This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json) Hash identifier: ExSrdh3PN9h7ORTBqeP7PxRxoxD2mEInu9eaVO4uiYc= Subject key identifier: 3A:2F:3D:66:55:4E:6E:12:A0:60:0C:55:0B:FE:D7:4B:E9:C4:FF:E3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 660189BE3F6A8C2F769EA6C1CC42247E0785EB85 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa Signing time: Wed 10 Dec 2025 06:40:07 +0000 ROA not before: Wed 10 Dec 2025 06:40:07 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.128.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:01:89:be:3f:6a:8c:2f:76:9e:a6:c1:cc:42:24:7e:07:85:eb:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:07 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=667c429c6420c4feee0c9a8b372665eeec8e9fe1f0bb2cfd4e4389783d09fc24, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:d4:1f:5e:d1:c9:eb:9e:d0:cb:3a:2f:a7:4b: d7:6c:96:9d:05:ab:f2:b5:a1:89:a9:64:12:50:79: 9e:f2:5c:e1:5c:23:46:f6:d1:8b:ee:77:b4:8b:8f: 1b:e6:61:d2:d6:7a:fa:f1:40:d7:ba:a6:f2:08:b3: 1a:5d:70:20:88:6b:6c:df:e6:7a:3a:78:e1:15:f6: 3b:92:ec:0f:b3:e3:6f:d4:6a:66:46:32:d9:dc:dd: 50:6d:99:c3:4d:37:f7:6b:44:b9:03:ba:3c:32:ec: 10:be:17:fd:7a:86:20:a4:8a:ce:76:91:c1:0b:0b: e2:b1:76:09:64:8d:1b:bc:ad:2f:91:52:8d:8e:d8: fe:f0:0e:d2:c2:c2:d5:49:8e:55:34:02:f4:95:c4: a8:63:c6:9b:53:0e:ac:18:38:54:12:1a:b9:17:bd: 9b:c4:a4:10:93:0c:61:a0:89:4e:43:a9:17:1e:0e: b7:b7:98:82:4e:df:39:11:cc:28:5a:99:d0:fa:2a: c2:a4:bd:74:ec:27:a3:fa:d5:f2:3f:f8:51:26:ae: d4:4f:7f:00:b5:0b:c1:b0:29:ad:79:b8:a5:a5:21: 23:2b:96:bf:e5:6d:22:d7:08:7b:49:31:72:8b:39: e8:20:9b:c9:f0:9d:5a:7d:03:7c:ac:e4:a3:24:1c: 5a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:2F:3D:66:55:4E:6E:12:A0:60:0C:55:0B:FE:D7:4B:E9:C4:FF:E3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.128.0.0/16 Signature Algorithm: sha256WithRSAEncryption 3f:87:b1:2a:4e:19:77:27:a8:d7:58:27:91:ed:54:92:6f:2e: 39:44:6f:dd:f7:68:76:1f:8d:d5:d5:c1:e0:f9:31:79:1a:b6: 68:7e:21:e2:06:17:01:43:15:de:bc:bb:b2:95:66:d0:cc:59: 34:fd:1b:f7:14:de:3d:e6:a5:a9:6d:4b:62:63:5b:aa:40:69: 37:cc:66:c2:5e:0b:a3:ef:4a:eb:53:df:67:f6:01:17:9d:83: 77:fd:fc:34:ca:b7:75:7e:72:56:cc:91:95:4d:a2:10:24:31: eb:79:94:34:86:9e:1d:c0:95:da:95:93:2c:f2:1b:18:8d:e8: 24:db:75:50:93:f9:81:b3:6c:d7:1f:5a:c0:92:36:7d:b3:1d: 6b:96:ce:38:71:d8:a7:c9:f8:e2:ca:68:aa:c9:bb:04:73:5e: 61:b0:5e:be:21:3b:f4:f7:f3:be:c9:2f:1b:92:11:22:99:c5: 76:8a:75:d6:9a:09:e8:1a:8c:54:65:c5:d2:ae:15:94:00:7e: 2f:ea:81:87:21:82:24:af:94:6f:44:0e:2c:bd:44:f5:5a:12: 68:5c:c4:2a:95:8f:0b:26:48:e4:d9:50:ea:42:88:3c:c1:17: c5:68:bb:2d:1b:38:14:4c:62:fb:6d:e0:be:6a:91:5d:2b:bf: 9e:73:0d:c7 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUZgGJvj9qjC92nqbBzEIkfgeF64UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDY2N2M0MjljNjQyMGM0ZmVlZTBjOWE4YjM3MjY2NWVlZWM4ZTlmZTFmMGJi MmNmZDRlNDM4OTc4M2QwOWZjMjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnUH17Ryeue0Ms6L6dL12yWnQWr8rWhialkElB5nvJc4VwjRvbRi+53tIuP G+Zh0tZ6+vFA17qm8gizGl1wIIhrbN/mejp44RX2O5LsD7Pjb9RqZkYy2dzdUG2Z w00392tEuQO6PDLsEL4X/XqGIKSKznaRwQsL4rF2CWSNG7ytL5FSjY7Y/vAO0sLC 1UmOVTQC9JXEqGPGm1MOrBg4VBIauRe9m8SkEJMMYaCJTkOpFx4Ot7eYgk7fORHM KFqZ0PoqwqS9dOwno/rV8j/4USau1E9/ALULwbAprXm4paUhIyuWv+VtItcIe0kx cos56CCbyfCdWn0DfKzkoyQcWi0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6Lz1m VU5uEqBgDFUL/tdL6cT/4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G CSqGSIb3DQEBCwUAA4IBAQA/h7EqThl3J6jXWCeR7VSSby45RG/d92h2H43V1cHg +TF5GrZofiHiBhcBQxXevLuylWbQzFk0/Rv3FN495qWpbUtiY1uqQGk3zGbCXguj 70rrU99n9gEXnYN3/fw0yrd1fnJWzJGVTaIQJDHreZQ0hp4dwJXalZMs8hsYjegk 23VQk/mBs2zXH1rAkjZ9sx1rls44cdinyfjiymiqybsEc15hsF6+ITv09/O+yS8b khEimcV2inXWmgnoGoxUZcXSrhWUAH4v6oGHIYIkr5RvRA4svUT1WhJoXMQqlY8L Jkjk2VDqQog8wRfFaLstGzgUTGL7beC+apFdK7+ecw3H -----END CERTIFICATE-----Generated at Thu Jan 22 22:22:07 2026 by rpki-client