This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json) Hash identifier: YdxRK/pBWbrKFc2H0/OYSbO3y2kqDSZcCdSy/piALs0= Subject key identifier: 1B:D0:3C:64:D7:50:26:99:31:83:D0:C5:36:56:E8:84:6E:D0:3C:95 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4C8E8FDCF5A781687FF3AB396FCBC5C020F2F124 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa Signing time: Wed 10 Dec 2025 06:50:47 +0000 ROA not before: Wed 10 Dec 2025 06:50:47 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.202.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:8e:8f:dc:f5:a7:81:68:7f:f3:ab:39:6f:cb:c5:c0:20:f2:f1:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:47 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e48ad8a78ed175fb8c5946d97d927d083888e2594a4ccd79cf2af0654caed219, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:05:e2:f1:79:28:97:7f:44:5d:e2:eb:74:cc: 9f:61:0a:84:12:57:ba:65:fd:2d:af:84:d8:aa:00: 66:3b:83:c9:d0:95:f3:d6:91:af:14:08:77:44:d8: 8b:34:45:17:ab:2b:03:22:f9:ce:b3:df:f2:14:1a: 87:92:aa:97:12:99:02:1e:fd:65:65:c4:f5:2d:71: 6e:11:dc:87:50:3f:fc:3b:11:b1:1b:4d:29:a5:77: c6:3a:1c:ca:a3:26:50:48:0c:7e:28:1b:32:a3:92: b8:d8:39:a6:10:3e:d6:96:d4:b0:ec:d5:ef:57:e6: 3e:89:50:83:07:13:2d:76:65:13:a4:2d:5d:43:34: f6:5d:d5:91:35:a6:3a:4d:80:cc:6a:35:d8:12:64: bf:cd:e8:d4:69:70:ba:f8:ce:12:e9:33:f6:03:f9: f8:3f:05:e7:e5:29:49:8c:ed:da:8f:83:00:39:5f: 90:97:4d:f9:7b:86:d8:b8:7c:57:cb:a6:40:55:07: 41:30:20:7d:36:ad:74:e1:30:54:41:4e:50:b0:a1: 7e:a1:1d:38:a1:2a:e9:01:6b:66:60:12:a3:5f:94: 65:7b:74:b6:c1:8a:52:c8:64:82:2c:98:b3:76:a7: 62:28:c5:cb:24:38:05:55:03:dd:8e:b3:36:5a:ec: 1a:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:D0:3C:64:D7:50:26:99:31:83:D0:C5:36:56:E8:84:6E:D0:3C:95 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.202.0.0/15 Signature Algorithm: sha256WithRSAEncryption 78:00:30:52:ce:eb:ae:ea:45:99:b0:0e:a2:dd:90:69:7a:4a: 07:8d:7e:e2:11:d1:9c:14:ff:c7:f7:4b:86:7b:33:e6:f9:29: 52:6b:f9:72:ba:01:ef:aa:8a:eb:69:8c:98:8b:72:7a:a6:1e: f6:8f:b7:ef:56:df:a1:92:a4:34:0b:d8:5d:40:4e:75:4c:52: 01:bb:69:23:7a:8a:89:2d:55:05:93:c0:86:1f:1b:de:ab:81: 23:10:e8:71:d1:5d:fc:ed:1c:89:29:7f:d6:cf:5e:9a:a0:72: e2:20:25:c7:b5:e3:ae:b7:6f:77:65:71:8f:5d:1f:a1:51:47: 58:a9:c1:e5:9f:37:2d:98:46:2a:07:58:3b:60:f1:0d:b8:90: cb:f1:49:e4:a8:a9:02:b6:8c:f4:7f:6a:24:63:31:a2:4d:92: 06:7a:9c:02:ce:79:79:47:e9:2d:f0:6e:a6:43:56:05:dc:d0: 68:b4:63:e1:d0:66:65:9f:b3:aa:45:aa:58:77:59:60:da:0d: 72:e8:f1:7c:43:bd:d0:df:3a:81:32:9c:7a:a6:3d:c0:e8:91: 34:25:e8:f5:6d:34:6c:37:53:da:ec:fd:7c:5a:8c:ca:49:9b: 05:40:36:a2:e8:0c:1a:ec:a3:6f:aa:96:62:af:fb:66:df:ee: 55:54:10:d3 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUTI6P3PWngWh/86s5b8vFwCDy8SQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU0OGFkOGE3OGVkMTc1ZmI4YzU5NDZkOTdkOTI3ZDA4Mzg4OGUyNTk0YTRj Y2Q3OWNmMmFmMDY1NGNhZWQyMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALoF4vF5KJd/RF3i63TMn2EKhBJXumX9La+E2KoAZjuDydCV89aRrxQId0TY izRFF6srAyL5zrPf8hQah5KqlxKZAh79ZWXE9S1xbhHch1A//DsRsRtNKaV3xjoc yqMmUEgMfigbMqOSuNg5phA+1pbUsOzV71fmPolQgwcTLXZlE6QtXUM09l3VkTWm Ok2AzGo12BJkv83o1GlwuvjOEukz9gP5+D8F5+UpSYzt2o+DADlfkJdN+XuG2Lh8 V8umQFUHQTAgfTatdOEwVEFOULChfqEdOKEq6QFrZmASo1+UZXt0tsGKUshkgiyY s3anYijFyyQ4BVUD3Y6zNlrsGtMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQb0Dxk 11AmmTGD0MU2VuiEbtA8lTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G CSqGSIb3DQEBCwUAA4IBAQB4ADBSzuuu6kWZsA6i3ZBpekoHjX7iEdGcFP/H90uG ezPm+SlSa/lyugHvqorraYyYi3J6ph72j7fvVt+hkqQ0C9hdQE51TFIBu2kjeoqJ LVUFk8CGHxveq4EjEOhx0V387RyJKX/Wz16aoHLiICXHteOut293ZXGPXR+hUUdY qcHlnzctmEYqB1g7YPENuJDL8UnkqKkCtoz0f2okYzGiTZIGepwCznl5R+kt8G6m Q1YF3NBotGPh0GZln7OqRapYd1lg2g1y6PF8Q73Q3zqBMpx6pj3A6JE0Jej1bTRs N1Pa7P18WozKSZsFQDai6Awa7KNvqpZir/tm3+5VVBDT -----END CERTIFICATE-----Generated at Fri Dec 19 20:13:00 2025 by rpki-client