This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json) Hash identifier: LN5MSLElSy6EqDs2stXoxYdOQWAeBIR2NIqRev1NwaM= Subject key identifier: C4:73:67:2E:B2:71:CB:4A:9B:11:01:46:DE:83:A1:6E:2A:95:38:09 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1165D04DBD58416DA3FC01EC337209E167B03836 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa Signing time: Thu 11 Dec 2025 01:00:22 +0000 ROA not before: Thu 11 Dec 2025 01:00:22 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 212.173.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:65:d0:4d:bd:58:41:6d:a3:fc:01:ec:33:72:09:e1:67:b0:38:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:22 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=0601a4e9505850b1cde2b011356f7db4813101ed54e01e5d2016421dc6186421, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:00:9c:ef:70:b7:a7:09:d4:1e:ae:5d:1b:6d: 82:f8:c4:2d:7e:1b:cf:c4:0e:2f:9c:20:fd:82:49: 7b:36:bb:63:58:40:f1:16:26:e0:09:db:8a:df:a0: 68:0c:41:5f:fb:cd:90:27:f5:0e:06:58:c9:29:68: 7a:72:32:6d:70:fb:9e:4d:84:77:fc:b4:a3:d0:d0: 4b:ec:85:f6:d1:14:96:bc:df:6e:a8:5d:a8:44:1a: 5e:8d:79:1f:50:a3:b5:07:c6:da:53:9e:5d:de:f7: 75:12:c5:4a:f6:f1:2e:33:01:2e:e3:ce:f1:34:af: 9d:0e:2e:85:a8:f6:fe:18:f5:14:b4:6a:d5:4c:cc: 20:53:d8:c5:1e:58:76:31:27:43:3a:2b:f3:09:8d: d1:06:aa:47:4e:ff:3f:5a:a4:31:8c:cd:f7:1e:64: 14:9e:ae:39:a6:60:64:64:21:c3:81:1c:fd:d2:b8: 31:c2:cf:8b:e2:af:a3:b7:67:ee:db:25:27:89:fa: 7f:26:51:fd:c7:96:6c:2b:b5:ca:12:e3:64:56:fa: 1d:22:93:6d:be:9d:b2:68:b7:9a:15:fb:6a:89:75: 96:30:a3:6d:53:4d:ae:c6:0f:b4:54:50:d3:3f:14: c5:99:6c:48:4c:f3:df:1c:6b:b5:ea:6f:c8:cb:71: 48:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:73:67:2E:B2:71:CB:4A:9B:11:01:46:DE:83:A1:6E:2A:95:38:09 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.173.128.0/17 Signature Algorithm: sha256WithRSAEncryption 1e:6f:5a:45:9d:45:2f:5f:48:43:c8:bb:ab:88:3a:d5:5a:b3: 64:e1:08:23:0b:eb:33:3a:46:94:3d:60:25:e8:5d:88:06:dc: aa:2b:06:c7:ea:df:fd:e7:c1:b5:11:8a:61:3b:8d:20:2f:95: 94:12:c1:fe:61:1c:d7:58:da:97:95:25:59:00:d5:a4:5a:e2: 3d:55:70:ca:0b:c7:6f:d6:b4:35:e7:0a:86:a0:16:77:f9:81: aa:c5:78:09:7b:e9:e9:84:24:64:ee:96:a1:21:d7:85:ee:00: da:15:10:47:5d:dd:58:71:47:f5:8b:54:ec:16:2f:97:51:0c: 11:3d:7b:73:3e:a1:37:6e:42:10:fa:f9:04:57:51:46:dc:17: 44:c3:1e:96:5d:d4:b8:23:01:4d:4c:cd:77:ad:80:d3:1e:2c: d6:75:19:f5:63:0e:aa:76:e4:1c:d1:cc:92:46:9e:6b:91:71: 23:7b:0a:3b:1f:d3:73:b3:81:51:a1:42:af:b4:ae:d3:ae:ca: 89:a9:f0:41:21:b0:d2:18:ad:a6:d1:35:a4:da:80:ea:ae:e4: 59:bf:f0:05:35:4c:d2:0e:7d:56:12:f1:96:4e:e2:f1:77:a1: e6:e9:2f:63:3d:09:1a:2f:b8:ab:7e:64:e0:77:74:c6:25:c9: 20:94:7c:90 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUEWXQTb1YQW2j/AHsM3IJ4WewODYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjJaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDA2MDFhNGU5NTA1ODUwYjFjZGUyYjAxMTM1NmY3ZGI0ODEzMTAxZWQ1NGUw MWU1ZDIwMTY0MjFkYzYxODY0MjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMAAnO9wt6cJ1B6uXRttgvjELX4bz8QOL5wg/YJJeza7Y1hA8RYm4Anbit+g aAxBX/vNkCf1DgZYySloenIybXD7nk2Ed/y0o9DQS+yF9tEUlrzfbqhdqEQaXo15 H1CjtQfG2lOeXd73dRLFSvbxLjMBLuPO8TSvnQ4uhaj2/hj1FLRq1UzMIFPYxR5Y djEnQzor8wmN0QaqR07/P1qkMYzN9x5kFJ6uOaZgZGQhw4Ec/dK4McLPi+Kvo7dn 7tslJ4n6fyZR/ceWbCu1yhLjZFb6HSKTbb6dsmi3mhX7aol1ljCjbVNNrsYPtFRQ 0z8UxZlsSEzz3xxrtepvyMtxSJsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEc2cu snHLSpsRAUbeg6FuKpU4CTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN BgkqhkiG9w0BAQsFAAOCAQEAHm9aRZ1FL19IQ8i7q4g61VqzZOEIIwvrMzpGlD1g JehdiAbcqisGx+rf/efBtRGKYTuNIC+VlBLB/mEc11jal5UlWQDVpFriPVVwygvH b9a0NecKhqAWd/mBqsV4CXvp6YQkZO6WoSHXhe4A2hUQR13dWHFH9YtU7BYvl1EM ET17cz6hN25CEPr5BFdRRtwXRMMell3UuCMBTUzNd62A0x4s1nUZ9WMOqnbkHNHM kkaea5FxI3sKOx/Tc7OBUaFCr7Su067KianwQSGw0hitptE1pNqA6q7kWb/wBTVM 0g59VhLxlk7i8Xeh5ukvYz0JGi+4q35k4Hd0xiXJIJR8kA== -----END CERTIFICATE-----Generated at Thu Jan 22 22:21:41 2026 by rpki-client