This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json) Hash identifier: c6lAO9SjIIGJpPzE3XGIZLFGUWh4uGrG98G5Sm+Wi0g= Subject key identifier: 18:5A:2F:6E:D0:EF:39:71:98:07:F9:B3:E2:4B:8A:11:31:98:F6:B7 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3F231B71FB99C49C92211C7D97118215861FD720 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa Signing time: Wed 10 Dec 2025 06:50:50 +0000 ROA not before: Wed 10 Dec 2025 06:50:50 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.200.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:23:1b:71:fb:99:c4:9c:92:21:1c:7d:97:11:82:15:86:1f:d7:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:50 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=6c56bc7fd3057c837097f60ce9d9fe1c19c789bfcf9f0b0887697e528012dac0, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:65:c7:e9:8a:9a:dd:66:80:2d:8b:d4:36:27: c0:f8:ca:32:e9:38:9c:95:b7:9d:b2:16:e3:51:c6: 66:8e:c7:60:e7:ae:84:bd:5c:5a:64:ba:72:87:0c: b9:c1:27:e1:e6:46:9f:b1:2a:be:1c:7a:cd:a8:35: 21:90:bb:e3:1b:e0:0e:85:d5:27:0c:23:92:40:74: 83:05:15:87:90:04:a9:74:58:3b:8e:1b:fb:09:d9: 78:e6:af:07:73:46:1a:25:27:8d:08:4e:81:70:a5: a1:ea:d7:a1:55:da:a0:1b:91:65:76:ac:87:3f:c3: ca:16:14:21:40:ea:59:4e:05:23:65:3e:76:f0:d6: 15:c4:8c:97:bb:af:a5:4f:1f:71:89:54:c7:02:56: c7:8a:3f:db:e4:f1:1e:51:c4:42:bd:97:1c:cd:ac: 43:7e:d1:b1:9f:ec:84:0c:10:56:ee:12:69:21:f9: 0d:54:5e:2d:97:d3:bb:32:53:cc:c8:20:d6:50:35: 73:f8:9e:fc:41:bb:cb:2e:13:57:f6:df:87:d3:be: 35:d2:ff:6c:f2:61:aa:44:f0:56:99:fa:51:d5:68: 72:45:e2:a8:15:20:f9:9b:02:43:ca:5d:56:3b:10: c6:bf:11:19:97:f0:b4:37:74:c6:1f:3b:7d:ec:5e: d5:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:5A:2F:6E:D0:EF:39:71:98:07:F9:B3:E2:4B:8A:11:31:98:F6:B7 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.200.0.0/15 Signature Algorithm: sha256WithRSAEncryption 96:27:0a:04:4b:61:9a:75:9a:d7:35:4a:13:18:b2:e6:5d:9e: cd:e8:d2:4e:2e:5c:84:11:3f:fe:b2:29:f5:48:19:eb:68:9b: be:0c:8a:30:23:44:23:b9:cf:36:d6:cb:f4:aa:fb:2e:46:92: 13:b5:73:e7:b9:76:cf:a5:1f:60:e6:cc:de:02:6d:13:51:b8: 89:01:e3:ef:bc:d9:e6:6c:bc:f0:ec:eb:c3:61:b6:76:96:6a: 85:40:f8:d9:47:65:03:30:13:4a:b6:76:38:6f:92:dc:2a:c3: 16:e4:9a:39:6c:7a:9d:46:55:ce:c3:0d:a2:c0:9e:1d:dc:e1: a8:27:2f:97:c2:3c:e5:c0:06:2f:c8:2e:b4:82:e0:d9:1f:96: f2:a2:44:2f:7d:47:4e:d4:ae:2d:97:16:92:ae:00:a5:86:14: d9:13:fd:57:eb:1c:28:6b:b2:fe:c9:7e:18:b6:40:2f:f5:60: ca:1c:f4:22:b0:d4:64:37:59:af:27:b6:44:4d:ce:ba:c5:23: 62:a2:25:28:52:86:61:c6:3b:c1:2b:38:29:e3:ac:59:ae:29: 5f:a1:ea:c0:8d:38:5e:c4:c0:db:b4:3d:48:1c:1b:65:29:6a: 87:3a:70:d7:0b:f2:05:e4:c5:1d:7d:de:73:ab:c1:d1:4e:14: 70:34:f2:90 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUPyMbcfuZxJySIRx9lxGCFYYf1yAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDZjNTZiYzdmZDMwNTdjODM3MDk3ZjYwY2U5ZDlmZTFjMTljNzg5YmZjZjlm MGIwODg3Njk3ZTUyODAxMmRhYzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALplx+mKmt1mgC2L1DYnwPjKMuk4nJW3nbIW41HGZo7HYOeuhL1cWmS6cocM ucEn4eZGn7Eqvhx6zag1IZC74xvgDoXVJwwjkkB0gwUVh5AEqXRYO44b+wnZeOav B3NGGiUnjQhOgXCloerXoVXaoBuRZXashz/DyhYUIUDqWU4FI2U+dvDWFcSMl7uv pU8fcYlUxwJWx4o/2+TxHlHEQr2XHM2sQ37RsZ/shAwQVu4SaSH5DVReLZfTuzJT zMgg1lA1c/ie/EG7yy4TV/bfh9O+NdL/bPJhqkTwVpn6UdVockXiqBUg+ZsCQ8pd VjsQxr8RGZfwtDd0xh87fexe1c0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYWi9u 0O85cZgH+bPiS4oRMZj2tzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G CSqGSIb3DQEBCwUAA4IBAQCWJwoES2GadZrXNUoTGLLmXZ7N6NJOLlyEET/+sin1 SBnraJu+DIowI0Qjuc821sv0qvsuRpITtXPnuXbPpR9g5szeAm0TUbiJAePvvNnm bLzw7OvDYbZ2lmqFQPjZR2UDMBNKtnY4b5LcKsMW5Jo5bHqdRlXOww2iwJ4d3OGo Jy+XwjzlwAYvyC60guDZH5byokQvfUdO1K4tlxaSrgClhhTZE/1X6xwoa7L+yX4Y tkAv9WDKHPQisNRkN1mvJ7ZETc66xSNioiUoUoZhxjvBKzgp46xZrilfoerAjThe xMDbtD1IHBtlKWqHOnDXC/IF5MUdfd5zq8HRThRwNPKQ -----END CERTIFICATE-----Generated at Thu Dec 18 06:52:23 2025 by rpki-client