This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json) Hash identifier: e/Rfu+ByBvOa4k3E5YnY79mmh9D+MgfYfViZtVOSmoc= Subject key identifier: 46:02:03:FC:E8:82:1F:60:39:E7:04:DC:5C:5D:A0:0A:04:90:28:C6 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3CBB70FEF799736182889CCA33A60833CB19153D Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa Signing time: Wed 10 Dec 2025 06:40:06 +0000 ROA not before: Wed 10 Dec 2025 06:40:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.125.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:bb:70:fe:f7:99:73:61:82:88:9c:ca:33:a6:08:33:cb:19:15:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=57c4c757628332c8d695412b70868b9c2ddfa76dd7c6f363849dd6f47170fcae, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:36:bf:0a:2e:da:40:c2:bf:e0:e0:64:8e:aa: 65:39:a9:66:38:5b:a2:a4:be:76:0d:9a:d6:85:e2: 39:7b:19:bb:a0:13:1a:24:d8:59:27:91:ae:ad:dc: c6:28:19:8e:92:20:d6:97:9a:3e:fb:30:53:c0:38: 99:31:da:e8:a2:4a:a9:5d:1e:10:d8:22:e6:f2:46: bd:84:e8:4c:a1:1e:c3:52:1d:1d:c8:cd:49:82:05: 2c:b0:5b:c7:79:47:4e:8a:da:78:7b:1a:47:94:ac: 28:ff:0f:8b:72:0e:e7:bb:e7:2a:ea:5f:2a:5e:73: 19:d5:cc:c5:b6:2e:08:94:a1:27:f5:a8:6c:a2:ff: 81:6c:c4:d9:24:65:fd:92:5b:c6:5f:9b:39:07:4f: a7:52:52:bf:2e:24:db:7e:88:88:7b:59:6e:e3:41: 38:ec:a1:6f:4a:f0:3b:fb:1a:f3:a7:ce:d8:5b:29: cf:88:e7:c5:f7:00:50:85:b3:07:e8:e4:1a:10:29: 34:43:3e:1e:f8:17:c6:41:40:da:71:ab:59:5b:2f: 6c:1d:30:c7:24:28:7a:18:c2:26:c0:96:e0:76:34: 14:46:a9:64:d2:c6:85:02:b1:22:3f:3d:1d:04:5a: a1:cc:38:87:9d:9e:52:68:ce:45:2e:1a:62:99:e9: 6e:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:02:03:FC:E8:82:1F:60:39:E7:04:DC:5C:5D:A0:0A:04:90:28:C6 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.125.0.0/16 Signature Algorithm: sha256WithRSAEncryption 6b:66:d1:f3:78:94:cd:e4:21:26:e7:f0:65:2c:46:47:02:1f: 3c:25:fa:e9:26:07:ef:e8:d6:99:0a:04:83:e4:18:79:25:29: f5:d0:0b:97:1f:b3:4d:21:b8:f2:d3:e9:b5:2c:7a:e7:62:15: 8f:b5:ca:3d:f3:bb:90:95:b3:d7:9c:19:98:2b:3e:d4:33:1a: 33:c3:46:0d:ef:cf:ce:94:49:20:61:09:cd:53:01:c7:a3:63: 94:de:18:bd:8b:7b:54:86:b3:8c:31:c5:b4:2f:bc:81:2a:0e: 92:13:be:87:21:d4:15:8a:cf:3c:b4:1c:7a:2a:fc:fb:e1:75: d5:10:68:52:6e:54:9b:d5:9e:b4:c8:9f:31:d0:21:43:ca:a8: c6:5e:1c:cf:cd:bd:2e:45:1e:0b:dc:4b:d9:23:94:37:1f:7b: 6e:f3:47:54:76:35:2e:61:0b:8b:e6:05:eb:42:b6:83:e1:d6: 51:3d:10:1f:b8:31:8d:cf:e5:77:38:75:a2:ae:a0:08:b2:23: e3:df:28:61:a9:9a:e4:81:76:9f:e0:99:20:9c:54:85:5b:20: 0b:00:85:94:ce:f5:64:2a:c0:64:86:52:f7:0f:ba:5d:e0:ca: 22:68:a6:69:d6:ee:18:39:93:e1:1c:22:0c:84:73:0a:9d:0d: 4e:10:be:2a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUPLtw/veZc2GCiJzKM6YIM8sZFT0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU3YzRjNzU3NjI4MzMyYzhkNjk1NDEyYjcwODY4YjljMmRkZmE3NmRkN2M2 ZjM2Mzg0OWRkNmY0NzE3MGZjYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANU2vwou2kDCv+DgZI6qZTmpZjhboqS+dg2a1oXiOXsZu6ATGiTYWSeRrq3c xigZjpIg1peaPvswU8A4mTHa6KJKqV0eENgi5vJGvYToTKEew1IdHcjNSYIFLLBb x3lHToraeHsaR5SsKP8Pi3IO57vnKupfKl5zGdXMxbYuCJShJ/WobKL/gWzE2SRl /ZJbxl+bOQdPp1JSvy4k236IiHtZbuNBOOyhb0rwO/sa86fO2Fspz4jnxfcAUIWz B+jkGhApNEM+HvgXxkFA2nGrWVsvbB0wxyQoehjCJsCW4HY0FEapZNLGhQKxIj89 HQRaocw4h52eUmjORS4aYpnpbuECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGAgP8 6IIfYDnnBNxcXaAKBJAoxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G CSqGSIb3DQEBCwUAA4IBAQBrZtHzeJTN5CEm5/BlLEZHAh88JfrpJgfv6NaZCgSD 5Bh5JSn10AuXH7NNIbjy0+m1LHrnYhWPtco987uQlbPXnBmYKz7UMxozw0YN78/O lEkgYQnNUwHHo2OU3hi9i3tUhrOMMcW0L7yBKg6SE76HIdQVis88tBx6Kvz74XXV EGhSblSb1Z60yJ8x0CFDyqjGXhzPzb0uRR4L3EvZI5Q3H3tu80dUdjUuYQuL5gXr QraD4dZRPRAfuDGNz+V3OHWirqAIsiPj3yhhqZrkgXaf4JkgnFSFWyALAIWUzvVk KsBkhlL3D7pd4MoiaKZp1u4YOZPhHCIMhHMKnQ1OEL4q -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:23 2025 by rpki-client