This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json) Hash identifier: hb8Tv/mr63x5ZWDYfLSg2uBCAVMg2j1R5zkMaNAt3Kk= Subject key identifier: CB:28:1C:91:80:C8:B5:7E:AD:9F:7C:C8:A3:FE:C2:62:C7:68:57:5F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1D34D7C229BB3347813C5C76BCB89D57E11BA069 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa Signing time: Wed 10 Dec 2025 06:30:13 +0000 ROA not before: Wed 10 Dec 2025 06:30:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.121.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 17:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:34:d7:c2:29:bb:33:47:81:3c:5c:76:bc:b8:9d:57:e1:1b:a0:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f4da78c969c73eed4b3480329fc3b118843345d6a1661ec5176e1d58641d0959, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7d:ab:2c:00:71:71:eb:3d:9f:db:a3:5b:2b: 24:e0:2c:33:c0:bb:68:ab:c5:93:1a:9e:32:ea:38: 64:76:db:00:f4:36:ca:bd:1d:f9:e2:dc:29:fa:af: 5c:25:da:24:7b:7a:42:6c:02:e6:8f:b8:66:5e:b2: 7c:3e:e4:50:14:3a:c5:86:0a:1d:7a:ab:92:56:b0: 36:bd:d0:d8:bf:67:84:c4:44:0b:5f:db:28:15:7c: 6c:04:17:0e:38:c6:86:0f:05:93:81:59:5e:30:f1: ba:f6:14:00:1e:8e:c2:2a:fc:1a:f5:08:20:68:96: fa:ee:58:2b:da:08:f0:5f:29:82:e9:ab:48:ca:73: d7:a6:6c:74:11:32:03:4f:39:4e:0f:c8:2b:e3:68: 0f:20:db:02:51:2e:37:e1:ab:11:da:bc:0c:a3:6c: 27:d0:7b:5a:86:47:b4:6d:c8:6b:e9:29:f0:eb:1e: 50:14:e9:4e:5b:ac:d6:47:af:34:33:01:b0:ef:12: 92:13:80:7e:03:d5:ec:f7:82:c2:95:05:24:a7:ac: 66:9b:6b:33:69:e6:c7:6b:05:b0:87:72:5d:e3:5e: bb:59:f3:04:4e:de:da:90:6d:2a:d8:62:bc:a8:66: 09:22:fe:48:ac:a8:ed:61:23:97:fc:70:ca:89:3b: 0c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:28:1C:91:80:C8:B5:7E:AD:9F:7C:C8:A3:FE:C2:62:C7:68:57:5F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.121.0.0/16 Signature Algorithm: sha256WithRSAEncryption 44:60:6f:cd:36:7a:e3:91:69:87:55:c5:ed:73:a2:dc:87:00: fb:3a:6f:68:bc:81:2b:45:d5:4b:d2:c7:ce:4b:cd:31:9d:7f: 02:74:ba:c5:29:a6:c8:81:9a:f9:f6:b2:e8:06:2e:81:3e:0f: 70:8b:ce:eb:28:ba:2e:c4:9e:13:b2:66:56:66:ad:71:6e:6b: c8:42:39:97:44:c1:33:ff:5f:53:46:58:eb:24:8a:2f:40:2d: 14:04:df:37:7b:63:fb:4c:5c:eb:84:cd:fa:98:35:11:fc:67: 7c:05:e3:ae:6f:f6:27:85:34:ba:0e:d2:b5:23:6a:90:b1:6f: f9:19:3b:0e:b5:e1:e1:a1:48:81:6a:e5:7d:b1:3e:38:12:fb: a3:77:f1:70:86:2f:9f:4a:6c:5b:4c:29:74:ff:2b:ba:2b:be: c6:be:95:d2:a3:a4:9d:14:0a:e8:ba:b5:e3:43:39:00:2c:79: ef:b0:e6:9d:de:48:42:ae:af:47:60:d9:45:13:e8:ac:92:af: 33:c0:e2:d1:8c:97:07:c8:6e:61:45:d1:c6:c1:6b:46:9b:e8: c8:68:fd:c6:92:ce:66:c3:83:46:f8:69:93:f6:ae:41:5c:33: c4:d8:82:9b:04:74:c4:db:bf:76:17:e4:06:ab:a3:43:b9:74: 8e:90:15:28 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUHTTXwim7M0eBPFx2vLidV+EboGkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY0ZGE3OGM5NjljNzNlZWQ0YjM0ODAzMjlmYzNiMTE4ODQzMzQ1ZDZhMTY2 MWVjNTE3NmUxZDU4NjQxZDA5NTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZ9qywAcXHrPZ/bo1srJOAsM8C7aKvFkxqeMuo4ZHbbAPQ2yr0d+eLcKfqv XCXaJHt6QmwC5o+4Zl6yfD7kUBQ6xYYKHXqrklawNr3Q2L9nhMREC1/bKBV8bAQX DjjGhg8Fk4FZXjDxuvYUAB6Owir8GvUIIGiW+u5YK9oI8F8pgumrSMpz16ZsdBEy A085Tg/IK+NoDyDbAlEuN+GrEdq8DKNsJ9B7WoZHtG3Ia+kp8OseUBTpTlus1kev NDMBsO8SkhOAfgPV7PeCwpUFJKesZptrM2nmx2sFsIdyXeNeu1nzBE7e2pBtKthi vKhmCSL+SKyo7WEjl/xwyok7DMMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTLKByR gMi1fq2ffMij/sJix2hXXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G CSqGSIb3DQEBCwUAA4IBAQBEYG/NNnrjkWmHVcXtc6LchwD7Om9ovIErRdVL0sfO S80xnX8CdLrFKabIgZr59rLoBi6BPg9wi87rKLouxJ4TsmZWZq1xbmvIQjmXRMEz /19TRljrJIovQC0UBN83e2P7TFzrhM36mDUR/Gd8BeOub/YnhTS6DtK1I2qQsW/5 GTsOteHhoUiBauV9sT44Evujd/Fwhi+fSmxbTCl0/yu6K77GvpXSo6SdFArourXj QzkALHnvsOad3khCrq9HYNlFE+iskq8zwOLRjJcHyG5hRdHGwWtGm+jIaP3Gks5m w4NG+GmT9q5BXDPE2IKbBHTE2792F+QGq6NDuXSOkBUo -----END CERTIFICATE-----Generated at Wed Dec 10 21:06:53 2025 by rpki-client