This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json) Hash identifier: R8nx0SlWfxfE0AVACvEt0WWSH0Bvod3bJKoTxGUuShw= Subject key identifier: 1E:83:FF:1F:B4:78:4B:82:DA:35:C8:BA:74:6A:D4:F1:39:D9:7A:66 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 24F64E3628202F68FDFB154D5CE1D8DDBD54754C Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa Signing time: Wed 10 Dec 2025 06:40:07 +0000 ROA not before: Wed 10 Dec 2025 06:40:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.228.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:f6:4e:36:28:20:2f:68:fd:fb:15:4d:5c:e1:d8:dd:bd:54:75:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=30c3f37fe7fe0c92d02ab0d4430441368b0f8284cc7aa300c9cfa96eae324ae1, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:db:72:80:80:e0:08:dc:fd:08:8c:3e:cc:dd: aa:e3:a6:0c:83:46:bb:38:96:1b:0f:8a:35:d0:66: 2c:a3:0f:91:03:9e:ea:9b:5e:e2:05:8b:5a:61:71: 9d:14:3d:dd:21:bd:ac:90:ba:d5:fa:7a:e8:30:b0: 36:e2:22:ab:7e:a6:b3:cb:d1:b8:82:5e:d5:c8:64: 78:8d:bc:f1:c7:01:32:1b:60:48:05:81:11:d5:f9: 2f:bb:c1:91:e1:88:0d:56:f9:98:13:70:27:44:e5: ca:e4:07:c3:df:e2:fe:2f:f6:ce:fb:7a:cb:6e:56: de:57:76:e6:b0:1c:94:2a:b0:d2:cb:fe:cd:d6:3d: fd:9b:5f:e3:84:29:a1:9a:85:48:ac:bd:5b:00:e2: 97:ff:9a:d8:c0:1f:6f:18:1e:a1:25:04:70:97:10: a0:e9:ae:30:9c:26:f5:0a:7e:99:38:c4:57:1b:bd: 9e:cd:33:f4:50:36:f7:4c:ba:09:00:82:1a:f1:a7: a3:3f:c9:dc:c7:63:2e:ce:24:0b:7e:5f:f3:4f:b4: 23:11:05:0c:f0:1b:86:8f:2f:11:99:0b:ea:ae:1f: c1:1b:e7:e2:87:71:3a:eb:31:ab:d4:ca:a2:b1:4b: fa:aa:f5:13:70:62:5a:93:ff:b1:2b:60:6b:a5:58: d1:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:83:FF:1F:B4:78:4B:82:DA:35:C8:BA:74:6A:D4:F1:39:D9:7A:66 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.228.0.0/15 Signature Algorithm: sha256WithRSAEncryption 97:57:f2:c1:a3:cb:8f:10:7b:e0:13:d9:de:34:67:ff:33:f1: f4:cb:e3:b9:b8:60:e9:92:40:52:68:ae:c3:da:30:c6:a2:68: 1c:29:9e:3a:0c:ff:a8:1e:6e:2c:0a:93:ca:d6:5a:26:e2:05: 4b:bd:4a:04:d0:88:52:06:ee:8c:75:de:d9:7f:e4:74:c4:e5: 19:27:1f:56:b1:8a:9b:9c:ba:b3:ae:24:63:45:e5:08:ac:55: 44:ba:af:24:7a:b2:df:cd:20:78:14:7a:5a:3f:be:13:1d:86: ad:87:81:22:52:d9:5f:b1:15:43:57:71:78:57:ca:99:50:c0: 1e:47:ff:58:3b:48:18:b2:b6:fa:b4:a9:87:50:20:7e:b4:06: 59:5d:4f:d2:5b:6d:87:2d:cc:18:f4:e0:7e:b6:91:7e:86:bd: 74:be:6f:89:49:a2:e9:62:97:19:19:8b:88:97:39:df:08:93: 38:df:fb:10:2b:29:31:fa:40:a1:72:51:0a:5a:b7:1b:24:b6: b3:ab:e9:7f:f4:b6:dc:47:46:a1:5f:4e:6d:bb:cc:86:0c:f0: fe:cc:fe:6c:7f:1a:19:55:d8:7f:45:16:da:a7:2a:cb:72:8f: 4d:e7:be:21:c2:de:3f:47:20:85:63:3f:fe:fd:6f:74:70:b7: f4:3d:9a:27 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUJPZONiggL2j9+xVNXOHY3b1UdUwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDMwYzNmMzdmZTdmZTBjOTJkMDJhYjBkNDQzMDQ0MTM2OGIwZjgyODRjYzdh YTMwMGM5Y2ZhOTZlYWUzMjRhZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPLbcoCA4Ajc/QiMPszdquOmDINGuziWGw+KNdBmLKMPkQOe6pte4gWLWmFx nRQ93SG9rJC61fp66DCwNuIiq36ms8vRuIJe1chkeI288ccBMhtgSAWBEdX5L7vB keGIDVb5mBNwJ0TlyuQHw9/i/i/2zvt6y25W3ld25rAclCqw0sv+zdY9/Ztf44Qp oZqFSKy9WwDil/+a2MAfbxgeoSUEcJcQoOmuMJwm9Qp+mTjEVxu9ns0z9FA290y6 CQCCGvGnoz/J3MdjLs4kC35f80+0IxEFDPAbho8vEZkL6q4fwRvn4odxOusxq9TK orFL+qr1E3BiWpP/sStga6VY0aECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeg/8f tHhLgto1yLp0atTxOdl6ZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G CSqGSIb3DQEBCwUAA4IBAQCXV/LBo8uPEHvgE9neNGf/M/H0y+O5uGDpkkBSaK7D 2jDGomgcKZ46DP+oHm4sCpPK1lom4gVLvUoE0IhSBu6Mdd7Zf+R0xOUZJx9WsYqb nLqzriRjReUIrFVEuq8kerLfzSB4FHpaP74THYath4EiUtlfsRVDV3F4V8qZUMAe R/9YO0gYsrb6tKmHUCB+tAZZXU/SW22HLcwY9OB+tpF+hr10vm+JSaLpYpcZGYuI lznfCJM43/sQKykx+kChclEKWrcbJLazq+l/9LbcR0ahX05tu8yGDPD+zP5sfxoZ Vdh/RRbapyrLco9N574hwt4/RyCFYz/+/W90cLf0PZon -----END CERTIFICATE-----Generated at Thu Jan 22 22:20:18 2026 by rpki-client