This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json) Hash identifier: /JgV9+IyN8ZKg0tPh5f5ahumI1qKC53f6/BufjRfSL8= Subject key identifier: B6:19:C2:72:25:19:43:E6:27:1B:75:11:FD:B4:EF:96:30:7B:39:F3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7156FC10B4F38DF6ADD46676561B61DC640F9882 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa Signing time: Tue 25 Nov 2025 20:10:27 +0000 ROA not before: Tue 25 Nov 2025 20:10:27 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.244.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:56:fc:10:b4:f3:8d:f6:ad:d4:66:76:56:1b:61:dc:64:0f:98:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:27 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=20be42ff0afb741c6869f01139945c9aea89ac3f6e9b2dce139c186fce795074, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:90:70:ef:73:7d:06:4a:04:a3:b8:58:1d:91: 13:5c:48:9f:b4:6e:1c:eb:62:bf:fa:d0:0f:81:cf: 43:68:d8:5d:7e:60:d1:d7:f4:b3:cb:18:6f:c0:f7: a0:9c:f5:87:ea:9d:f9:f5:e8:77:93:1d:f2:3d:e7: f1:86:57:67:64:04:e5:ec:e4:d6:18:c3:4e:09:24: cd:0d:a4:3a:d5:f5:21:d3:79:aa:c1:d2:1f:0a:99: c6:03:95:87:70:e2:f8:5b:37:0c:ba:9d:b1:b4:7f: 20:d3:14:f7:dd:48:ee:11:7d:af:19:20:a0:7a:dc: b0:e5:65:6f:bf:e8:e4:f5:12:f6:88:64:a5:58:3b: fc:f5:59:1f:4c:92:c0:17:8e:a0:68:62:84:8b:55: 57:8f:aa:20:6b:75:a2:24:16:80:7a:76:81:b8:96: 0f:c2:0f:70:fd:47:55:52:5f:71:21:87:a6:6a:02: 3a:11:73:0c:10:ea:5b:23:cc:af:59:47:8a:74:f4: c9:1a:49:38:d5:91:3c:8f:c7:2b:ff:d9:93:88:9a: ac:c0:55:93:bd:63:ff:37:1f:d3:fc:54:70:d1:7a: 46:bc:83:08:ca:50:f0:70:e2:c5:7a:fd:ed:2d:f0: b9:5e:63:b9:91:0d:9f:e9:5f:0e:31:21:5c:36:3d: 53:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:19:C2:72:25:19:43:E6:27:1B:75:11:FD:B4:EF:96:30:7B:39:F3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.244.0.0/15 Signature Algorithm: sha256WithRSAEncryption 6d:3c:70:ff:f5:7c:02:f7:29:28:2f:b6:3a:97:8c:c1:37:2a: 94:27:cd:35:d0:d7:dd:19:93:08:9f:20:9e:11:cc:69:70:7d: a1:58:9a:24:0b:81:21:98:c2:1f:df:76:10:c8:fb:d1:3e:b7: c0:26:ce:4e:37:6c:05:3b:42:8b:90:e3:e0:61:5b:3a:3e:3e: 0c:2a:8d:12:91:a4:36:9b:e9:33:fe:d5:aa:39:71:a1:1c:f6: 66:70:35:d8:90:c7:94:bd:ac:3c:88:cc:fa:6c:63:b0:6b:d3: da:e7:c6:bc:13:db:98:9f:1f:6b:4d:a8:32:bc:ba:04:fe:5e: c1:9f:48:19:e5:19:04:1f:7c:ae:ba:9c:7f:35:89:1d:22:0d: a9:4e:1a:ce:4e:12:e7:b3:c2:7d:c1:81:78:b6:f8:b0:6b:b3: 1b:ab:f8:ec:d3:f4:be:20:ce:24:b8:ae:84:bd:88:47:85:be: 29:d7:5b:62:ac:fd:05:0d:d4:83:d9:61:b6:18:73:a2:3b:fb: d9:53:4d:64:3a:da:fc:7f:e4:3c:8e:30:0e:66:a6:3c:51:5e: 3e:b0:01:ff:28:93:1f:cd:f0:ac:53:6b:ca:1b:2e:20:35:25: 85:6f:cb:d0:d0:65:26:7f:5b:9e:00:f1:49:61:86:bf:dc:8e: 33:04:a1:54 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUcVb8ELTzjfat1GZ2Vhth3GQPmIIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjdaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDIwYmU0MmZmMGFmYjc0MWM2ODY5ZjAxMTM5OTQ1YzlhZWE4OWFjM2Y2ZTli MmRjZTEzOWMxODZmY2U3OTUwNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMGQcO9zfQZKBKO4WB2RE1xIn7RuHOtiv/rQD4HPQ2jYXX5g0df0s8sYb8D3 oJz1h+qd+fXod5Md8j3n8YZXZ2QE5ezk1hjDTgkkzQ2kOtX1IdN5qsHSHwqZxgOV h3Di+Fs3DLqdsbR/INMU991I7hF9rxkgoHrcsOVlb7/o5PUS9ohkpVg7/PVZH0yS wBeOoGhihItVV4+qIGt1oiQWgHp2gbiWD8IPcP1HVVJfcSGHpmoCOhFzDBDqWyPM r1lHinT0yRpJONWRPI/HK//Zk4iarMBVk71j/zcf0/xUcNF6RryDCMpQ8HDixXr9 7S3wuV5juZENn+lfDjEhXDY9U2MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2GcJy JRlD5icbdRH9tO+WMHs58zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G CSqGSIb3DQEBCwUAA4IBAQBtPHD/9XwC9ykoL7Y6l4zBNyqUJ8010NfdGZMInyCe EcxpcH2hWJokC4EhmMIf33YQyPvRPrfAJs5ON2wFO0KLkOPgYVs6Pj4MKo0SkaQ2 m+kz/tWqOXGhHPZmcDXYkMeUvaw8iMz6bGOwa9Pa58a8E9uYnx9rTagyvLoE/l7B n0gZ5RkEH3yuupx/NYkdIg2pThrOThLns8J9wYF4tviwa7Mbq/js0/S+IM4kuK6E vYhHhb4p11tirP0FDdSD2WG2GHOiO/vZU01kOtr8f+Q8jjAOZqY8UV4+sAH/KJMf zfCsU2vKGy4gNSWFb8vQ0GUmf1ueAPFJYYa/3I4zBKFU -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:38 2025 by rpki-client