This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json) Hash identifier: S5x2zNq5rba27a7TK2hvIJgJGjiNO28rsYem28Bh1WM= Subject key identifier: 15:F0:7B:39:20:5B:35:CA:AD:1A:CA:CF:C8:D2:20:7A:DA:D3:B4:BC Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 521475556F82B496EF47BF209B714B8D1956B122 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa Signing time: Wed 10 Dec 2025 06:40:18 +0000 ROA not before: Wed 10 Dec 2025 06:40:18 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.76.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:14:75:55:6f:82:b4:96:ef:47:bf:20:9b:71:4b:8d:19:56:b1:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:18 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=99fa70b4b4dc6ecf1cfd585cbb65e3fb79d22bc07c2138efc8e20dea40edb6d8, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:8c:0f:c0:99:5d:7b:a1:c3:51:eb:a4:cd:67: ec:63:af:40:4f:aa:46:48:05:15:59:bb:a8:3c:e1: 88:9b:22:5f:a5:54:67:71:6b:75:a2:34:f2:19:ac: 90:fe:2a:27:03:2b:8e:02:1d:f2:cd:ae:fc:c0:c3: 01:79:3e:6b:5a:9d:e7:81:79:11:5a:16:33:d0:56: c3:8d:56:d0:04:89:ba:bd:11:36:81:38:b1:d6:80: 97:46:cd:8e:eb:fc:71:74:1a:1f:6a:52:33:be:ea: fd:bf:64:05:aa:3f:8f:92:04:06:b9:47:bd:e1:f9: bc:bd:27:5e:b8:08:12:92:76:24:83:82:a6:37:df: 3a:d5:7a:e0:e5:52:7f:b5:4b:73:e4:58:f0:35:31: ae:d9:c7:0b:7b:ad:90:64:85:da:21:bb:d9:26:d0: 77:d6:5f:2a:33:bb:c4:16:b0:2a:2c:51:37:13:11: 70:38:39:57:4f:68:c3:d0:24:65:90:c8:aa:ea:7a: 51:9f:8c:d2:32:64:e0:f4:0a:fe:fa:5a:5a:e3:0e: dd:4a:3f:db:79:7c:89:7e:b4:7c:cf:3e:df:46:1a: 5a:14:4e:53:61:44:89:25:42:e3:96:74:74:dc:38: 6d:05:e4:3f:fe:ac:89:39:57:64:51:d3:60:c1:9b: cb:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:F0:7B:39:20:5B:35:CA:AD:1A:CA:CF:C8:D2:20:7A:DA:D3:B4:BC X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.76.0.0/16 Signature Algorithm: sha256WithRSAEncryption 8f:0f:97:13:ac:f9:fc:a9:11:be:1a:31:a0:c7:95:32:af:ed: 54:c7:c8:87:cd:43:ce:3d:a9:00:35:ef:86:a5:5b:c2:08:14: 36:72:65:0e:55:4d:9b:2f:a7:b5:b7:ff:3b:0d:c4:57:13:23: 0a:16:3f:7f:40:6e:d7:80:61:00:c8:6c:76:e5:2b:d2:91:8f: 0e:1c:25:e1:cc:bb:27:f6:d2:b5:df:b8:9b:01:06:ad:26:a9: 4d:f3:9a:43:f6:49:db:b5:ac:da:2e:a4:6a:4d:6b:69:b1:83: ad:0f:a7:27:a1:b5:b1:50:e8:0b:26:52:af:5d:07:bc:0e:5b: 74:49:1e:69:e8:d1:b2:da:f2:56:93:f5:9f:4b:f0:56:08:88: 7b:bc:5b:b5:15:16:79:aa:b4:12:dc:b6:8d:e2:fe:2b:02:a0: 3d:8d:a7:c5:fc:58:a0:ab:73:cb:98:71:ef:73:52:1b:68:e6: f4:0b:2a:eb:c6:8d:00:51:7d:f5:67:92:5b:ba:e9:61:9e:43: 56:e7:60:3a:2d:57:ab:84:8e:ca:74:04:8f:b6:79:69:ba:ae: b3:e1:1b:ca:4d:2d:cf:1b:61:f2:b8:23:cb:dd:44:65:d8:82: c2:5f:a9:9d:2d:40:90:e7:ac:2e:32:05:7f:c0:45:d5:0e:29: 98:3d:9b:f4 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUUhR1VW+CtJbvR78gm3FLjRlWsSIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMThaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDk5ZmE3MGI0YjRkYzZlY2YxY2ZkNTg1Y2JiNjVlM2ZiNzlkMjJiYzA3YzIx MzhlZmM4ZTIwZGVhNDBlZGI2ZDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANeMD8CZXXuhw1HrpM1n7GOvQE+qRkgFFVm7qDzhiJsiX6VUZ3FrdaI08hms kP4qJwMrjgId8s2u/MDDAXk+a1qd54F5EVoWM9BWw41W0ASJur0RNoE4sdaAl0bN juv8cXQaH2pSM77q/b9kBao/j5IEBrlHveH5vL0nXrgIEpJ2JIOCpjffOtV64OVS f7VLc+RY8DUxrtnHC3utkGSF2iG72SbQd9ZfKjO7xBawKixRNxMRcDg5V09ow9Ak ZZDIqup6UZ+M0jJk4PQK/vpaWuMO3Uo/23l8iX60fM8+30YaWhROU2FEiSVC45Z0 dNw4bQXkP/6siTlXZFHTYMGby+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQV8Hs5 IFs1yq0ays/I0iB62tO0vDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G CSqGSIb3DQEBCwUAA4IBAQCPD5cTrPn8qRG+GjGgx5Uyr+1Ux8iHzUPOPakANe+G pVvCCBQ2cmUOVU2bL6e1t/87DcRXEyMKFj9/QG7XgGEAyGx25SvSkY8OHCXhzLsn 9tK137ibAQatJqlN85pD9knbtazaLqRqTWtpsYOtD6cnobWxUOgLJlKvXQe8Dlt0 SR5p6NGy2vJWk/WfS/BWCIh7vFu1FRZ5qrQS3LaN4v4rAqA9jafF/Figq3PLmHHv c1IbaOb0Cyrrxo0AUX31Z5JbuulhnkNW52A6LVerhI7KdASPtnlpuq6z4RvKTS3P G2HyuCPL3URl2ILCX6mdLUCQ56wuMgV/wEXVDimYPZv0 -----END CERTIFICATE-----Generated at Sun Dec 14 00:04:58 2025 by rpki-client