This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa File: 85620864-b6e3-4aeb-8798-74669cc5226c.roa (raw, json) Hash identifier: d3sZEKfeIqLwVNHn/W1RgaZe7mIIgEnDbCLoA8v8ivs= Subject key identifier: 8D:53:5C:5B:F4:D0:56:F2:73:F5:5C:29:C6:C2:8E:30:D0:A5:6F:50 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 763FCA6C6102492EBFC9324030DB305E21F102AF Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa Signing time: Wed 10 Dec 2025 06:50:47 +0000 ROA not before: Wed 10 Dec 2025 06:50:47 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.202.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:3f:ca:6c:61:02:49:2e:bf:c9:32:40:30:db:30:5e:21:f1:02:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:47 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d58485d805e20cac6e69d61e332a38cabb3c02c713c624b5ce8b439d717ce308, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:10:13:55:20:34:8d:5f:5c:e8:c1:4b:d4:d4: 4b:6b:cc:1b:e1:97:9e:94:12:92:b8:75:ba:15:4b: 19:c4:bc:ab:d7:6f:80:2b:12:50:50:b6:da:b8:4c: 28:90:9d:2f:41:6b:b3:ad:04:0f:96:ec:11:7d:fe: 36:fe:4a:e0:dd:39:f1:eb:12:03:47:fc:89:4b:c3: b2:88:f5:4f:bb:f4:fb:5e:97:ff:4f:dd:e9:a2:6b: e8:5c:fe:bf:18:d7:b1:d3:09:d8:d8:48:f7:f2:75: 00:b1:b1:46:77:5d:60:d7:f4:2d:39:4e:c8:9f:58: 98:d2:9a:cc:6f:06:28:45:36:24:0c:ed:d3:52:78: 3e:55:ce:60:f5:79:b8:34:b3:88:1f:ea:b5:18:2a: f8:6a:d9:a6:7b:7e:6d:5e:f8:4a:89:e8:8f:bc:8c: 9f:27:40:a3:23:dd:53:d9:f2:8a:35:50:13:d9:9f: 3c:9e:b5:34:05:0f:b6:69:7f:19:cb:bf:0b:e4:a1: 09:6d:8d:1b:3e:e7:58:59:43:5e:71:e1:08:0c:d1: 5e:c8:12:2a:60:95:39:d4:04:42:e3:92:65:9a:b3: 24:9e:6f:2b:e8:83:b5:0a:73:f2:09:d7:65:34:61: ab:be:35:e3:15:bc:d2:03:3c:98:74:88:93:1b:fb: fa:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:53:5C:5B:F4:D0:56:F2:73:F5:5C:29:C6:C2:8E:30:D0:A5:6F:50 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.202.0.0/15 Signature Algorithm: sha256WithRSAEncryption 2e:a3:42:a1:4b:ad:77:ca:b9:d5:9d:2a:fa:cf:6a:bb:2d:ab: db:03:3c:9c:b6:fb:24:b1:10:10:03:06:ad:ad:51:17:48:1f: 30:b2:67:78:35:9d:23:37:b5:f5:84:85:9b:94:8c:77:04:94: 01:15:4b:4c:46:c4:70:05:f5:69:85:64:c3:11:83:a1:84:d3: f5:0c:7b:d2:5a:13:c6:e4:09:bd:a0:b5:1e:20:8f:71:5d:7f: bf:8f:48:19:94:f9:ea:8c:e8:15:d7:42:25:8b:9f:95:78:8a: a8:77:bd:54:38:97:e2:8b:d2:0a:b8:44:b3:82:7a:cd:57:5d: ba:30:f4:ac:8e:a4:27:90:75:96:fe:22:f3:aa:30:8a:60:6a: 8c:a4:bf:bc:51:3f:d1:75:77:67:1c:54:e2:3c:1a:9a:1b:40: 79:33:14:4c:a6:c3:ff:1a:dd:d7:52:b3:d4:72:b2:c2:06:5e: 46:9a:bf:8d:ef:d7:3a:35:eb:aa:76:f5:f8:91:79:01:73:db: 92:da:6f:4e:83:c0:4e:52:3e:da:bb:cd:f3:8a:65:fb:10:23: 92:40:91:16:2b:dd:cf:82:92:f6:d1:40:b0:27:88:9b:2d:4d: d6:0c:76:c8:c3:41:51:43:29:7e:43:af:ef:aa:2c:af:3e:af: f1:d2:73:50 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUdj/KbGECSS6/yTJAMNswXiHxAq8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ1ODQ4NWQ4MDVlMjBjYWM2ZTY5ZDYxZTMzMmEzOGNhYmIzYzAyYzcxM2M2 MjRiNWNlOGI0MzlkNzE3Y2UzMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMcQE1UgNI1fXOjBS9TUS2vMG+GXnpQSkrh1uhVLGcS8q9dvgCsSUFC22rhM KJCdL0Frs60ED5bsEX3+Nv5K4N058esSA0f8iUvDsoj1T7v0+16X/0/d6aJr6Fz+ vxjXsdMJ2NhI9/J1ALGxRnddYNf0LTlOyJ9YmNKazG8GKEU2JAzt01J4PlXOYPV5 uDSziB/qtRgq+GrZpnt+bV74Sonoj7yMnydAoyPdU9nyijVQE9mfPJ61NAUPtml/ Gcu/C+ShCW2NGz7nWFlDXnHhCAzRXsgSKmCVOdQEQuOSZZqzJJ5vK+iDtQpz8gnX ZTRhq7414xW80gM8mHSIkxv7+v0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSNU1xb 9NBW8nP1XCnGwo4w0KVvUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODU2MjA4NjQtYjZlMy00YWViLTg3OTgtNzQ2NjljYzUyMjZjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G CSqGSIb3DQEBCwUAA4IBAQAuo0KhS613yrnVnSr6z2q7LavbAzyctvsksRAQAwat rVEXSB8wsmd4NZ0jN7X1hIWblIx3BJQBFUtMRsRwBfVphWTDEYOhhNP1DHvSWhPG 5Am9oLUeII9xXX+/j0gZlPnqjOgV10Ili5+VeIqod71UOJfii9IKuESzgnrNV126 MPSsjqQnkHWW/iLzqjCKYGqMpL+8UT/RdXdnHFTiPBqaG0B5MxRMpsP/Gt3XUrPU crLCBl5Gmr+N79c6NeuqdvX4kXkBc9uS2m9Og8BOUj7au83zimX7ECOSQJEWK93P gpL20UCwJ4ibLU3WDHbIw0FRQyl+Q6/vqiyvPq/x0nNQ -----END CERTIFICATE-----Generated at Fri Dec 19 20:16:57 2025 by rpki-client