This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json) Hash identifier: tnihPrLB8qle9qiel1ai4c/O+CpN4uwu4q+F9ye0luw= Subject key identifier: 4B:04:7E:FE:49:AD:E1:84:2A:E9:AE:8E:F0:B1:6E:60:0C:42:CD:95 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4ED3C5A19323CDA5D20EA281028540615318FAEF Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa Signing time: Wed 10 Dec 2025 06:40:19 +0000 ROA not before: Wed 10 Dec 2025 06:40:19 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.214.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:d3:c5:a1:93:23:cd:a5:d2:0e:a2:81:02:85:40:61:53:18:fa:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:19 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1e8dfc075907c7bb0a24f3309ac917dc76e2d09c690d96ea41036f87f37aa1c0, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:24:cd:91:f3:f9:7c:cd:bf:ad:d1:cf:f2:41: dd:a5:fb:33:08:01:b2:da:67:91:7a:f3:33:3e:86: ee:96:8e:7a:09:66:60:0b:5b:7c:e2:ea:d4:27:d4: 3f:cb:74:f3:66:36:39:6c:f5:3b:0b:f3:41:8d:2b: ed:92:b3:46:8f:4e:a7:4d:c4:c2:2e:6f:1f:23:b4: 4c:da:ad:12:11:87:1b:4c:e6:25:10:2e:12:81:c4: 27:39:ee:66:06:fe:c8:fd:e4:22:cd:a5:12:aa:4e: 9b:c4:fb:33:ee:d5:54:0c:cf:e1:c9:c3:26:1d:3e: 19:5e:79:f7:fa:05:56:9c:2c:c6:dd:61:b0:6d:0f: 1e:76:21:9f:94:5c:7a:9d:d1:7e:e5:fa:15:f3:b8: a1:5f:45:db:86:d5:05:69:ec:1b:2d:a1:1a:35:53: 07:96:c6:19:12:67:99:ef:21:35:6e:ff:60:b2:41: f0:0e:8b:ec:e3:dc:57:21:cc:af:d2:bc:75:27:ed: f0:b8:81:a3:dc:aa:80:fc:3c:ab:0f:6f:00:8a:56: b6:fe:6c:05:fd:da:dd:a5:12:82:c7:f9:1d:4b:cd: 18:1e:13:06:2c:af:38:08:96:99:83:91:c9:84:ac: 35:79:70:32:e8:cc:d1:d7:45:8c:56:b3:15:08:1c: d8:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:04:7E:FE:49:AD:E1:84:2A:E9:AE:8E:F0:B1:6E:60:0C:42:CD:95 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.214.0.0/15 Signature Algorithm: sha256WithRSAEncryption 1c:09:ff:17:0b:d2:8c:28:b6:dd:6f:08:d4:b4:3e:97:58:57: 02:ee:38:d8:1a:6d:d3:09:b0:97:1c:c7:00:99:02:9e:c9:85: 97:4e:a3:3b:a3:83:8e:94:b5:b3:e4:fc:6c:7c:18:21:f6:e3: a6:ec:70:0a:c2:92:64:5e:4f:b0:32:45:b5:d8:26:2a:a0:18: e6:24:c1:b7:2f:ef:b1:bf:b7:89:11:b7:94:f2:1a:58:71:7c: 44:8d:6f:0d:7b:dc:ef:ab:50:d1:1f:fa:bb:1b:2d:9e:5b:df: f7:f6:91:b7:32:67:69:78:2d:cf:cc:d4:1b:be:47:3f:f6:27: d8:89:77:c7:64:d3:01:7e:3e:26:55:0a:5e:60:d4:c0:bd:b5: 25:b4:81:a8:b9:77:0f:90:d4:da:0a:2a:ae:bf:2f:49:0a:0f: 91:1c:ae:53:1b:28:1b:04:68:06:58:b2:60:5d:c9:73:32:54: a4:d3:51:e9:86:f4:93:e8:da:81:62:de:f5:09:fc:68:4a:a7: 68:8b:d0:c6:33:4f:23:90:9d:17:82:80:eb:36:cf:a6:0e:cc: 46:e0:50:37:16:4b:96:43:af:2e:7d:71:6c:0a:22:90:33:b6: 10:6d:3d:0c:39:0c:ca:39:6b:3f:84:0d:de:28:27:0a:df:28: a6:05:8d:38 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUTtPFoZMjzaXSDqKBAoVAYVMY+u8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMTlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDFlOGRmYzA3NTkwN2M3YmIwYTI0ZjMzMDlhYzkxN2RjNzZlMmQwOWM2OTBk OTZlYTQxMDM2Zjg3ZjM3YWExYzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKMkzZHz+XzNv63Rz/JB3aX7MwgBstpnkXrzMz6G7paOeglmYAtbfOLq1CfU P8t082Y2OWz1OwvzQY0r7ZKzRo9Op03Ewi5vHyO0TNqtEhGHG0zmJRAuEoHEJznu Zgb+yP3kIs2lEqpOm8T7M+7VVAzP4cnDJh0+GV559/oFVpwsxt1hsG0PHnYhn5Rc ep3RfuX6FfO4oV9F24bVBWnsGy2hGjVTB5bGGRJnme8hNW7/YLJB8A6L7OPcVyHM r9K8dSft8LiBo9yqgPw8qw9vAIpWtv5sBf3a3aUSgsf5HUvNGB4TBiyvOAiWmYOR yYSsNXlwMujM0ddFjFazFQgc2MUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRLBH7+ Sa3hhCrpro7wsW5gDELNlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G CSqGSIb3DQEBCwUAA4IBAQAcCf8XC9KMKLbdbwjUtD6XWFcC7jjYGm3TCbCXHMcA mQKeyYWXTqM7o4OOlLWz5PxsfBgh9uOm7HAKwpJkXk+wMkW12CYqoBjmJMG3L++x v7eJEbeU8hpYcXxEjW8Ne9zvq1DRH/q7Gy2eW9/39pG3MmdpeC3PzNQbvkc/9ifY iXfHZNMBfj4mVQpeYNTAvbUltIGouXcPkNTaCiquvy9JCg+RHK5TGygbBGgGWLJg XclzMlSk01HphvST6NqBYt71CfxoSqdoi9DGM08jkJ0XgoDrNs+mDsxG4FA3FkuW Q68ufXFsCiKQM7YQbT0MOQzKOWs/hA3eKCcK3yimBY04 -----END CERTIFICATE-----Generated at Fri Dec 19 20:10:00 2025 by rpki-client