This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json) Hash identifier: 05QVgyKqvTkEpBC5Hm0Es62tLTGYXIC/xk98jOQhypk= Subject key identifier: 59:DB:91:21:51:A7:46:67:3B:F6:94:49:68:03:5F:9A:43:3C:1C:F2 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1394CF806EB9F25170702FB94AA21B1D84A7527E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa Signing time: Wed 10 Dec 2025 06:40:03 +0000 ROA not before: Wed 10 Dec 2025 06:40:03 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.208.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:94:cf:80:6e:b9:f2:51:70:70:2f:b9:4a:a2:1b:1d:84:a7:52:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:03 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=0e44edfb435b66bea3f5c378add19968815fb5ed69680740bd56165d4e6e3bdb, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:7b:fd:46:20:47:99:bb:7d:6f:fa:d4:71:a7: 10:4e:2c:1e:99:44:48:3a:8a:a2:18:8a:77:18:d4: e4:48:ef:99:d3:58:43:17:0a:75:e0:5f:20:93:1d: 76:76:b4:84:11:4e:25:d8:fe:cc:f3:c8:82:50:7c: ec:19:bd:66:34:84:90:24:7c:fb:5c:07:40:08:4f: bb:7e:38:5f:cc:4f:6b:e5:52:f4:9a:65:7c:58:2c: 25:30:04:e7:8d:36:31:f5:5a:e0:14:ca:03:b8:69: b7:eb:c6:8d:f7:5c:6b:97:da:79:a8:fd:b2:5b:38: ac:2d:c7:b2:d7:38:47:bf:66:7c:51:55:a9:82:65: e0:f6:40:bd:f1:02:e8:62:57:98:9d:17:72:8f:86: e1:e4:fe:3e:e8:16:48:35:29:ef:97:5c:3f:c8:44: a9:2b:4c:f1:21:23:46:d8:f2:bc:e2:22:ec:98:7b: ee:fc:cc:a9:e6:b7:0e:14:33:4c:53:64:47:1c:1a: 44:4a:1d:55:4b:fd:9c:bb:a4:cf:3d:24:45:61:4b: f8:e4:8c:26:94:ad:e8:1c:0b:b3:d0:29:75:ba:dc: c4:72:72:79:48:aa:2f:e4:91:8d:fd:41:e8:85:e6: b3:84:10:7e:0d:d5:fc:aa:64:13:05:6d:46:b2:d0: 34:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:DB:91:21:51:A7:46:67:3B:F6:94:49:68:03:5F:9A:43:3C:1C:F2 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.208.0.0/15 Signature Algorithm: sha256WithRSAEncryption 35:74:52:e3:e2:d0:e2:d4:b9:0e:16:10:98:27:60:ab:27:85: e5:6a:eb:bb:ce:c7:95:8d:aa:8a:79:15:01:44:2b:61:14:cc: 4e:ba:49:e0:f4:50:92:ed:29:77:df:40:bb:df:19:af:5c:30: 9a:ce:a9:41:bb:17:55:b4:5d:33:05:e3:29:de:0c:6a:48:9b: 97:0d:9a:aa:87:91:85:82:0f:e3:f6:b2:6c:df:a5:ea:66:2f: 5a:f7:be:c3:99:d6:29:24:68:12:ea:5b:13:30:39:8e:a5:51: 5a:90:71:94:e3:22:8e:d5:a2:ab:73:56:4f:d0:52:2a:03:91: 5f:90:fd:6b:43:23:b1:0b:35:28:3c:43:f3:33:24:94:3c:67: 0a:7d:ce:11:4c:76:0e:17:05:07:c8:03:17:66:ba:32:61:18: b9:ed:e2:de:db:f4:18:73:c4:e0:22:04:cf:76:9e:d4:db:5f: 52:44:a3:2c:af:5e:be:33:d9:6e:fc:3c:a4:84:99:85:63:9d: ce:37:14:4f:68:51:8c:23:b4:7c:ab:51:ac:88:f8:cf:ad:2a: a3:d2:a8:dd:38:cb:93:37:2a:3a:9c:3c:b7:4b:d6:f7:e2:91: 74:f4:e0:dc:95:0e:0a:0c:1b:c9:3f:bf:7b:ee:db:d2:89:14: 61:53:5f:71 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUE5TPgG658lFwcC+5SqIbHYSnUn4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDBlNDRlZGZiNDM1YjY2YmVhM2Y1YzM3OGFkZDE5OTY4ODE1ZmI1ZWQ2OTY4 MDc0MGJkNTYxNjVkNGU2ZTNiZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANR7/UYgR5m7fW/61HGnEE4sHplESDqKohiKdxjU5EjvmdNYQxcKdeBfIJMd dna0hBFOJdj+zPPIglB87Bm9ZjSEkCR8+1wHQAhPu344X8xPa+VS9JplfFgsJTAE 5402MfVa4BTKA7hpt+vGjfdca5faeaj9sls4rC3Hstc4R79mfFFVqYJl4PZAvfEC 6GJXmJ0Xco+G4eT+PugWSDUp75dcP8hEqStM8SEjRtjyvOIi7Jh77vzMqea3DhQz TFNkRxwaREodVUv9nLukzz0kRWFL+OSMJpSt6BwLs9ApdbrcxHJyeUiqL+SRjf1B 6IXms4QQfg3V/KpkEwVtRrLQNCsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZ25Eh UadGZzv2lEloA1+aQzwc8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G CSqGSIb3DQEBCwUAA4IBAQA1dFLj4tDi1LkOFhCYJ2CrJ4Xlauu7zseVjaqKeRUB RCthFMxOukng9FCS7Sl330C73xmvXDCazqlBuxdVtF0zBeMp3gxqSJuXDZqqh5GF gg/j9rJs36XqZi9a977DmdYpJGgS6lsTMDmOpVFakHGU4yKO1aKrc1ZP0FIqA5Ff kP1rQyOxCzUoPEPzMySUPGcKfc4RTHYOFwUHyAMXZroyYRi57eLe2/QYc8TgIgTP dp7U219SRKMsr16+M9lu/DykhJmFY53ONxRPaFGMI7R8q1GsiPjPrSqj0qjdOMuT Nyo6nDy3S9b34pF09ODclQ4KDBvJP7977tvSiRRhU19x -----END CERTIFICATE-----Generated at Sun Dec 14 02:16:10 2025 by rpki-client