This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json) Hash identifier: /Kd+fSzYCo6wxuv5JetAkmJhjLBBKirAK2t6aPNOPBg= Subject key identifier: 1B:91:3F:E7:6E:13:B9:23:92:15:54:F0:B3:73:4B:84:09:96:AF:A1 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 46A4568035A96720B3AF4C1CB46A7E9C836CDEC8 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa Signing time: Wed 10 Dec 2025 06:50:32 +0000 ROA not before: Wed 10 Dec 2025 06:50:32 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.236.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:a4:56:80:35:a9:67:20:b3:af:4c:1c:b4:6a:7e:9c:83:6c:de:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:32 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e5b9f89ae61b744914601fe2383d4d4801c9aacf98090848e9b7ff837d14f468, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:7e:ab:f4:df:c0:f0:78:4f:33:e9:a3:46:b4: 1d:44:70:dd:29:a6:3e:71:6b:ed:09:a6:bb:59:e6: ea:73:26:4d:fa:b3:c2:f6:38:fa:d2:5f:95:17:0b: 79:62:b8:a4:a8:b9:f0:e4:34:ef:a4:54:b3:12:74: 70:88:6a:81:2c:2e:57:b2:98:7a:5e:ce:9f:2b:66: 61:14:ae:1c:b7:5f:12:57:80:9e:4b:a7:0c:ae:85: a4:69:3d:5e:1a:52:81:62:c8:57:53:77:97:79:e8: 94:79:2c:0d:97:76:8c:d2:11:2a:9e:a3:04:24:4d: 43:fb:9a:7e:6c:d6:4a:c7:a3:ef:b0:fc:fd:98:4a: ba:40:64:6c:16:e4:94:9f:d0:81:6c:c8:b7:5e:3c: 7c:cb:b9:34:70:21:4c:0b:da:f2:c6:67:9c:12:fb: cc:35:9c:1c:53:5d:d6:4c:eb:19:57:96:63:d0:b8: 03:e0:f9:c5:cc:cb:00:94:05:e6:1c:23:d1:29:df: 56:7e:2d:59:91:6d:9c:f2:f7:4e:c5:09:f8:93:51: 3c:14:3b:ca:b0:0c:3a:e7:49:a3:53:45:0c:0a:b5: 99:79:43:cc:9b:ee:86:b4:fd:00:6d:d3:47:82:5d: 7a:62:5b:d2:94:bd:58:93:8c:6c:a6:21:00:4e:d0: ed:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:91:3F:E7:6E:13:B9:23:92:15:54:F0:B3:73:4B:84:09:96:AF:A1 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.236.0.0/15 Signature Algorithm: sha256WithRSAEncryption ae:f7:d9:d0:c4:b3:c7:d7:f3:6c:53:0b:39:46:80:30:87:de: cf:fc:25:b8:cc:82:5d:f8:17:39:6d:45:7f:5b:02:fe:ca:e0: 3c:7e:90:77:e1:b6:8c:6b:e2:a9:c8:ef:cf:d8:ae:f8:b4:b1: 96:16:5a:db:e2:34:b0:c9:ea:98:91:d4:81:af:7e:f5:d5:9c: e5:0d:2f:03:88:77:1b:e5:9a:ab:18:e4:aa:3d:2b:23:0b:b0: d8:f3:e3:b3:7e:5a:cc:ec:6a:8d:2d:f5:cb:48:33:2d:b1:6c: d0:c7:75:19:cc:ac:3e:47:db:62:db:b6:17:3a:d1:00:82:e9: 3e:46:ed:1e:b8:33:4c:8d:25:b8:49:ef:68:3f:0c:65:3c:73: a5:96:6e:9c:7c:65:6c:3b:64:a1:6e:9d:7f:26:ad:29:9a:8e: aa:b8:e0:27:11:dc:98:7f:0f:ea:85:d1:2b:a7:21:03:94:67: d5:38:2b:63:ec:51:a7:39:b5:90:79:b1:ec:91:d9:89:aa:28: 3e:4f:ad:01:3b:b3:ad:4b:b3:82:49:c2:4a:73:55:08:7d:52: 67:81:99:26:cd:39:3f:7f:04:fb:1c:b1:13:59:d9:67:d4:5f: 4b:40:f0:1c:4f:e4:b8:d5:82:6e:3f:00:d1:b6:c5:eb:a5:5c: 80:cd:cc:24 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIURqRWgDWpZyCzr0wctGp+nINs3sgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU1YjlmODlhZTYxYjc0NDkxNDYwMWZlMjM4M2Q0ZDQ4MDFjOWFhY2Y5ODA5 MDg0OGU5YjdmZjgzN2QxNGY0NjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKV+q/TfwPB4TzPpo0a0HURw3SmmPnFr7Qmmu1nm6nMmTfqzwvY4+tJflRcL eWK4pKi58OQ076RUsxJ0cIhqgSwuV7KYel7OnytmYRSuHLdfEleAnkunDK6FpGk9 XhpSgWLIV1N3l3nolHksDZd2jNIRKp6jBCRNQ/uafmzWSsej77D8/ZhKukBkbBbk lJ/QgWzIt148fMu5NHAhTAva8sZnnBL7zDWcHFNd1kzrGVeWY9C4A+D5xczLAJQF 5hwj0SnfVn4tWZFtnPL3TsUJ+JNRPBQ7yrAMOudJo1NFDAq1mXlDzJvuhrT9AG3T R4JdemJb0pS9WJOMbKYhAE7Q7ZkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQbkT/n bhO5I5IVVPCzc0uECZavoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G CSqGSIb3DQEBCwUAA4IBAQCu99nQxLPH1/NsUws5RoAwh97P/CW4zIJd+Bc5bUV/ WwL+yuA8fpB34baMa+KpyO/P2K74tLGWFlrb4jSwyeqYkdSBr3711ZzlDS8DiHcb 5ZqrGOSqPSsjC7DY8+OzflrM7GqNLfXLSDMtsWzQx3UZzKw+R9ti27YXOtEAguk+ Ru0euDNMjSW4Se9oPwxlPHOllm6cfGVsO2Shbp1/Jq0pmo6quOAnEdyYfw/qhdEr pyEDlGfVOCtj7FGnObWQebHskdmJqig+T60BO7OtS7OCScJKc1UIfVJngZkmzTk/ fwT7HLETWdln1F9LQPAcT+S41YJuPwDRtsXrpVyAzcwk -----END CERTIFICATE-----Generated at Wed Dec 17 00:25:56 2025 by rpki-client