This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa File: a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa (raw, json) Hash identifier: 4duzJxzGRl2To78LImTGzQvUp02JG6sPILOJtSdMVbY= Subject key identifier: E3:6D:A4:3B:C6:CD:DF:66:48:DB:50:6E:90:3C:1D:92:FF:95:71:BA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7E9F821C6D73DED8E522FDBD51FF5FDEC0D070CB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa Signing time: Thu 11 Dec 2025 01:00:24 +0000 ROA not before: Thu 11 Dec 2025 01:00:24 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.112.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:9f:82:1c:6d:73:de:d8:e5:22:fd:bd:51:ff:5f:de:c0:d0:70:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:24 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=26847b5c559ee04807bffdb011dd8af063084efad6bf39bedab3cfc01757c067, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b6:d8:71:b2:57:0f:84:67:b1:43:5e:20:4c: b1:22:1f:ae:52:ee:ad:5f:7c:6a:bf:70:ac:d9:31: 57:77:cf:e6:6a:c9:98:5a:2b:6c:ef:b4:64:2e:61: fd:66:0f:65:3d:a2:f9:7f:81:10:0d:79:5e:29:ea: 9f:f9:06:da:ca:57:e2:3a:0c:90:cb:33:44:ee:4a: 47:4b:38:00:25:87:90:0a:66:68:af:56:1d:5c:7c: a7:32:c5:0a:11:bd:57:7e:6a:04:76:c3:65:05:db: 92:9c:c0:b1:1c:57:63:23:01:1f:00:c4:e6:68:0c: 00:d3:cf:ff:17:2d:2f:86:12:f6:63:fc:1d:17:6d: d8:04:c9:8b:20:1d:f3:41:ce:ed:b4:6c:fd:a7:5f: ef:25:dd:53:e6:5f:be:35:81:3c:b1:22:6c:28:97: 97:59:d3:7b:53:dd:96:12:f7:ef:e6:88:ac:74:a9: 0a:91:3a:15:98:6b:0c:4e:d0:b7:6d:4b:db:2f:cb: a8:b5:44:e7:8b:d6:da:e1:b7:ed:f8:54:5d:0a:d5: dd:6f:41:4c:f3:75:3c:40:9c:52:9b:6f:2d:1b:a6: c0:c5:e1:20:38:06:43:26:2d:0f:9b:38:62:85:79: 04:e8:2b:86:5f:02:62:19:f5:e5:87:28:ce:8b:f5: 53:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:6D:A4:3B:C6:CD:DF:66:48:DB:50:6E:90:3C:1D:92:FF:95:71:BA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.112.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7d:42:1a:74:ae:99:cf:86:30:3d:d7:db:ca:44:45:54:42:d6: e2:e9:dd:43:a0:08:e7:55:3e:30:aa:50:9f:86:0d:8a:c0:4c: b6:46:bb:7e:7a:48:3f:30:71:3b:3c:b5:d3:a0:6f:00:43:9b: 0e:d8:23:c7:bd:e1:78:c3:41:46:e7:d9:7a:09:99:cc:a5:73: 2e:c7:06:3b:db:b8:28:be:5a:5b:a5:bc:da:0d:da:fb:3c:f8: c0:b2:e6:a6:1c:64:24:ca:f3:c3:67:96:77:3d:e0:c9:92:d3: 12:b5:58:19:15:38:72:cb:b6:1e:71:4f:39:70:1d:64:68:c0: b0:98:48:f5:18:28:c4:e7:21:3a:0d:c4:f7:f2:3b:90:d5:df: 85:d2:39:0c:68:e4:10:ea:5d:48:7a:06:f4:74:1f:9e:47:b3: 3a:a2:06:48:17:87:31:63:b2:a2:aa:9f:59:94:3f:c1:97:48: 55:bf:39:81:39:06:ff:06:ab:17:2c:73:26:fd:88:3a:37:93: 0f:fa:7e:16:09:ce:3f:a5:36:9d:03:1f:0b:90:64:77:8a:8e: 7b:79:cd:48:ad:6e:92:00:c5:eb:65:48:ea:a8:06:be:f8:b2: c4:22:2e:cc:1f:12:01:fb:57:7f:45:63:cd:3d:75:79:8d:13: 6e:37:39:86 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUfp+CHG1z3tjlIv29Uf9f3sDQcMswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjRaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDI2ODQ3YjVjNTU5ZWUwNDgwN2JmZmRiMDExZGQ4YWYwNjMwODRlZmFkNmJm MzliZWRhYjNjZmMwMTc1N2MwNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO22HGyVw+EZ7FDXiBMsSIfrlLurV98ar9wrNkxV3fP5mrJmForbO+0ZC5h /WYPZT2i+X+BEA15Xinqn/kG2spX4joMkMszRO5KR0s4ACWHkApmaK9WHVx8pzLF ChG9V35qBHbDZQXbkpzAsRxXYyMBHwDE5mgMANPP/xctL4YS9mP8HRdt2ATJiyAd 80HO7bRs/adf7yXdU+ZfvjWBPLEibCiXl1nTe1PdlhL37+aIrHSpCpE6FZhrDE7Q t21L2y/LqLVE54vW2uG37fhUXQrV3W9BTPN1PECcUptvLRumwMXhIDgGQyYtD5s4 YoV5BOgrhl8CYhn15Ycozov1U70CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTjbaQ7 xs3fZkjbUG6QPB2S/5VxujAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YTFiMjdlODctODAxZi00YzllLTk4YTItZjgxYjU0ZThiOGQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G CSqGSIb3DQEBCwUAA4IBAQB9Qhp0rpnPhjA919vKREVUQtbi6d1DoAjnVT4wqlCf hg2KwEy2Rrt+ekg/MHE7PLXToG8AQ5sO2CPHveF4w0FG59l6CZnMpXMuxwY727go vlpbpbzaDdr7PPjAsuamHGQkyvPDZ5Z3PeDJktMStVgZFThyy7YecU85cB1kaMCw mEj1GCjE5yE6DcT38juQ1d+F0jkMaOQQ6l1Iegb0dB+eR7M6ogZIF4cxY7Kiqp9Z lD/Bl0hVvzmBOQb/BqsXLHMm/Yg6N5MP+n4WCc4/pTadAx8LkGR3io57ec1IrW6S AMXrZUjqqAa++LLEIi7MHxIB+1d/RWPNPXV5jRNuNzmG -----END CERTIFICATE-----Generated at Tue Dec 16 22:31:32 2025 by rpki-client