This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json) Hash identifier: yMx05I0jM1DNkiyy3W6sRNYUCFbwG2eihLfXlXyjNxQ= Subject key identifier: 99:89:35:9F:1D:BB:0B:FA:84:40:FA:70:70:61:4F:2C:41:20:EE:82 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 31E509F5BF962EE4BA099709DCE8429422AE8332 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa Signing time: Sat 15 Nov 2025 06:40:11 +0000 ROA not before: Sat 15 Nov 2025 06:40:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.40.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 27 Nov 2025 08:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:e5:09:f5:bf:96:2e:e4:ba:09:97:09:dc:e8:42:94:22:ae:83:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9422cda67637b5b9882056b40121fdf3e51e9da8b5b2e9c73979f62c3f468d70, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:fc:59:fe:43:52:8a:23:6a:c7:95:42:5c:78: 41:c0:93:b8:04:66:8e:61:53:a3:3f:ce:95:9b:89: 79:87:b4:a3:85:57:9b:41:83:9b:ea:de:7d:70:d8: 56:18:f3:95:df:ab:9a:e4:e0:23:fd:8f:6c:71:3b: 66:5a:ab:24:b4:c6:da:71:ca:d7:82:59:1e:65:7b: 4a:4a:59:91:78:fe:e9:29:aa:c1:01:61:69:65:31: 22:a0:a2:44:0f:29:61:ca:54:d0:af:88:79:85:64: bd:2f:c7:6c:0b:59:6f:8f:9f:32:aa:22:7c:d2:2f: 0a:7c:de:a2:10:19:51:eb:b2:0c:36:40:68:87:1c: a3:89:61:86:72:9d:0b:26:de:d3:98:81:d9:51:55: a1:1e:1d:36:f7:c3:52:d5:c3:22:da:9a:7b:fe:af: 2f:bd:d9:eb:c7:3b:da:0f:17:f4:15:08:cf:74:08: 81:97:26:ca:1d:bc:b0:0a:5d:26:74:a6:ba:ac:00: 5a:a7:36:c2:3b:36:04:ae:38:15:cc:2d:97:cb:9a: c6:99:a3:c3:93:3d:c9:43:66:81:d4:b9:ec:04:ec: dc:76:27:f0:ba:dc:13:ca:84:2c:47:b7:70:7d:23: 26:30:cd:20:22:d6:e9:58:31:b9:39:6b:cd:f4:33: d6:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:89:35:9F:1D:BB:0B:FA:84:40:FA:70:70:61:4F:2C:41:20:EE:82 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.40.0.0/16 Signature Algorithm: sha256WithRSAEncryption 60:6c:24:e6:cf:2d:99:5d:87:f2:b1:5f:32:5f:b0:23:b3:30: a8:c0:b2:7a:99:56:df:1c:a6:f9:18:42:ae:48:3d:4b:ae:e5: 87:2e:ed:56:d8:b3:10:26:4f:de:86:d5:29:df:98:53:0c:f5: 1c:a7:40:fc:c6:2d:f9:3a:90:09:23:e3:50:10:38:ac:8b:4e: 7b:8d:a6:3b:63:7e:78:e1:2e:ef:40:b2:8d:85:a7:c1:ea:c1: 1b:c4:1e:d1:27:88:dd:28:62:e3:15:98:c3:c4:86:d9:3d:ae: a8:e9:b6:c5:ef:80:f6:6b:95:e1:44:f8:66:5d:d7:63:12:93: 12:5c:5b:d7:76:dd:dd:2c:cc:6f:7b:c1:6b:34:69:71:56:06: 33:5d:ba:82:92:0a:70:ef:5f:59:cc:a9:7d:16:eb:75:f4:ab: 5a:ec:5b:90:46:d5:84:3c:91:1e:e8:11:e5:04:c5:1c:4e:6e: ac:d5:24:33:42:b3:b9:b7:d5:34:59:de:4b:2c:00:ba:c9:d1: a0:0a:ce:c6:fb:f2:02:ba:4f:4e:e4:ba:5b:1a:e7:06:80:80: a3:a0:db:ab:54:95:b6:e3:42:7e:ce:6f:b5:08:96:46:8a:d2: a6:71:df:e8:43:ae:51:1f:ab:89:12:9b:b7:d5:d0:44:c0:4d: b3:95:d0:ce -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUMeUJ9b+WLuS6CZcJ3OhClCKugzIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDk0MjJjZGE2NzYzN2I1Yjk4ODIwNTZiNDAxMjFmZGYzZTUxZTlkYThiNWIy ZTljNzM5NzlmNjJjM2Y0NjhkNzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK78Wf5DUoojaseVQlx4QcCTuARmjmFToz/OlZuJeYe0o4VXm0GDm+refXDY Vhjzld+rmuTgI/2PbHE7ZlqrJLTG2nHK14JZHmV7SkpZkXj+6SmqwQFhaWUxIqCi RA8pYcpU0K+IeYVkvS/HbAtZb4+fMqoifNIvCnzeohAZUeuyDDZAaIcco4lhhnKd Cybe05iB2VFVoR4dNvfDUtXDItqae/6vL73Z68c72g8X9BUIz3QIgZcmyh28sApd JnSmuqwAWqc2wjs2BK44Fcwtl8uaxpmjw5M9yUNmgdS57ATs3HYn8LrcE8qELEe3 cH0jJjDNICLW6VgxuTlrzfQz1iECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSZiTWf HbsL+oRA+nBwYU8sQSDugjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G CSqGSIb3DQEBCwUAA4IBAQBgbCTmzy2ZXYfysV8yX7AjszCowLJ6mVbfHKb5GEKu SD1LruWHLu1W2LMQJk/ehtUp35hTDPUcp0D8xi35OpAJI+NQEDisi057jaY7Y354 4S7vQLKNhafB6sEbxB7RJ4jdKGLjFZjDxIbZPa6o6bbF74D2a5XhRPhmXddjEpMS XFvXdt3dLMxve8FrNGlxVgYzXbqCkgpw719ZzKl9Fut19Kta7FuQRtWEPJEe6BHl BMUcTm6s1SQzQrO5t9U0Wd5LLAC6ydGgCs7G+/ICuk9O5LpbGucGgICjoNurVJW2 40J+zm+1CJZGitKmcd/oQ65RH6uJEpu31dBEwE2zldDO -----END CERTIFICATE-----Generated at Wed Nov 26 14:08:45 2025 by rpki-client