This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json) Hash identifier: 3uMVa7O7H1HSXfPzHVXajKwSxMT4ncydRc+JnQg2s/8= Subject key identifier: B9:63:9B:2B:7A:D1:B4:6B:BE:59:ED:6D:D0:12:5E:F0:86:2C:AF:2D Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 281A92B7516D3D503E016B21250805BCABF74031 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa Signing time: Wed 10 Dec 2025 06:50:07 +0000 ROA not before: Wed 10 Dec 2025 06:50:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.151.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:1a:92:b7:51:6d:3d:50:3e:01:6b:21:25:08:05:bc:ab:f7:40:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=fcb7d1ade6cefb2d0ec2a298bd4f4bcc164598b17dc078e3358c586abe5dc915, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ce:1d:f7:8e:36:e3:a0:ea:91:ca:33:c8:26: 9e:ee:68:29:b6:51:28:10:a2:d9:7f:77:a9:68:34: 5b:04:6a:bd:ae:7c:c3:2e:9e:11:90:95:d7:eb:5d: ce:72:10:46:d3:a5:97:28:e9:df:55:34:b4:95:da: 41:f2:ea:c9:a5:5e:da:19:9a:a7:fe:ad:3c:11:59: eb:60:1a:cc:66:a2:af:9e:d5:80:4f:d5:04:a6:6c: 4a:c0:05:2f:70:cb:c0:cd:47:b7:f1:d7:9c:2c:cf: ed:2f:6f:ca:eb:52:7d:66:42:71:55:b8:4a:00:24: 41:5c:90:aa:6e:ef:f9:ef:02:c9:e4:64:6f:69:e1: 45:51:c0:a8:57:93:33:72:fb:4c:bb:3f:89:78:65: 0c:03:3d:65:e6:ff:e5:52:d0:b9:db:45:60:d7:ed: 76:fd:83:fc:fd:2e:af:e0:e1:1c:bf:a6:73:33:12: 9b:80:a5:f2:52:9d:f0:c9:41:42:14:5b:56:55:af: ac:a8:f0:f6:7e:64:b4:67:f1:52:41:26:07:f9:99: 1c:80:66:91:1e:0e:5b:2b:35:51:01:f7:74:dd:6e: c6:63:85:60:26:4f:6a:a7:84:b1:99:61:79:c3:88: c7:93:ca:0f:e7:e4:23:ce:7b:66:65:05:2d:c5:55: 28:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:63:9B:2B:7A:D1:B4:6B:BE:59:ED:6D:D0:12:5E:F0:86:2C:AF:2D X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.151.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1f:d1:87:1b:98:bf:e6:1f:b5:93:e8:eb:95:02:a2:fe:74:7f: a6:f9:6c:a8:3a:85:df:5a:47:91:59:57:78:e2:76:d9:3b:5d: 1e:a6:65:84:1e:6f:fa:6c:46:6e:21:58:d9:c2:b9:0e:ae:17: 5f:01:64:e6:15:e1:55:ba:8c:bf:c5:2f:4c:5e:3a:f7:df:7a: d1:ea:09:48:4e:62:68:6e:9c:2b:7d:6b:eb:56:5a:6d:b5:5f: 83:5d:45:31:21:30:2a:2f:4e:b1:93:1a:c3:a8:5f:62:68:3d: 2e:f1:cc:e7:b8:1b:25:c4:5f:56:9a:40:ac:1d:22:f8:1c:0e: 5e:85:d3:af:61:ec:a2:9b:01:62:fa:c6:69:1c:e8:28:88:45: 42:a3:1e:ea:6f:44:e8:4a:fb:a4:4e:30:b6:37:a5:8e:fb:89: 53:54:7a:52:ac:34:59:e7:8b:f9:e0:72:0b:8a:57:94:a5:30: 53:86:c4:8c:fc:d4:58:b1:2e:d3:83:f9:6a:dd:9e:47:cc:02: 66:0f:52:91:5b:60:2a:39:2c:74:73:f3:c6:7a:d5:98:74:36: dd:cf:75:4f:e8:3e:59:a0:68:65:17:3b:c6:d3:fa:8f:0f:d8: 29:81:42:76:ac:a0:f8:3f:f3:26:9a:c4:af:6f:41:77:c6:7e: b4:ec:c0:d1 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUKBqSt1FtPVA+AWshJQgFvKv3QDEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGZjYjdkMWFkZTZjZWZiMmQwZWMyYTI5OGJkNGY0YmNjMTY0NTk4YjE3ZGMw NzhlMzM1OGM1ODZhYmU1ZGM5MTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOfOHfeONuOg6pHKM8gmnu5oKbZRKBCi2X93qWg0WwRqva58wy6eEZCV1+td znIQRtOllyjp31U0tJXaQfLqyaVe2hmap/6tPBFZ62AazGair57VgE/VBKZsSsAF L3DLwM1Ht/HXnCzP7S9vyutSfWZCcVW4SgAkQVyQqm7v+e8CyeRkb2nhRVHAqFeT M3L7TLs/iXhlDAM9Zeb/5VLQudtFYNftdv2D/P0ur+DhHL+mczMSm4Cl8lKd8MlB QhRbVlWvrKjw9n5ktGfxUkEmB/mZHIBmkR4OWys1UQH3dN1uxmOFYCZPaqeEsZlh ecOIx5PKD+fkI857ZmUFLcVVKN0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5Y5sr etG0a75Z7W3QEl7whiyvLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G CSqGSIb3DQEBCwUAA4IBAQAf0YcbmL/mH7WT6OuVAqL+dH+m+WyoOoXfWkeRWVd4 4nbZO10epmWEHm/6bEZuIVjZwrkOrhdfAWTmFeFVuoy/xS9MXjr333rR6glITmJo bpwrfWvrVlpttV+DXUUxITAqL06xkxrDqF9iaD0u8cznuBslxF9WmkCsHSL4HA5e hdOvYeyimwFi+sZpHOgoiEVCox7qb0ToSvukTjC2N6WO+4lTVHpSrDRZ54v54HIL ileUpTBThsSM/NRYsS7Tg/lq3Z5HzAJmD1KRW2AqOSx0c/PGetWYdDbdz3VP6D5Z oGhlFzvG0/qPD9gpgUJ2rKD4P/MmmsSvb0F3xn607MDR -----END CERTIFICATE-----Generated at Wed Dec 10 19:00:27 2025 by rpki-client