This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/409e157b-4120-4d9a-987d-302a50987746.roa File: 409e157b-4120-4d9a-987d-302a50987746.roa (raw, json) Hash identifier: v7DV9o2u2l4MiPlZjttYSJ60fvAycAchTsbgoWD8Zm4= Subject key identifier: FF:D7:11:FB:D8:9C:F1:3A:BD:03:60:19:99:B8:7C:61:B4:65:17:FB Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0 Certificate serial: 15D6710C2463BEB0CF0EFA220C102AA71744893D Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/409e157b-4120-4d9a-987d-302a50987746.roa Signing time: Mon 08 Dec 2025 02:00:23 +0000 ROA not before: Mon 08 Dec 2025 02:00:23 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:d6:71:0c:24:63:be:b0:cf:0e:fa:22:0c:10:2a:a7:17:44:89:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0 Validity Not Before: Dec 8 02:00:23 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=77f0ffe0efe66d4bdb1e616f11be7cce11a37dc519f57a4cb7c920f649ee3c7d, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7a:75:eb:fa:05:f6:49:9e:d5:01:73:53:3a: c6:96:80:ec:fd:f3:9b:d4:24:18:5a:98:d9:43:d2: 52:b2:42:50:38:65:88:6d:9d:bb:da:f9:a4:e0:b4: 73:4e:cd:d7:96:4f:a0:26:54:d9:fd:fc:b5:6f:13: ae:63:8f:c0:16:96:be:05:c0:f4:8e:f2:d6:37:eb: c6:65:e1:42:cd:ad:ba:be:6c:3c:22:13:37:a5:7e: 36:a4:e0:98:1f:b8:f4:e9:2a:81:29:9f:d6:a4:be: 6b:5b:8f:f6:43:70:a3:65:c9:e3:d0:4a:a6:34:44: 55:32:fb:58:0c:db:90:26:b2:5c:ea:c0:62:5d:c5: c4:c8:a1:f6:07:c3:56:fd:79:b9:d1:f5:d0:ad:5a: 3a:26:92:57:05:dc:af:80:3a:67:ee:af:47:b3:ff: 74:dc:4d:d4:d0:90:8c:f1:c1:80:c1:a8:fb:ab:2b: 15:b7:0c:a5:48:79:d0:89:0c:f0:fe:f5:05:5d:b8: 26:ea:32:c9:b1:e1:28:71:49:22:66:a2:07:de:6d: 75:9b:2a:cc:34:5e:d2:81:a8:80:15:c8:94:d3:52: bd:ad:a3:79:8c:56:cc:8d:eb:95:eb:a4:7a:1a:46: 4f:ee:2d:5b:a9:b4:c7:44:4c:11:07:a8:90:2a:a0: d5:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:D7:11:FB:D8:9C:F1:3A:BD:03:60:19:99:B8:7C:61:B4:65:17:FB X509v3 Authority Key Identifier: keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/409e157b-4120-4d9a-987d-302a50987746.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.128.0/17 Signature Algorithm: sha256WithRSAEncryption 3a:c3:78:c7:c2:98:8d:0a:96:67:e2:a9:3f:b8:35:05:f1:14: 39:dd:30:c0:c5:74:04:3e:96:c3:93:6b:2e:bd:5d:ce:7a:52: e5:37:e0:d9:02:74:d2:d1:9e:4b:4d:50:f3:fb:51:bc:35:48: b8:7f:7d:88:e8:a9:39:a0:33:b8:e0:0a:6e:14:e6:31:da:ca: d2:91:4f:c7:f5:45:76:d4:c1:e3:c5:af:19:01:e8:63:cf:ec: 1b:13:5f:fe:3e:fc:9c:7b:87:36:f3:58:32:27:55:69:dd:c6: c8:dc:70:ee:94:55:b7:b3:8b:95:bf:66:27:de:14:f5:12:0c: 48:64:eb:8c:50:05:21:29:c6:f7:94:fa:73:f9:c1:a8:d1:15: 04:79:9e:09:3d:d1:4e:b5:27:58:95:ff:8d:f0:df:41:50:4e: 99:de:40:fd:ef:a1:cc:c4:73:5f:d3:fb:2f:bd:f3:41:a2:1c: e1:7f:32:95:e4:51:55:5c:47:57:ec:f5:da:63:6c:5f:6b:cf: d6:1d:16:56:46:0e:8a:63:b5:83:8a:dd:92:52:46:e5:b1:8f: 6f:51:21:25:29:c7:e5:23:5a:b6:10:de:8b:a4:4b:c9:4d:8d: b7:80:2b:df:3c:26:11:56:48:cb:eb:09:f4:b6:02:f0:57:af: 5a:3f:6d:6c -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUFdZxDCRjvrDPDvoiDBAqpxdEiT0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl Nzk2NTVkMDAeFw0yNTEyMDgwMjAwMjNaFw0yNjAzMDgyMzU5NTlaMHoxSTBHBgNV BAUTQDc3ZjBmZmUwZWZlNjZkNGJkYjFlNjE2ZjExYmU3Y2NlMTFhMzdkYzUxOWY1 N2E0Y2I3YzkyMGY2NDllZTNjN2QxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3 Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANd6dev6BfZJntUBc1M6xpaA7P3zm9QkGFqY2UPSUrJCUDhliG2du9r5pOC0 c07N15ZPoCZU2f38tW8TrmOPwBaWvgXA9I7y1jfrxmXhQs2tur5sPCITN6V+NqTg mB+49OkqgSmf1qS+a1uP9kNwo2XJ49BKpjREVTL7WAzbkCayXOrAYl3FxMih9gfD Vv15udH10K1aOiaSVwXcr4A6Z+6vR7P/dNxN1NCQjPHBgMGo+6srFbcMpUh50IkM 8P71BV24JuoyybHhKHFJImaiB95tdZsqzDRe0oGogBXIlNNSva2jeYxWzI3rleuk ehpGT+4tW6m0x0RMEQeokCqg1W0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/1xH7 2JzxOr0DYBmZuHxhtGUX+zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV 0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv NDA5ZTE1N2ItNDEyMC00ZDlhLTk4N2QtMzAyYTUwOTg3NzQ2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1 NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzMAgDAN BgkqhkiG9w0BAQsFAAOCAQEAOsN4x8KYjQqWZ+KpP7g1BfEUOd0wwMV0BD6Ww5Nr Lr1dznpS5Tfg2QJ00tGeS01Q8/tRvDVIuH99iOipOaAzuOAKbhTmMdrK0pFPx/VF dtTB48WvGQHoY8/sGxNf/j78nHuHNvNYMidVad3GyNxw7pRVt7OLlb9mJ94U9RIM SGTrjFAFISnG95T6c/nBqNEVBHmeCT3RTrUnWJX/jfDfQVBOmd5A/e+hzMRzX9P7 L73zQaIc4X8yleRRVVxHV+z12mNsX2vP1h0WVkYOimO1g4rdklJG5bGPb1EhJSnH 5SNathDei6RLyU2Nt4Ar3zwmEVZIy+sJ9LYC8FevWj9tbA== -----END CERTIFICATE-----Generated at Fri Dec 19 23:20:45 2025 by rpki-client