This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa File: ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa (raw, json) Hash identifier: TWdUbVubkQimMoHR1+R+0afa/nPwH9WNELfpZ9/5EtM= Subject key identifier: 2A:BF:E2:B8:20:90:B2:F3:83:76:81:92:B0:16:82:89:92:41:6D:FE Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 21A3019C7ECB141D96C8D069115BA097E245AAFB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa Signing time: Wed 10 Dec 2025 06:50:07 +0000 ROA not before: Wed 10 Dec 2025 06:50:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 57.99.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:a3:01:9c:7e:cb:14:1d:96:c8:d0:69:11:5b:a0:97:e2:45:aa:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c909b4c140c32e4c45c0cebef53f854aff13e376a01ea124370051f30d3b7194, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:3c:27:b8:25:d5:2d:ea:be:86:80:55:21:58: 27:c6:33:64:56:4a:c8:b3:b9:61:d7:28:5f:8c:f1: 2d:36:35:67:01:ba:65:21:ae:2e:72:60:83:b2:5b: a8:65:e6:ae:f6:f5:f8:d2:fb:e5:42:2b:fa:67:a7: 50:6f:3c:ae:18:36:f0:ff:47:f8:8e:0b:32:65:75: 59:4a:4a:fb:2e:90:0a:dd:fd:74:7a:91:4e:b6:6b: 89:ae:b9:8b:eb:5c:7a:30:bd:81:8a:3c:e8:d1:f6: 4f:f5:aa:f6:9c:19:d4:0c:46:6e:21:fb:b5:c2:65: 7a:0d:06:f1:d7:fa:38:63:77:d7:f8:ba:f5:b9:72: 52:19:bc:0a:e1:7c:1a:ad:3f:b4:e9:05:b8:89:fb: 32:f1:e0:29:35:11:a2:1b:4a:e5:9e:17:01:85:8a: 0f:98:17:20:47:d3:74:82:f3:e5:bb:f2:17:8b:e0: 0b:40:e3:be:ff:86:ef:b3:27:15:92:2c:a1:21:29: a4:fe:c6:67:ec:73:a9:e6:ed:f4:c7:69:90:5e:92: 2d:cd:07:44:03:d6:a8:04:5f:a9:9c:d2:0b:26:a4: e7:a9:f5:94:a0:ff:3a:51:e5:81:5a:9a:b6:3e:e0: 42:b6:4f:db:cd:f2:41:30:ba:d4:c7:a7:f3:77:e6: bd:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:BF:E2:B8:20:90:B2:F3:83:76:81:92:B0:16:82:89:92:41:6D:FE X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.99.0.0/16 Signature Algorithm: sha256WithRSAEncryption 73:d5:83:cb:17:20:2f:12:8b:10:0b:02:74:a9:89:96:4c:fd: bb:27:71:4b:73:ef:15:ba:23:5d:d0:44:88:0a:5f:57:84:fb: aa:db:79:7d:8c:da:a2:b2:fb:2b:60:51:54:cc:44:df:49:dd: b0:b3:ea:40:c9:a2:4d:36:3c:bd:52:a2:1d:9a:54:32:28:d6: 23:4b:3e:f8:46:87:d2:d8:6f:2f:92:1c:d9:bb:ba:eb:4a:5b: e8:e7:d1:91:df:8b:6d:d7:80:92:6f:de:04:c9:3c:45:44:1b: 60:f2:01:2e:c3:49:e1:02:49:b4:9b:55:e1:45:a3:7d:97:a9: 84:a3:38:e0:46:d6:72:9c:14:aa:4d:b0:15:ff:27:65:90:75: 6c:9c:2a:b4:9e:20:0a:b7:9b:97:25:32:75:7e:ec:0f:f4:77: d8:f7:4e:0c:cb:20:ba:96:34:ef:00:58:c4:40:03:12:6f:a4: 29:cc:b9:6f:cd:a9:44:a5:db:f6:a5:2c:1c:78:eb:56:b9:a6: db:36:78:bb:fc:a2:69:2e:24:6e:c4:91:02:1b:55:24:24:08: 98:fb:bd:2c:c6:46:3b:52:be:52:3f:4c:05:8f:43:0f:5e:0d: 59:6d:fc:2b:24:3e:68:a4:43:3f:74:28:d6:cf:c6:9e:68:19: eb:e7:8b:a0 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUIaMBnH7LFB2WyNBpEVugl+JFqvswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGM5MDliNGMxNDBjMzJlNGM0NWMwY2ViZWY1M2Y4NTRhZmYxM2UzNzZhMDFl YTEyNDM3MDA1MWYzMGQzYjcxOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALI8J7gl1S3qvoaAVSFYJ8YzZFZKyLO5YdcoX4zxLTY1ZwG6ZSGuLnJgg7Jb qGXmrvb1+NL75UIr+menUG88rhg28P9H+I4LMmV1WUpK+y6QCt39dHqRTrZria65 i+tcejC9gYo86NH2T/Wq9pwZ1AxGbiH7tcJleg0G8df6OGN31/i69blyUhm8CuF8 Gq0/tOkFuIn7MvHgKTURohtK5Z4XAYWKD5gXIEfTdILz5bvyF4vgC0Djvv+G77Mn FZIsoSEppP7GZ+xzqebt9MdpkF6SLc0HRAPWqARfqZzSCyak56n1lKD/OlHlgVqa tj7gQrZP283yQTC61Men83fmvZkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQqv+K4 IJCy84N2gZKwFoKJkkFt/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Y2U4N2RiYjktNDQxMy00MmMyLWJhODEtNDRjY2RmOTViZDJjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G CSqGSIb3DQEBCwUAA4IBAQBz1YPLFyAvEosQCwJ0qYmWTP27J3FLc+8VuiNd0ESI Cl9XhPuq23l9jNqisvsrYFFUzETfSd2ws+pAyaJNNjy9UqIdmlQyKNYjSz74RofS 2G8vkhzZu7rrSlvo59GR34tt14CSb94EyTxFRBtg8gEuw0nhAkm0m1XhRaN9l6mE ozjgRtZynBSqTbAV/ydlkHVsnCq0niAKt5uXJTJ1fuwP9HfY904MyyC6ljTvAFjE QAMSb6QpzLlvzalEpdv2pSwceOtWuabbNni7/KJpLiRuxJECG1UkJAiY+70sxkY7 Ur5SP0wFj0MPXg1ZbfwrJD5opEM/dCjWz8aeaBnr54ug -----END CERTIFICATE-----Generated at Fri Dec 19 07:33:35 2025 by rpki-client