1: 14:18:e8:83:d2:cc:8f:ee:5c:ee:b0:83:93:2c:86: c4:24:f0:e6:09:e6:d8:dc:5b:7c:45:55:1f:0d:8b: 39:10:cd:14:f6:e3:9c:d6:d3:1d:8b:a8:6f:f8:82: 18:92:31:a1:34:65:8e:b6:bf:29:ed:df:c1:d4:e2: 61:1f:04:24:c9:57:db:f2:9f:30:b1:ea:d8:e3:37: 0c:ad:81:0e:d4:3c:06:d2:01:a9:2d:16:85:41:da: df:0f:1c:4a:f3:84:3e:9b:f5:05:ad:ab:73:7d:73: 98:ef:c4:f3:c3:f3:67:16:73:2f:b0:94:68:5f:2c: d6:86:d7:ea:29:ee:a2:2d:2d:94:90:b8:92:25:1f: a2:13:60:96:0e:bc:4a:75:b1:06:fb:dc:42:c2:a1: 50:d3:a6:5e:bc:9e:6c:82:88:d3:d3:c9:b6:69:5b: e5:e7:ce:2d:4c:1e:c9:ad:2b:c6:28:07:6e:46:e7: 61:e0:5c:bb:05:01:39:ef:11:2b:1a:e0:92:fd:7b: 68:e1:76:f0:29:6b:68:8c:1c:28:dd:87:25:73:f2: 26:8e:70:23:59:26:9e:f2:19:48:ec:ed:0f:a6:1c: 77:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:EF:78:8C:AD:67:50:E9:FE:C9:78:2E:1B:57:17:F4:17:80:56:7C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.255.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:5d:52:9b:c9:46:a1:a9:8a:af:7a:34:33:b5:03:54:2d:ad: 13:a4:05:90:d6:a2:01:9f:4f:ff:42:c2:73:52:19:dd:4b:a4: 11:03:54:b7:c4:28:60:04:be:90:6b:78:02:86:31:c8:7b:ba: 08:76:62:98:a7:4a:1a:d2:e9:55:4a:5b:f8:3d:53:a9:32:a1: 3b:b5:ff:02:90:82:b9:db:45:40:ed:9b:6a:9f:bb:ac:a7:d0: 2b:2a:23:a1:fa:89:a7:be:83:4a:09:ce:74:9a:ed:ef:4e:2e: cb:bb:f4:2a:f9:5f:60:05:94:9e:14:ec:09:9c:42:93:e6:fd: 89:83:19:c0:66:9e:0b:7b:ec:55:6a:2a:bc:6a:01:6b:7d:3c: b4:2b:f1:51:9c:bd:ef:ba:74:7e:31:54:76:0d:90:89:b4:e9: 8b:6e:3d:76:44:d8:f2:0b:4d:96:14:d2:09:33:cd:b2:c0:74: 8f:53:5d:d0:83:73:0d:28:33:78:06:33:32:a9:35:fb:fd:09: 3b:94:84:54:7b:92:f5:b9:d4:1d:f2:5e:b0:cc:4b:c3:b8:58: 59:e1:58:4a:0b:de:1f:d5:9c:4f:1e:89:bd:e7:1d:a8:a0:ac: 4f:a9:ed:de:57:c1:7f:a7:95:64:3d:a9:5d:54:34:a7:77:0d: e2:05:d9:a3 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUIUq7xwKVzKJFcNgpg2TOsQ5ZBaswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjVaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDQzMWMzMjBlYWZhZDhlZjJlZDZjNDc0ZDc1YzY3NGMxYTA3OTE5NzFjN2E5 YTE3ZDAwZDY1Y2M1YWZmMzBiNDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQUrXYs0Sw7u0dNLZeckt5musg5RilGA2w3G7GxFBjog9LMj+5c7rCDkyyG xCTw5gnm2NxbfEVVHw2LORDNFPbjnNbTHYuob/iCGJIxoTRljra/Ke3fwdTiYR8E JMlX2/KfMLHq2OM3DK2BDtQ8BtIBqS0WhUHa3w8cSvOEPpv1Ba2rc31zmO/E88Pz ZxZzL7CUaF8s1obX6inuoi0tlJC4kiUfohNglg68SnWxBvvcQsKhUNOmXryebIKI 09PJtmlb5efOLUweya0rxigHbkbnYeBcuwUBOe8RKxrgkv17aOF28ClraIwcKN2H JXPyJo5wI1kmnvIZSOztD6Ycd8UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTj73iM rWdQ6f7JeC4bVxf0F4BWfDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN BgkqhkiG9w0BAQsFAAOCAQEAjl1Sm8lGoamKr3o0M7UDVC2tE6QFkNaiAZ9P/0LC c1IZ3UukEQNUt8QoYAS+kGt4AoYxyHu6CHZimKdKGtLpVUpb+D1TqTKhO7X/ApCC udtFQO2bap+7rKfQKyojofqJp76DSgnOdJrt704uy7v0KvlfYAWUnhTsCZxCk+b9 iYMZwGaeC3vsVWoqvGoBa308tCvxUZy977p0fjFUdg2QibTpi249dkTY8gtNlhTS CTPNssB0j1Nd0INzDSgzeAYzMqk1+/0JO5SEVHuS9bnUHfJesMxLw7hYWeFYSgve H9WcTx6JvecdqKCsT6nt3lfBf6eVZD2pXVQ0p3cN4gXZow== -----END CERTIFICATE-----Generated at Sun Dec 14 09:36:45 2025 by rpki-client