This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json) Hash identifier: Viv2EZDgIQzP/eJYSdU6O6qiTyEVXVpkgbIDAQ1w9qo= Subject key identifier: 79:8D:84:9E:7A:57:38:61:CE:9C:D0:78:43:0E:C1:3E:54:AD:0C:12 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 509E12B3BBC7B8D59F358EED9ADB0BA7E3AA981C Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa Signing time: Wed 10 Dec 2025 06:40:06 +0000 ROA not before: Wed 10 Dec 2025 06:40:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.129.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:9e:12:b3:bb:c7:b8:d5:9f:35:8e:ed:9a:db:0b:a7:e3:aa:98:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=3dc1bb6b3d76bba3fec30940639b5dff02e4ea02113729f90a6beac7cd30c434, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f6:40:e2:b9:46:50:fe:e0:c2:00:4b:12:19: d1:52:39:a1:fa:2e:b9:9f:f1:04:ad:09:5d:5d:e3: 60:2f:82:da:7d:0d:a7:2f:e5:9b:89:a9:7e:2d:2c: 70:88:3e:9e:9f:be:78:a6:e4:03:12:d3:1e:85:0a: db:3b:70:01:d6:cb:41:a6:db:13:25:f9:37:b5:b2: ba:19:09:21:b0:9a:db:26:bd:d9:46:59:1a:64:ba: 1a:c3:ac:28:78:ad:92:5b:8b:03:a0:ae:88:fa:ed: 84:f5:6c:0e:c1:08:a9:f3:0b:7c:d5:33:f6:1d:b5: 59:8b:3a:9e:85:0b:ac:4a:64:8b:17:85:22:5c:c9: 8d:70:e6:c4:f5:01:9f:57:b8:30:a3:32:82:21:0c: 77:da:55:2e:7d:bd:02:cf:1b:8f:cb:43:b3:a0:b3: b3:1c:67:85:f9:87:e7:e4:76:c2:fe:3e:e6:a7:67: bc:9d:f4:a1:ac:14:2e:2b:55:8b:2d:4d:16:91:b6: 4a:df:4c:5b:b0:21:ee:77:cb:ba:f8:be:fd:77:35: 54:d7:bb:c7:a2:6f:88:70:d2:60:0e:de:ce:7a:a0: 5e:b2:62:46:ca:87:24:89:dc:05:38:f3:e7:cb:a4: 19:c1:89:bd:84:32:8e:62:15:1b:8b:c9:a3:6e:d2: 6d:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:8D:84:9E:7A:57:38:61:CE:9C:D0:78:43:0E:C1:3E:54:AD:0C:12 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.129.0.0/16 Signature Algorithm: sha256WithRSAEncryption 33:71:16:7d:57:6b:35:31:40:d8:db:f3:47:5f:fa:e5:5f:28: e3:6f:e8:d2:d2:ad:c3:4c:09:45:e7:03:73:5c:88:70:88:a2: bd:45:12:b2:77:16:c9:d0:62:99:0e:d9:7b:4b:5f:a2:cb:4c: c6:58:8c:7d:64:4c:ce:fa:75:8b:15:4f:1e:d1:73:c6:7f:7e: 34:4a:dd:b6:53:97:f8:77:87:67:3b:1d:19:0c:eb:30:c7:9b: fc:c3:59:19:1a:a5:1d:87:5b:2b:46:8e:20:7d:1d:a5:93:25: 47:3d:51:d6:be:ec:28:90:32:2b:0f:0c:63:70:31:58:63:80: 73:43:08:18:4f:50:5f:9f:41:df:16:92:44:ff:97:49:ea:b1: 3b:7c:a4:84:be:a6:a0:90:d2:0d:26:9d:c8:40:00:32:34:8e: d1:85:e9:f5:80:71:2d:05:07:77:9e:9b:48:19:de:5a:ec:9c: 9b:6f:6d:76:69:73:03:e0:19:83:ba:50:72:d8:3f:8b:90:f6: d1:20:12:9a:fb:87:d8:d3:18:91:c3:54:19:01:ed:05:2c:cd: 5f:35:d1:8e:70:75:f2:7f:f4:9f:9b:8c:2d:a4:15:8a:55:26: f6:f2:b1:2f:73:27:3d:e8:60:8b:62:4d:17:a4:eb:7f:53:e7: 47:e8:fa:dc -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUUJ4Ss7vHuNWfNY7tmtsLp+OqmBwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDNkYzFiYjZiM2Q3NmJiYTNmZWMzMDk0MDYzOWI1ZGZmMDJlNGVhMDIxMTM3 MjlmOTBhNmJlYWM3Y2QzMGM0MzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM72QOK5RlD+4MIASxIZ0VI5ofouuZ/xBK0JXV3jYC+C2n0Npy/lm4mpfi0s cIg+np++eKbkAxLTHoUK2ztwAdbLQabbEyX5N7WyuhkJIbCa2ya92UZZGmS6GsOs KHitkluLA6CuiPrthPVsDsEIqfMLfNUz9h21WYs6noULrEpkixeFIlzJjXDmxPUB n1e4MKMygiEMd9pVLn29As8bj8tDs6CzsxxnhfmH5+R2wv4+5qdnvJ30oawULitV iy1NFpG2St9MW7Ah7nfLuvi+/Xc1VNe7x6JviHDSYA7eznqgXrJiRsqHJIncBTjz 58ukGcGJvYQyjmIVG4vJo27SbR0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5jYSe elc4Yc6c0HhDDsE+VK0MEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G CSqGSIb3DQEBCwUAA4IBAQAzcRZ9V2s1MUDY2/NHX/rlXyjjb+jS0q3DTAlF5wNz XIhwiKK9RRKydxbJ0GKZDtl7S1+iy0zGWIx9ZEzO+nWLFU8e0XPGf340St22U5f4 d4dnOx0ZDOswx5v8w1kZGqUdh1srRo4gfR2lkyVHPVHWvuwokDIrDwxjcDFYY4Bz QwgYT1Bfn0HfFpJE/5dJ6rE7fKSEvqagkNINJp3IQAAyNI7Rhen1gHEtBQd3nptI Gd5a7Jybb212aXMD4BmDulBy2D+LkPbRIBKa+4fY0xiRw1QZAe0FLM1fNdGOcHXy f/Sfm4wtpBWKVSb28rEvcyc96GCLYk0XpOt/U+dH6Prc -----END CERTIFICATE-----Generated at Thu Jan 22 22:20:18 2026 by rpki-client