This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json) Hash identifier: HciqCzJS2VZV4vl0ZSnhICwtQ7dOsuhnnMLZJzpKt80= Subject key identifier: FC:B2:23:A1:E7:D3:3B:0F:36:4A:DB:4C:56:5E:9D:C5:0D:7A:F2:40 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 550BC5E0AB3C6E2895B6F2B8B9CC25CB99C947F7 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa Signing time: Wed 10 Dec 2025 06:50:37 +0000 ROA not before: Wed 10 Dec 2025 06:50:37 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.48.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:0b:c5:e0:ab:3c:6e:28:95:b6:f2:b8:b9:cc:25:cb:99:c9:47:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:37 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=7a2f2f3b1fc72b6feecabc198f9b0ca7898a1142348d5ccabb3dada1152c5928, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:eb:4e:e7:ab:68:9c:d0:d2:9b:b2:cd:98:ac: 0b:4a:6e:13:5e:4e:c5:27:41:d0:2e:65:b9:54:e0: 89:c7:f3:91:e6:cd:45:69:d8:97:a0:cf:73:b9:ec: bd:d3:27:b5:d3:32:88:96:b0:f1:09:02:15:34:e4: 35:15:29:9a:9b:fb:d4:e2:08:e2:cb:d3:f3:8f:3d: 86:7e:b7:d2:04:ae:43:51:e9:c7:09:1e:7a:32:61: 9c:02:9b:06:89:34:c5:f3:10:44:97:41:7b:e0:ba: 1b:8c:ce:12:6f:a4:37:f9:84:ea:2b:2a:c7:b4:13: 2c:dd:4c:09:44:01:89:93:a3:08:a8:56:22:6a:d2: 1b:81:c8:f1:87:2a:f8:f5:e0:cf:b6:fd:d4:4e:e0: f9:d7:4a:64:d6:3c:cd:b4:13:89:52:96:cf:ed:7d: 1e:23:0e:1a:0c:c2:1c:db:5f:a9:5f:be:f3:1e:ee: f7:af:07:2a:80:7e:f8:3a:ea:89:cb:1e:fa:72:4a: e0:8e:a7:93:7f:99:a5:95:0f:09:8e:fa:1e:60:76: 5b:16:cb:05:0e:ab:da:be:4f:a5:a2:30:9d:0d:13: cd:ad:bd:d8:f2:fc:76:e2:da:be:da:03:b3:59:9a: 43:d6:44:c9:a7:f7:b2:c3:3a:db:29:68:71:11:35: 9b:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:B2:23:A1:E7:D3:3B:0F:36:4A:DB:4C:56:5E:9D:C5:0D:7A:F2:40 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.48.0.0/15 Signature Algorithm: sha256WithRSAEncryption 1a:24:0c:f0:b4:00:59:e4:9a:f3:4a:d8:a8:a4:71:dd:ce:05: 98:98:51:d8:05:59:d0:ac:ae:4d:45:8a:84:2b:4d:ad:b4:6a: a6:1a:37:bb:14:ca:2d:f1:a7:8d:b8:06:69:b4:b7:f5:85:84: 50:b3:59:c9:0e:15:b5:e4:6f:e4:32:e7:56:09:ea:2b:c0:de: 34:4b:85:13:8e:84:80:aa:c4:80:51:49:4b:ac:31:6a:dc:75: e9:ac:c0:d3:0f:02:cb:c8:c2:aa:75:e9:7f:80:3f:2e:a7:d9: a2:25:43:05:aa:f7:74:6f:1a:dd:c9:09:14:9d:91:9a:a0:09: 73:5f:6a:2e:a7:bb:85:1c:2f:eb:35:6d:9d:72:6d:6d:e7:0d: fa:25:da:21:d1:ea:d0:23:84:9e:1e:db:25:c0:25:4f:73:16: e8:8e:e6:db:0a:d6:20:9c:eb:3f:ee:3f:c0:b4:64:1a:1c:16: 8b:9e:d5:56:0e:90:93:a0:b2:6e:30:1e:20:50:86:87:9e:1e: 6c:4f:a4:9a:90:ab:e7:ef:a5:0a:f8:5f:08:72:87:da:9b:1a: 2a:5d:49:71:0d:1c:48:26:77:ab:21:84:6e:8a:e5:f6:ae:4f: 4f:d2:bf:ea:c0:9b:95:71:0c:1b:aa:ea:08:38:a8:5c:4f:ba: aa:bf:5f:56 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUVQvF4Ks8biiVtvK4ucwly5nJR/cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDdhMmYyZjNiMWZjNzJiNmZlZWNhYmMxOThmOWIwY2E3ODk4YTExNDIzNDhk NWNjYWJiM2RhZGExMTUyYzU5MjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMvrTueraJzQ0puyzZisC0puE15OxSdB0C5luVTgicfzkebNRWnYl6DPc7ns vdMntdMyiJaw8QkCFTTkNRUpmpv71OII4svT8489hn630gSuQ1HpxwkeejJhnAKb Bok0xfMQRJdBe+C6G4zOEm+kN/mE6isqx7QTLN1MCUQBiZOjCKhWImrSG4HI8Ycq +PXgz7b91E7g+ddKZNY8zbQTiVKWz+19HiMOGgzCHNtfqV++8x7u968HKoB++Drq icse+nJK4I6nk3+ZpZUPCY76HmB2WxbLBQ6r2r5PpaIwnQ0Tza292PL8duLavtoD s1maQ9ZEyaf3ssM62ylocRE1m0sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8siOh 59M7DzZK20xWXp3FDXryQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G CSqGSIb3DQEBCwUAA4IBAQAaJAzwtABZ5JrzStiopHHdzgWYmFHYBVnQrK5NRYqE K02ttGqmGje7FMot8aeNuAZptLf1hYRQs1nJDhW15G/kMudWCeorwN40S4UTjoSA qsSAUUlLrDFq3HXprMDTDwLLyMKqdel/gD8up9miJUMFqvd0bxrdyQkUnZGaoAlz X2oup7uFHC/rNW2dcm1t5w36Jdoh0erQI4SeHtslwCVPcxbojubbCtYgnOs/7j/A tGQaHBaLntVWDpCToLJuMB4gUIaHnh5sT6SakKvn76UK+F8IcofamxoqXUlxDRxI JnerIYRuiuX2rk9P0r/qwJuVcQwbquoIOKhcT7qqv19W -----END CERTIFICATE-----Generated at Fri Dec 19 21:49:57 2025 by rpki-client