This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa File: 94c2a36e-245b-439a-bf61-04132c5df5a4.roa (raw, json) Hash identifier: aVUPJa3uuxl6wLNl9jZxeYwZnR8VunbXLyu+Hqs+ZHU= Subject key identifier: 31:9C:C4:4E:4E:A4:AF:41:C5:43:E3:B5:0A:A7:BC:E6:9A:0D:FE:6F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 34D9A4FA7590FB48B1C8EC4FB4C696B41E37DD82 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa Signing time: Wed 10 Dec 2025 06:30:09 +0000 ROA not before: Wed 10 Dec 2025 06:30:09 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.35.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:d9:a4:fa:75:90:fb:48:b1:c8:ec:4f:b4:c6:96:b4:1e:37:dd:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:09 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=aa7b3287bf9071ef50dcd072a361b3ed27f7d440fd64a2b48b3c8e3bd38019a8, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:87:6f:92:71:f0:0c:b2:96:c5:29:f0:c2:29: 0e:d8:71:f6:7f:79:d2:19:aa:92:07:41:86:6e:91: 15:9e:9d:15:67:e8:c5:8c:45:ea:36:d8:2b:41:d6: 59:e7:f9:d4:f2:d5:40:2b:d8:ca:c0:9c:c6:16:0f: 4c:78:09:4a:23:7f:25:97:24:61:13:6f:85:4f:e0: 29:4f:ca:db:5a:98:77:fb:54:c9:ca:ef:17:cd:83: 79:ee:c7:20:db:c8:87:6f:70:4d:e1:53:db:cf:af: 8d:fe:67:22:c3:d7:4b:30:9a:ef:83:51:64:6b:b8: 00:92:82:1f:8b:c7:45:12:c5:f7:4d:a1:df:b6:31: e3:2b:dd:b1:e5:b1:e1:d5:a1:ad:e6:e7:9d:39:f3: e2:bf:0e:62:af:24:06:69:38:b4:14:6b:a9:23:3c: c9:5a:1c:0a:ab:05:a1:98:38:d0:54:4c:e2:4e:4f: cd:93:05:21:73:11:0d:bc:f8:cc:4e:5a:63:67:f6: b9:d0:08:15:a6:80:4b:61:4f:0a:65:e4:70:64:54: 5b:17:ea:83:0b:db:1a:e6:98:4b:04:84:ea:ab:54: 63:b3:29:45:87:65:6b:27:9e:aa:8e:c3:18:83:8c: 74:fa:8c:a9:53:bd:c9:ec:c6:8b:b6:de:fb:f9:f0: 94:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:9C:C4:4E:4E:A4:AF:41:C5:43:E3:B5:0A:A7:BC:E6:9A:0D:FE:6F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.35.0.0/16 Signature Algorithm: sha256WithRSAEncryption b6:65:86:3e:9d:b1:1f:ca:b1:fc:b8:4a:a8:fc:66:67:82:c4: a2:0f:d9:94:f8:51:0a:62:55:91:95:4a:34:f0:fd:d2:46:b3: 9d:c3:f8:59:76:08:92:42:5b:c6:e9:a7:93:b5:71:44:40:d9: 1c:3f:a7:ce:c6:27:11:3b:a3:93:fc:49:33:2a:8f:d9:94:30: e9:0c:55:a3:5a:6b:9c:5e:2c:d4:14:79:f6:a1:07:d0:11:6e: e4:25:be:05:43:e1:dd:92:15:36:3f:96:6d:f2:3a:54:f0:78: 7a:52:b5:0a:13:a1:e1:49:20:6d:57:44:12:11:07:23:c4:05: d2:8e:ae:75:b2:b7:46:19:82:bf:83:5a:36:7e:cf:08:7f:f5: db:13:28:35:40:29:e2:c7:41:9b:b4:c2:a7:70:e5:e7:85:2c: 47:9b:04:25:f2:f5:f0:96:2a:8f:93:13:9c:e4:42:ad:f7:91: 92:8a:68:ab:bc:7c:d5:22:d4:27:c7:4c:3b:ef:c8:30:f0:df: 2b:53:c1:39:47:37:d0:82:c5:49:6c:1e:41:13:6e:f3:28:00: f7:9f:9e:45:1a:41:d9:54:8a:b7:62:cb:df:7f:c1:1c:a5:2f: a3:5b:0e:35:38:21:19:d2:ee:b7:df:90:ab:bd:cd:f1:1a:db: 9d:2d:c5:a1 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUNNmk+nWQ+0ixyOxPtMaWtB433YIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGFhN2IzMjg3YmY5MDcxZWY1MGRjZDA3MmEzNjFiM2VkMjdmN2Q0NDBmZDY0 YTJiNDhiM2M4ZTNiZDM4MDE5YTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMyHb5Jx8AyylsUp8MIpDthx9n950hmqkgdBhm6RFZ6dFWfoxYxF6jbYK0HW Wef51PLVQCvYysCcxhYPTHgJSiN/JZckYRNvhU/gKU/K21qYd/tUycrvF82Dee7H INvIh29wTeFT28+vjf5nIsPXSzCa74NRZGu4AJKCH4vHRRLF902h37Yx4yvdseWx 4dWhrebnnTnz4r8OYq8kBmk4tBRrqSM8yVocCqsFoZg40FRM4k5PzZMFIXMRDbz4 zE5aY2f2udAIFaaAS2FPCmXkcGRUWxfqgwvbGuaYSwSE6qtUY7MpRYdlayeeqo7D GIOMdPqMqVO9yezGi7be+/nwlL0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQxnMRO TqSvQcVD47UKp7zmmg3+bzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTRjMmEzNmUtMjQ1Yi00MzlhLWJmNjEtMDQxMzJjNWRmNWE0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G CSqGSIb3DQEBCwUAA4IBAQC2ZYY+nbEfyrH8uEqo/GZngsSiD9mU+FEKYlWRlUo0 8P3SRrOdw/hZdgiSQlvG6aeTtXFEQNkcP6fOxicRO6OT/EkzKo/ZlDDpDFWjWmuc XizUFHn2oQfQEW7kJb4FQ+HdkhU2P5Zt8jpU8Hh6UrUKE6HhSSBtV0QSEQcjxAXS jq51srdGGYK/g1o2fs8If/XbEyg1QCnix0GbtMKncOXnhSxHmwQl8vXwliqPkxOc 5EKt95GSimirvHzVItQnx0w778gw8N8rU8E5RzfQgsVJbB5BE27zKAD3n55FGkHZ VIq3Ysvff8EcpS+jWw41OCEZ0u6335Crvc3xGtudLcWh -----END CERTIFICATE-----Generated at Fri Dec 19 20:09:23 2025 by rpki-client