This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json) Hash identifier: h0HSwQMKW/AhV0CyrtMyNCJmIE73KhSVg//pvkVHoUM= Subject key identifier: 7D:C0:82:DB:34:2D:50:DA:92:3D:E0:29:63:AC:FF:1F:6F:47:29:D6 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7FC5E879C6C994C0EEC126712237705E844D4022 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa Signing time: Wed 10 Dec 2025 06:50:31 +0000 ROA not before: Wed 10 Dec 2025 06:50:31 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.122.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:c5:e8:79:c6:c9:94:c0:ee:c1:26:71:22:37:70:5e:84:4d:40:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:31 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=b6da125c7cadbc31b85ba3050ff9e73b76c5363a9bd935c659156d102681f10b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:f8:fc:61:cb:37:f6:df:f2:0b:83:73:5e:4a: 21:0c:4e:c9:5e:94:11:1d:c7:1b:62:05:55:e1:fb: 80:b8:36:fa:ef:4e:c5:0d:73:bf:e6:e5:1a:e3:94: 82:2a:48:bb:9c:61:44:ac:cd:90:fb:d5:6a:de:58: 32:af:37:69:16:de:64:60:c2:ec:44:6f:8e:06:63: 65:08:b4:c9:22:af:03:ff:4e:7c:40:e8:38:88:c0: 43:49:e5:65:a1:de:f9:f5:86:cc:45:6f:a8:95:45: 73:17:59:75:b1:34:cf:d1:2c:54:1f:45:da:a9:b6: a3:71:7a:ba:a5:cf:9e:0b:fd:ac:47:82:5d:d1:3f: a0:10:52:2a:81:d2:9e:98:71:21:cb:6f:a5:fd:1d: 6e:0d:d9:1d:15:79:0d:69:04:de:3a:d3:f7:2d:b7: e7:1b:e0:26:73:98:05:39:0f:96:27:50:17:d3:50: 9b:7c:05:98:eb:12:ba:38:67:91:0a:70:a8:f9:b7: 5c:1d:77:8f:9b:84:09:47:52:c3:33:d9:d6:26:87: 7f:b8:a5:d5:f7:10:18:ae:6b:92:74:58:ba:2d:ae: 72:70:3b:7d:e1:d0:2b:b0:aa:2c:15:63:3b:92:26: 07:21:cc:5a:9e:6a:78:71:db:f9:e0:3c:3d:ed:84: bd:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:C0:82:DB:34:2D:50:DA:92:3D:E0:29:63:AC:FF:1F:6F:47:29:D6 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.122.0.0/15 Signature Algorithm: sha256WithRSAEncryption cd:7d:9d:d9:f7:60:de:8c:64:6f:4a:5e:75:e2:3c:55:22:85: e2:6b:98:c2:31:de:e3:b7:01:75:d8:f7:34:f9:93:fb:1e:d7: 12:21:64:78:c1:77:ae:95:a4:9d:73:1b:7b:17:0e:7b:4c:72: 1a:86:cb:84:47:24:45:b3:c3:67:25:4e:3c:0d:7c:c4:74:4f: 15:57:ae:d9:75:b9:db:7c:bb:e5:c6:c0:13:d3:e0:d5:ab:22: a6:ce:49:4c:49:a0:f0:3a:8a:e3:0b:52:07:67:bb:56:5c:f9: ac:20:41:2d:b8:10:d6:9e:03:a0:b9:4c:4f:2e:60:00:4c:93: 11:2d:10:c9:4c:89:56:bd:7d:fc:f7:a1:b9:76:64:34:1d:d3: 95:b2:f7:18:1e:99:7a:9b:3c:ab:2e:55:cb:36:c2:5d:32:94: a0:b1:29:3a:89:d3:e7:bb:13:68:b6:17:e3:75:36:c2:96:75: bc:39:b5:cb:64:03:95:69:54:f7:12:64:72:5c:a8:cf:5e:53: 0f:66:34:80:6c:9f:b7:75:31:2d:6c:b4:dd:66:4e:ce:32:94: 27:85:59:b4:b9:87:c3:bf:23:1f:48:7f:cd:61:f6:d7:5d:56: 5d:63:66:ff:cd:10:f3:cf:ba:c8:e2:e8:8e:53:4c:ef:6d:82: 52:b8:51:f9 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUf8XoecbJlMDuwSZxIjdwXoRNQCIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGI2ZGExMjVjN2NhZGJjMzFiODViYTMwNTBmZjllNzNiNzZjNTM2M2E5YmQ5 MzVjNjU5MTU2ZDEwMjY4MWYxMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJH4/GHLN/bf8guDc15KIQxOyV6UER3HG2IFVeH7gLg2+u9OxQ1zv+blGuOU gipIu5xhRKzNkPvVat5YMq83aRbeZGDC7ERvjgZjZQi0ySKvA/9OfEDoOIjAQ0nl ZaHe+fWGzEVvqJVFcxdZdbE0z9EsVB9F2qm2o3F6uqXPngv9rEeCXdE/oBBSKoHS nphxIctvpf0dbg3ZHRV5DWkE3jrT9y235xvgJnOYBTkPlidQF9NQm3wFmOsSujhn kQpwqPm3XB13j5uECUdSwzPZ1iaHf7il1fcQGK5rknRYui2ucnA7feHQK7CqLBVj O5ImByHMWp5qeHHb+eA8Pe2EvcMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR9wILb NC1Q2pI94CljrP8fb0cp1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G CSqGSIb3DQEBCwUAA4IBAQDNfZ3Z92DejGRvSl514jxVIoXia5jCMd7jtwF12Pc0 +ZP7HtcSIWR4wXeulaSdcxt7Fw57THIahsuERyRFs8NnJU48DXzEdE8VV67Zdbnb fLvlxsAT0+DVqyKmzklMSaDwOorjC1IHZ7tWXPmsIEEtuBDWngOguUxPLmAATJMR LRDJTIlWvX3896G5dmQ0HdOVsvcYHpl6mzyrLlXLNsJdMpSgsSk6idPnuxNothfj dTbClnW8ObXLZAOVaVT3EmRyXKjPXlMPZjSAbJ+3dTEtbLTdZk7OMpQnhVm0uYfD vyMfSH/NYfbXXVZdY2b/zRDzz7rI4uiOU0zvbYJSuFH5 -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:18 2025 by rpki-client