This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json) Hash identifier: wAroQtpwaplKwLw3Dl1c6cXi9NwFWYmupsn8GJmTXy4= Subject key identifier: 9B:69:45:60:97:B0:3B:DC:31:C3:69:BB:02:3A:7E:01:5F:58:6A:4F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7BF17F73ABE850D401DF28BD32E8F121B6743869 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa Signing time: Sat 15 Nov 2025 06:40:10 +0000 ROA not before: Sat 15 Nov 2025 06:40:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.78.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:f1:7f:73:ab:e8:50:d4:01:df:28:bd:32:e8:f1:21:b6:74:38:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=c69e6ab4dbe0f4f38b9b19b7e1f2511433241fcf0a302b875128afd3193b5ecb, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:44:ba:1c:cf:5b:53:6d:f6:cd:70:9f:da:a3: db:fe:00:29:43:e8:df:0b:98:8e:7b:8d:0a:54:03: 11:f7:87:a5:95:95:a3:ce:54:4e:3d:c0:ba:b5:42: 65:e7:58:b9:48:53:ef:67:2d:3c:34:2f:bc:1a:26: 2c:e3:66:82:e2:0b:d8:a6:02:4f:44:be:13:5f:da: 82:de:c0:30:fe:0e:e8:55:c5:25:7d:92:59:4f:b8: 30:5e:29:eb:f8:40:46:f8:9b:ee:67:ee:c4:d1:ea: f2:fc:37:7f:2b:8a:9f:43:46:41:c6:a7:a0:d3:b9: c3:74:e4:a7:b4:9a:c9:1f:e9:04:bd:e9:e8:3d:40: 6d:84:fd:cc:dc:7f:0a:6a:e1:74:f1:51:fa:f9:d4: 18:2c:c8:6c:ad:ac:79:d4:ab:5f:c9:b8:54:a4:d5: ac:59:cb:94:43:68:f5:9e:02:34:12:b4:07:4a:c0: 6a:fe:b7:53:e0:18:26:89:72:ec:af:d9:a4:c8:de: 0a:53:85:b3:fa:88:93:3d:f2:3d:d4:c7:72:54:b6: 57:4b:e5:28:06:97:86:13:ff:0a:9d:37:3a:f0:ef: 6d:4f:de:13:1b:bd:4d:3d:32:80:03:0e:79:22:82: 2f:fe:cc:e4:be:d6:27:0a:7d:7f:1b:9c:03:54:54: 92:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:69:45:60:97:B0:3B:DC:31:C3:69:BB:02:3A:7E:01:5F:58:6A:4F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.78.0.0/16 Signature Algorithm: sha256WithRSAEncryption 57:15:d1:13:6d:e3:13:b2:81:cc:ce:3f:6f:08:3e:4e:59:3a: 30:12:f9:21:16:ab:45:d7:13:53:d1:d0:68:68:e4:9f:e0:1d: 2c:65:04:ef:5d:0f:ab:5f:95:db:ee:d9:56:46:32:dd:3a:2d: fa:bb:78:b7:ae:f0:03:d4:32:af:de:64:28:ba:f5:84:17:cf: bb:0b:8f:5e:bc:7d:05:0e:d3:06:03:02:7b:4b:84:f1:b9:18: 2e:c5:14:93:95:ce:9d:37:35:d2:77:8f:c2:5b:cf:9e:57:6d: 65:ef:f7:87:17:dd:25:ca:a3:8e:97:7f:bd:87:9c:c0:f5:50: f6:53:1d:86:71:53:b7:ce:fc:a1:83:30:b8:32:0b:b6:a4:a8: 42:0d:de:a9:27:f0:e9:06:de:82:30:a5:8a:22:ae:07:ba:6a: a4:37:fa:82:0a:fc:e0:3f:3b:8a:54:96:a0:ce:57:fa:c0:b4: d5:94:64:72:72:18:1d:d9:58:0d:6c:ca:15:79:e5:9c:49:b6: f8:73:d8:2f:55:f5:e4:08:bd:82:52:d1:a6:52:11:1e:5a:2a: 62:f6:30:d9:7c:79:5e:0a:67:34:65:cf:14:9f:f5:82:d1:7e: 48:e9:24:4f:81:ae:0e:0e:eb:7f:a6:24:f9:74:fe:0c:17:87: 2f:0d:32:d8 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUe/F/c6voUNQB3yi9MujxIbZ0OGkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGM2OWU2YWI0ZGJlMGY0ZjM4YjliMTliN2UxZjI1MTE0MzMyNDFmY2YwYTMw MmI4NzUxMjhhZmQzMTkzYjVlY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANtEuhzPW1Nt9s1wn9qj2/4AKUPo3wuYjnuNClQDEfeHpZWVo85UTj3AurVC ZedYuUhT72ctPDQvvBomLONmguIL2KYCT0S+E1/agt7AMP4O6FXFJX2SWU+4MF4p 6/hARvib7mfuxNHq8vw3fyuKn0NGQcanoNO5w3Tkp7SayR/pBL3p6D1AbYT9zNx/ CmrhdPFR+vnUGCzIbK2sedSrX8m4VKTVrFnLlENo9Z4CNBK0B0rAav63U+AYJoly 7K/ZpMjeClOFs/qIkz3yPdTHclS2V0vlKAaXhhP/Cp03OvDvbU/eExu9TT0ygAMO eSKCL/7M5L7WJwp9fxucA1RUkrECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbaUVg l7A73DHDabsCOn4BX1hqTzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G CSqGSIb3DQEBCwUAA4IBAQBXFdETbeMTsoHMzj9vCD5OWTowEvkhFqtF1xNT0dBo aOSf4B0sZQTvXQ+rX5Xb7tlWRjLdOi36u3i3rvAD1DKv3mQouvWEF8+7C49evH0F DtMGAwJ7S4TxuRguxRSTlc6dNzXSd4/CW8+eV21l7/eHF90lyqOOl3+9h5zA9VD2 Ux2GcVO3zvyhgzC4Mgu2pKhCDd6pJ/DpBt6CMKWKIq4HumqkN/qCCvzgPzuKVJag zlf6wLTVlGRychgd2VgNbMoVeeWcSbb4c9gvVfXkCL2CUtGmUhEeWipi9jDZfHle Cmc0Zc8Un/WC0X5I6SRPga4ODut/piT5dP4MF4cvDTLY -----END CERTIFICATE-----Generated at Sat Dec 6 12:49:05 2025 by rpki-client