This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json) Hash identifier: 2abQ3yPIOAHbgr8uEuxFUxU7HJKizRhLoRboiHh+Dqo= Subject key identifier: 44:83:0D:A2:16:A1:7F:E4:F7:88:81:F0:3B:91:8E:F8:9F:14:8A:0F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5CFB9F450B8C5A96FBF28881498C0076511603A9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa Signing time: Wed 10 Dec 2025 06:40:04 +0000 ROA not before: Wed 10 Dec 2025 06:40:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.117.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:fb:9f:45:0b:8c:5a:96:fb:f2:88:81:49:8c:00:76:51:16:03:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=331447b222638505a5acd30594b439706d0018a047b013cb29c671ec20d87d99, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:dd:30:5a:df:b4:29:5c:31:2e:53:b5:3d:b6: 3d:2d:77:82:72:59:c0:25:ad:92:81:4b:4a:d8:41: d5:bc:be:2e:05:a4:03:14:b4:79:45:85:46:9c:8e: 9c:c4:2f:c4:a6:88:aa:fb:dd:03:2e:45:06:82:4d: 10:15:b5:19:41:02:fc:80:95:69:81:3f:84:33:7c: cc:3e:a4:e3:57:61:24:b2:c5:2b:dd:72:96:57:d9: b7:cd:92:31:cb:df:91:b8:34:04:b9:f1:db:1a:3c: a4:a2:f7:f6:2a:b7:05:83:9e:7f:ff:59:39:f7:f8: 34:f8:27:1c:90:fb:17:b4:f3:30:3d:93:f6:85:50: 56:d6:a3:2b:b7:41:fa:4c:35:e8:c1:f7:2f:5f:2d: f7:50:71:18:b5:ad:3c:17:a5:ef:21:57:c6:22:02: 89:b3:55:86:02:11:dc:2e:15:ea:c2:05:ac:df:cb: fc:20:85:03:8b:ec:08:9b:66:db:47:94:da:6d:0d: 55:95:09:20:2d:2e:fb:65:ad:15:4b:f9:6b:43:88: 8b:71:4d:0a:72:ad:cc:e5:ef:91:a8:5e:96:15:07: 71:d8:e6:4b:d7:05:1b:59:70:38:02:6c:44:d1:bc: 0b:b6:50:e4:68:52:f3:96:d5:ad:94:42:e6:7b:70: 58:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:83:0D:A2:16:A1:7F:E4:F7:88:81:F0:3B:91:8E:F8:9F:14:8A:0F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.117.0.0/16 Signature Algorithm: sha256WithRSAEncryption 44:3a:48:0d:62:8f:dd:0c:c8:80:39:7b:d1:33:2b:0d:d1:bc: 9c:fb:c8:14:ad:fc:c1:15:ef:93:47:2f:3a:3d:17:ae:32:a7: 70:a3:59:6d:98:e2:3d:c8:a9:04:3a:25:87:ff:7e:2d:71:f3: 83:13:f7:ce:69:73:72:40:4e:b8:83:03:03:30:22:9c:aa:1d: 9e:98:03:2c:9a:8c:cc:4a:3a:96:5e:c2:0c:78:63:88:2c:75: 31:ad:ca:23:37:49:08:6b:c8:7e:50:bb:4c:1e:bc:57:cd:dc: bf:fb:84:59:a6:b1:05:a8:7a:8e:14:2e:f6:ba:a7:43:3e:8f: 38:f3:e0:a5:ba:9c:ec:36:02:b7:05:96:5a:ef:88:61:ab:12: 14:dc:ea:8d:10:9f:42:54:53:df:5b:3e:7c:aa:57:2d:90:f2: d8:f4:79:f2:e4:4f:05:bd:6f:1e:b6:c8:e5:2f:0a:29:2d:85: 2b:8f:55:a0:3e:fd:c3:c7:67:de:f3:ca:27:8f:50:bd:6d:fe: 8a:2a:3f:34:08:e0:ab:db:77:f5:e2:14:c8:e5:c1:db:e9:c2: ea:8b:b8:cc:13:85:9a:b9:0f:f8:d7:47:4f:6e:30:f7:c9:80: e4:2d:95:23:f2:f8:fc:ca:0e:70:35:4f:79:84:93:4d:ad:52: df:4e:30:12 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUXPufRQuMWpb78oiBSYwAdlEWA6kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDMzMTQ0N2IyMjI2Mzg1MDVhNWFjZDMwNTk0YjQzOTcwNmQwMDE4YTA0N2Iw MTNjYjI5YzY3MWVjMjBkODdkOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKHdMFrftClcMS5TtT22PS13gnJZwCWtkoFLSthB1by+LgWkAxS0eUWFRpyO nMQvxKaIqvvdAy5FBoJNEBW1GUEC/ICVaYE/hDN8zD6k41dhJLLFK91yllfZt82S Mcvfkbg0BLnx2xo8pKL39iq3BYOef/9ZOff4NPgnHJD7F7TzMD2T9oVQVtajK7dB +kw16MH3L18t91BxGLWtPBel7yFXxiICibNVhgIR3C4V6sIFrN/L/CCFA4vsCJtm 20eU2m0NVZUJIC0u+2WtFUv5a0OIi3FNCnKtzOXvkahelhUHcdjmS9cFG1lwOAJs RNG8C7ZQ5GhS85bVrZRC5ntwWO0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBREgw2i FqF/5PeIgfA7kY74nxSKDzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G CSqGSIb3DQEBCwUAA4IBAQBEOkgNYo/dDMiAOXvRMysN0byc+8gUrfzBFe+TRy86 PReuMqdwo1ltmOI9yKkEOiWH/34tcfODE/fOaXNyQE64gwMDMCKcqh2emAMsmozM SjqWXsIMeGOILHUxrcojN0kIa8h+ULtMHrxXzdy/+4RZprEFqHqOFC72uqdDPo84 8+ClupzsNgK3BZZa74hhqxIU3OqNEJ9CVFPfWz58qlctkPLY9Hny5E8FvW8etsjl LwopLYUrj1WgPv3Dx2fe88onj1C9bf6KKj80COCr23f14hTI5cHb6cLqi7jME4Wa uQ/410dPbjD3yYDkLZUj8vj8yg5wNU95hJNNrVLfTjAS -----END CERTIFICATE-----Generated at Mon Dec 15 20:21:13 2025 by rpki-client