This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json) Hash identifier: DF9jF0GrMrvk1Ait1FrLyK6vAwZ3Lil3A3loZqhqglE= Subject key identifier: 8B:AD:F3:63:2E:CA:A8:25:1F:02:96:12:C9:CF:8F:ED:32:04:46:A3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0C059EB308C183634A95B72AA8A600EEEA7F6F38 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa Signing time: Tue 25 Nov 2025 20:10:05 +0000 ROA not before: Tue 25 Nov 2025 20:10:05 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.108.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:05:9e:b3:08:c1:83:63:4a:95:b7:2a:a8:a6:00:ee:ea:7f:6f:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:05 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=36d453e7828788d52a8182baca162c652bf4e5d031204a8ca041b11ea391776e, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4e:a4:9f:31:15:26:bb:52:a4:5b:47:70:a3: 0c:17:dc:3b:df:be:88:76:ec:5d:f5:db:b2:e0:c5: a9:ec:c1:a3:9e:12:31:d6:93:5b:79:4e:44:71:7d: b5:66:cc:1b:3f:e9:3d:7d:84:e2:cf:3b:d1:da:26: 5b:b2:7b:05:7b:51:98:7a:32:e9:f4:f0:5a:cc:37: 10:53:8e:d8:b7:93:63:ff:bf:86:0f:7f:d2:03:6d: 83:03:5a:76:67:35:8f:4e:d6:38:56:dc:81:be:37: ce:83:9e:1f:f2:f3:16:c9:de:23:ef:94:42:b3:0c: 5b:60:b6:b7:7f:d1:5e:63:1f:a3:c6:6b:48:3c:9d: ee:88:15:2c:fc:45:67:2e:40:8c:ec:c7:ef:d1:0e: 6e:a5:ae:00:1b:d7:63:23:9d:d2:0d:87:f9:65:4a: 6e:68:87:d1:ab:e9:99:da:7d:72:29:80:64:b6:91: e1:fd:f8:1f:65:b5:f8:6d:13:07:74:06:49:92:61: 3e:59:be:62:f1:df:17:a0:f5:17:0c:2a:04:62:9e: 2a:5b:56:cc:26:83:3d:68:20:ae:31:46:b4:3d:b3: 6d:dd:18:d2:38:95:6d:5c:28:e1:59:b9:d4:1e:26: 40:7b:39:58:a5:ad:10:fe:48:12:a5:21:48:8c:10: cc:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:AD:F3:63:2E:CA:A8:25:1F:02:96:12:C9:CF:8F:ED:32:04:46:A3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.108.0.0/16 Signature Algorithm: sha256WithRSAEncryption 4a:6e:53:35:44:ff:68:22:97:b1:0a:1a:d4:f9:67:4c:11:6c: fb:9d:f3:19:67:5c:ce:bf:3d:93:7f:6d:e2:c7:b4:fe:5c:4e: 1b:88:d7:03:7a:4f:5b:42:0e:06:5b:4e:b8:84:69:dd:9a:db: a5:0b:60:09:ad:d3:e4:64:4a:47:50:49:9e:5d:2b:e5:4e:ce: 60:0f:67:e5:c2:09:1e:92:4b:9d:a4:86:03:77:c8:dd:01:ac: 96:fa:54:d2:20:40:60:50:28:9b:65:c3:78:e5:71:73:c3:27: 79:cd:64:91:d9:c6:fd:bd:66:f0:7d:7c:b5:b8:fe:11:eb:e2: 39:bc:06:e9:c1:b1:58:1a:8d:fe:f7:5a:76:9f:b5:3c:3c:1a: a2:70:4d:f0:02:65:4a:4e:52:06:7c:14:a1:36:9a:dd:b2:d7: b1:14:69:d1:a3:fa:ca:7c:be:8b:8a:b2:cb:8a:57:5a:a4:c5: cc:2b:4c:d8:e7:f5:a1:ca:4a:24:f1:c3:26:03:a0:f5:67:66: fd:44:67:28:5c:f5:f1:e0:8c:ac:2a:57:7c:05:5c:b0:14:82: d2:de:35:13:ef:73:55:8c:6e:ce:4a:bf:94:d0:38:98:38:a2: fc:be:35:a1:9a:89:3c:e6:00:99:d7:bd:18:46:be:68:e0:12: 33:de:3f:a5 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUDAWeswjBg2NKlbcqqKYA7up/bzgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMDVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDM2ZDQ1M2U3ODI4Nzg4ZDUyYTgxODJiYWNhMTYyYzY1MmJmNGU1ZDAzMTIw NGE4Y2EwNDFiMTFlYTM5MTc3NmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALBOpJ8xFSa7UqRbR3CjDBfcO9++iHbsXfXbsuDFqezBo54SMdaTW3lORHF9 tWbMGz/pPX2E4s870domW7J7BXtRmHoy6fTwWsw3EFOO2LeTY/+/hg9/0gNtgwNa dmc1j07WOFbcgb43zoOeH/LzFsneI++UQrMMW2C2t3/RXmMfo8ZrSDyd7ogVLPxF Zy5AjOzH79EObqWuABvXYyOd0g2H+WVKbmiH0avpmdp9cimAZLaR4f34H2W1+G0T B3QGSZJhPlm+YvHfF6D1FwwqBGKeKltWzCaDPWggrjFGtD2zbd0Y0jiVbVwo4Vm5 1B4mQHs5WKWtEP5IEqUhSIwQzJ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSLrfNj LsqoJR8ClhLJz4/tMgRGozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G CSqGSIb3DQEBCwUAA4IBAQBKblM1RP9oIpexChrU+WdMEWz7nfMZZ1zOvz2Tf23i x7T+XE4biNcDek9bQg4GW064hGndmtulC2AJrdPkZEpHUEmeXSvlTs5gD2flwgke kkudpIYDd8jdAayW+lTSIEBgUCibZcN45XFzwyd5zWSR2cb9vWbwfXy1uP4R6+I5 vAbpwbFYGo3+91p2n7U8PBqicE3wAmVKTlIGfBShNprdstexFGnRo/rKfL6LirLL ildapMXMK0zY5/Whykok8cMmA6D1Z2b9RGcoXPXx4IysKld8BVywFILS3jUT73NV jG7OSr+U0DiYOKL8vjWhmok85gCZ170YRr5o4BIz3j+l -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:48 2025 by rpki-client