This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json) Hash identifier: Ax7g6NysN9qjYSJSOBjgrzfCo1CY1dK89ZZRJfMlvx4= Subject key identifier: 33:BC:E0:CF:79:7E:C6:86:0E:9E:0A:6F:CB:2A:AA:C0:89:6B:91:B5 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3C2E2E29C605FFF7E5C4D593987FD8700C3C9074 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa Signing time: Wed 10 Dec 2025 06:40:41 +0000 ROA not before: Wed 10 Dec 2025 06:40:41 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.40.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:2e:2e:29:c6:05:ff:f7:e5:c4:d5:93:98:7f:d8:70:0c:3c:90:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:41 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=9f77e56fd72e25971cbc3b82cb8971cad3636b4c013f52d12bb49aa3d171d9a6, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:51:62:18:8b:f1:ef:24:5b:ec:51:dc:61:6f: 17:b3:6b:4f:64:38:5f:88:bb:4c:34:4a:7c:fb:31: 21:29:38:a7:ce:d8:0f:b4:80:18:05:5c:31:2c:53: e8:a8:fb:63:5f:ff:9a:ba:66:c2:04:c2:77:50:88: 63:2c:e3:59:7a:d5:df:fc:66:1a:89:58:64:d4:89: f3:6b:71:65:5a:ca:ed:e2:52:58:c6:3a:b8:a0:c9: b5:be:e2:17:f8:80:85:f6:19:71:b7:33:49:49:47: bb:b3:28:b6:27:cd:ed:24:82:20:7b:b8:dd:1c:b4: f0:0a:61:b6:d1:47:3f:9c:bb:28:c1:7d:f3:4c:3c: 95:f9:bc:f3:97:01:62:a0:e4:bf:7e:01:0c:bd:df: 71:2e:69:1d:fa:2f:ce:3b:92:7a:82:06:1f:6e:28: 10:5e:4e:8d:0a:99:49:2e:d5:8c:84:9b:23:41:f1: 4b:d7:c5:19:b5:6e:0a:48:f9:60:99:46:ae:d0:a6: 98:02:c5:03:a0:06:19:6e:ef:5a:bb:23:cf:26:c2: 40:db:57:52:17:ff:ea:27:92:70:07:45:d3:b2:bf: bf:59:1c:64:14:5b:b5:8e:35:5d:7a:10:54:fa:60: 10:06:87:ba:f8:86:d5:e4:7b:3a:df:b9:eb:0e:1b: 84:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:BC:E0:CF:79:7E:C6:86:0E:9E:0A:6F:CB:2A:AA:C0:89:6B:91:B5 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.40.0.0/16 Signature Algorithm: sha256WithRSAEncryption a4:20:a3:df:dd:4f:11:9c:8a:84:da:6f:5d:4d:ec:53:21:5e: f1:21:07:04:dd:ad:20:83:72:8c:ba:51:1c:0d:5c:98:e7:3e: ce:cb:e0:9b:61:bc:28:24:e0:4d:ba:23:03:ac:71:2c:09:79: e6:9e:48:72:59:c4:a0:c5:aa:ae:90:b2:f9:21:5a:1e:3e:24: 3f:37:8e:8f:67:80:20:d7:89:a3:22:4c:6a:77:ee:d7:e0:9c: 17:78:c3:13:05:e6:de:54:28:d9:f6:b0:b5:6a:6e:4c:a8:3c: af:e2:7f:b7:42:48:51:f7:9f:1d:79:f7:8f:b1:0e:1c:18:98: a2:8f:ad:cc:d4:3a:01:01:0d:bc:57:93:d7:d8:59:4c:b2:00: a3:ab:34:b5:ae:2b:66:99:2e:f2:d5:29:c7:ed:31:fc:df:60: 86:04:b1:a0:ea:69:c8:34:cd:ad:4b:7e:27:8a:db:06:73:69: a6:8b:3c:01:e1:67:7c:bd:97:7d:92:fc:c5:74:bd:4e:9a:b6: 17:31:80:4e:ef:58:53:15:3f:bc:b4:5c:92:61:43:74:88:f9: 69:a3:0e:ff:f7:bd:a8:c3:25:a6:62:58:32:e0:92:56:e7:3a: 0e:6d:31:16:77:ef:91:59:74:fd:f6:c4:4d:2a:b4:86:2c:3c: 16:b3:89:21 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUPC4uKcYF//flxNWTmH/YcAw8kHQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwNDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDlmNzdlNTZmZDcyZTI1OTcxY2JjM2I4MmNiODk3MWNhZDM2MzZiNGMwMTNm NTJkMTJiYjQ5YWEzZDE3MWQ5YTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdRYhiL8e8kW+xR3GFvF7NrT2Q4X4i7TDRKfPsxISk4p87YD7SAGAVcMSxT 6Kj7Y1//mrpmwgTCd1CIYyzjWXrV3/xmGolYZNSJ82txZVrK7eJSWMY6uKDJtb7i F/iAhfYZcbczSUlHu7MotifN7SSCIHu43Ry08AphttFHP5y7KMF980w8lfm885cB YqDkv34BDL3fcS5pHfovzjuSeoIGH24oEF5OjQqZSS7VjISbI0HxS9fFGbVuCkj5 YJlGrtCmmALFA6AGGW7vWrsjzybCQNtXUhf/6ieScAdF07K/v1kcZBRbtY41XXoQ VPpgEAaHuviG1eR7Ot+56w4bhHsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQzvODP eX7Ghg6eCm/LKqrAiWuRtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G CSqGSIb3DQEBCwUAA4IBAQCkIKPf3U8RnIqE2m9dTexTIV7xIQcE3a0gg3KMulEc DVyY5z7Oy+CbYbwoJOBNuiMDrHEsCXnmnkhyWcSgxaqukLL5IVoePiQ/N46PZ4Ag 14mjIkxqd+7X4JwXeMMTBebeVCjZ9rC1am5MqDyv4n+3QkhR958defePsQ4cGJii j63M1DoBAQ28V5PX2FlMsgCjqzS1ritmmS7y1SnH7TH832CGBLGg6mnINM2tS34n itsGc2mmizwB4Wd8vZd9kvzFdL1OmrYXMYBO71hTFT+8tFySYUN0iPlpow7/972o wyWmYlgy4JJW5zoObTEWd++RWXT99sRNKrSGLDwWs4kh -----END CERTIFICATE-----Generated at Wed Dec 10 18:29:05 2025 by rpki-client