This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json) Hash identifier: 6N0kYXPQx8rPx0U3yzCJnu4X/76agsECMhsNzr+I4l0= Subject key identifier: A9:2D:77:3D:BD:31:5D:82:0C:13:27:20:3A:04:64:04:AB:1D:FA:40 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6433B5F558C924ED2CA09F68685688D48AB071DE Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa Signing time: Sat 15 Nov 2025 06:40:57 +0000 ROA not before: Sat 15 Nov 2025 06:40:57 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.125.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:33:b5:f5:58:c9:24:ed:2c:a0:9f:68:68:56:88:d4:8a:b0:71:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:57 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=df95e8745ea5c53547fbda5954074232ef2a5d5e7113b24ec9d0e570bdfe7d8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f2:20:17:ba:af:2e:a4:4b:f3:9e:a5:b9:b1: 10:00:e4:ba:0d:db:58:f0:de:f5:bf:3c:d2:2b:40: 2b:ee:1f:0c:c9:f9:a3:1f:bf:39:83:27:a7:47:53: 9b:fc:e9:60:65:fa:c0:48:bb:71:8c:5c:c3:71:23: 46:f7:43:59:63:58:a8:be:e8:3b:05:45:bb:5d:4a: a2:7b:57:00:27:13:d9:bd:5e:50:77:cf:fc:32:af: d1:e7:49:4f:e0:17:c1:86:30:20:ca:b8:8e:0b:a0: 9f:a3:3c:66:ab:93:c6:6c:44:09:64:c9:cc:38:f1: 4d:c5:ae:52:cf:ca:f3:9f:dc:95:3c:69:32:20:b6: c2:11:25:cc:10:2d:54:d2:cb:b6:34:78:fe:4e:5e: cc:bb:05:cd:0a:84:30:8f:2a:3f:85:60:08:7a:58: 61:f8:42:f6:b7:04:7d:e6:7e:81:ad:d9:7c:d6:5f: 77:1c:f5:22:cf:2c:00:de:5b:c8:cd:8f:5f:a0:52: bf:16:b1:4a:9d:f6:38:d1:c7:ee:bc:fa:35:ce:a7: 65:17:c5:a0:d0:eb:1f:16:ae:66:ae:8a:97:23:d8: 9b:ae:af:81:28:ea:40:72:0b:3b:60:5c:a9:fe:c8: be:1c:1c:c4:34:2b:90:b0:3a:eb:84:e3:9d:93:77: 70:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:2D:77:3D:BD:31:5D:82:0C:13:27:20:3A:04:64:04:AB:1D:FA:40 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.125.0.0/16 Signature Algorithm: sha256WithRSAEncryption 2d:1a:5f:fe:f0:37:2b:9a:22:ea:50:4a:63:be:44:6e:38:fa: e2:cd:88:0f:6c:1d:39:9a:ae:1b:e7:4b:a8:15:06:1b:7c:63: 8d:7e:b5:4a:ae:61:4f:4f:b4:29:24:ee:e0:b4:2a:ed:66:6e: a6:ed:53:eb:7a:55:07:2c:5d:eb:51:f1:a7:c8:a9:ed:00:48: ec:ed:84:c5:ff:c3:45:95:ef:09:68:82:67:08:8f:a4:fd:92: 11:c9:67:4c:96:88:ad:37:00:2f:ef:22:34:7e:30:8f:6e:cc: 4b:4a:37:d7:fa:5b:92:67:d9:35:c8:b1:ca:f9:fd:00:f0:63: ba:fa:a6:06:77:89:61:23:1b:35:48:a3:68:72:44:67:e7:ab: 4f:34:87:fe:4c:53:33:b7:ea:52:54:77:69:a2:43:a6:b4:61: 54:44:fa:4e:56:41:b2:19:25:c6:cc:99:f4:f0:bb:67:98:90: 1c:45:d7:be:7e:22:5f:83:e8:2e:2a:1e:a9:ec:84:a8:04:e5: 98:02:95:e6:d1:29:83:ce:ff:73:02:56:2e:4f:8d:ad:ce:b6: c0:10:75:77:0e:b4:b0:1f:89:a5:0b:55:38:1f:a6:2e:58:ab: c1:bb:c9:73:3b:7f:e8:20:13:34:dd:d8:dc:42:82:84:6f:d0: b6:88:5b:58 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUZDO19VjJJO0soJ9oaFaI1Iqwcd4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwNTdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGRmOTVlODc0NWVhNWM1MzU0N2ZiZGE1OTU0MDc0MjMyZWYyYTVkNWU3MTEz YjI0ZWM5ZDBlNTcwYmRmZTdkOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7yIBe6ry6kS/OepbmxEADkug3bWPDe9b880itAK+4fDMn5ox+/OYMnp0dT m/zpYGX6wEi7cYxcw3EjRvdDWWNYqL7oOwVFu11KontXACcT2b1eUHfP/DKv0edJ T+AXwYYwIMq4jgugn6M8ZquTxmxECWTJzDjxTcWuUs/K85/clTxpMiC2whElzBAt VNLLtjR4/k5ezLsFzQqEMI8qP4VgCHpYYfhC9rcEfeZ+ga3ZfNZfdxz1Is8sAN5b yM2PX6BSvxaxSp32ONHH7rz6Nc6nZRfFoNDrHxauZq6KlyPYm66vgSjqQHILO2Bc qf7IvhwcxDQrkLA664TjnZN3cNECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSpLXc9 vTFdggwTJyA6BGQEqx36QDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G CSqGSIb3DQEBCwUAA4IBAQAtGl/+8DcrmiLqUEpjvkRuOPrizYgPbB05mq4b50uo FQYbfGONfrVKrmFPT7QpJO7gtCrtZm6m7VPrelUHLF3rUfGnyKntAEjs7YTF/8NF le8JaIJnCI+k/ZIRyWdMloitNwAv7yI0fjCPbsxLSjfX+luSZ9k1yLHK+f0A8GO6 +qYGd4lhIxs1SKNockRn56tPNIf+TFMzt+pSVHdpokOmtGFURPpOVkGyGSXGzJn0 8LtnmJAcRde+fiJfg+guKh6p7ISoBOWYApXm0SmDzv9zAlYuT42tzrbAEHV3DrSw H4mlC1U4H6YuWKvBu8lzO3/oIBM03djcQoKEb9C2iFtY -----END CERTIFICATE-----Generated at Sat Dec 6 12:50:40 2025 by rpki-client