This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json) Hash identifier: 2gAo95KT7exgnFnG3FFN6L5wlbLdixLEH7FNWSsC3vQ= Subject key identifier: CE:B1:29:C7:A5:D8:CE:C6:A4:55:F9:A2:8F:BD:59:F9:78:78:69:92 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0E01E15A398AD2C399D352B45C6BD7BCE5BFD88E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa Signing time: Wed 10 Dec 2025 06:50:48 +0000 ROA not before: Wed 10 Dec 2025 06:50:48 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.192.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:01:e1:5a:39:8a:d2:c3:99:d3:52:b4:5c:6b:d7:bc:e5:bf:d8:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:48 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f06d4b92de313d0332ab3c87724697ae37f076eddaead8abf9d9417f9c758dd7, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c1:b8:05:3d:2a:30:38:ae:61:74:db:34:5b: a6:a2:65:ba:5a:4b:8a:7d:5e:87:56:de:57:aa:1f: 91:d4:78:19:3f:0d:eb:6d:2e:c3:e1:26:54:5d:56: 96:14:c9:2e:fb:d0:ab:ae:22:06:f7:71:ee:0c:73: 3f:cc:73:9b:34:b8:bf:ae:74:ae:2e:94:f1:d9:7f: 99:94:63:89:fd:82:ce:63:f3:06:8b:b3:dd:7a:5a: ef:b5:e9:10:93:6f:cc:10:8c:53:c5:c3:90:31:53: aa:76:de:45:d7:6a:1a:a2:cf:b8:6a:ca:ce:79:07: b1:67:53:bc:27:d3:d5:c8:f1:86:40:13:20:8d:08: da:89:e4:2b:6d:63:4c:38:52:6f:da:91:7e:b2:97: 4e:fe:8a:e2:60:e3:f6:d5:25:ca:d2:95:c2:77:fa: 58:5b:5c:a9:f6:f2:14:cc:17:ca:50:a4:4c:dc:72: eb:15:88:a4:68:64:6b:07:35:64:6a:40:a4:40:38: a0:0e:66:a8:42:49:a9:87:16:9a:b4:51:95:a0:21: 58:ff:25:63:f3:61:f2:4c:00:52:be:fa:6a:de:de: 16:e0:ad:ae:58:46:3b:5d:78:c3:20:a8:3e:57:8b: 2c:31:e2:45:e6:56:6a:04:e7:af:7d:54:a0:5b:3c: 67:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:B1:29:C7:A5:D8:CE:C6:A4:55:F9:A2:8F:BD:59:F9:78:78:69:92 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.192.0.0/15 Signature Algorithm: sha256WithRSAEncryption ab:5d:26:0f:87:26:37:ba:78:f6:fe:72:25:5b:95:40:6f:50: da:44:c9:e4:81:4c:20:18:50:bb:e8:60:96:9c:fc:f1:40:0e: 9c:cb:65:66:03:aa:91:ef:23:42:c6:fa:6c:50:04:55:e4:30: f1:e8:d2:30:40:f6:74:af:e4:e0:d0:40:00:b5:49:5b:be:b6: 40:ca:3f:4f:fd:fe:3a:f3:86:f2:92:c8:5d:fd:ed:2d:13:6a: 8b:b1:71:46:6c:01:7c:6f:e2:c6:b7:68:9e:f2:b1:a8:41:3e: 7a:ae:59:cf:be:9d:bb:1e:9b:dd:18:bc:07:2f:be:f9:6a:d9: b5:49:e1:56:79:01:a6:4a:a4:01:7d:98:1b:aa:ef:51:e2:eb: 20:87:84:5e:2d:82:64:36:06:d3:62:cc:4f:07:47:cc:d3:0e: 9d:0c:ea:ca:cc:07:27:30:9a:ac:4b:24:b5:73:9c:7d:79:7d: b3:8c:c8:7a:57:b6:28:af:29:10:cd:ce:b3:da:61:40:0a:50: 81:52:3a:8f:b1:c3:26:bd:e0:6c:79:0d:cf:d7:54:7c:70:ab: 6a:45:05:0f:d4:4e:0a:b1:54:1b:84:ca:3b:1c:86:72:d1:de: a5:60:66:d9:2b:49:9f:5c:eb:b6:f0:68:3a:27:96:76:db:71: 83:ad:5f:22 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUDgHhWjmK0sOZ01K0XGvXvOW/2I4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGYwNmQ0YjkyZGUzMTNkMDMzMmFiM2M4NzcyNDY5N2FlMzdmMDc2ZWRkYWVh ZDhhYmY5ZDk0MTdmOWM3NThkZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjBuAU9KjA4rmF02zRbpqJlulpLin1eh1beV6ofkdR4GT8N620uw+EmVF1W lhTJLvvQq64iBvdx7gxzP8xzmzS4v650ri6U8dl/mZRjif2CzmPzBouz3Xpa77Xp EJNvzBCMU8XDkDFTqnbeRddqGqLPuGrKznkHsWdTvCfT1cjxhkATII0I2onkK21j TDhSb9qRfrKXTv6K4mDj9tUlytKVwnf6WFtcqfbyFMwXylCkTNxy6xWIpGhkawc1 ZGpApEA4oA5mqEJJqYcWmrRRlaAhWP8lY/Nh8kwAUr76at7eFuCtrlhGO114wyCo PleLLDHiReZWagTnr31UoFs8Z+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOsSnH pdjOxqRV+aKPvVn5eHhpkjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G CSqGSIb3DQEBCwUAA4IBAQCrXSYPhyY3unj2/nIlW5VAb1DaRMnkgUwgGFC76GCW nPzxQA6cy2VmA6qR7yNCxvpsUARV5DDx6NIwQPZ0r+Tg0EAAtUlbvrZAyj9P/f46 84bykshd/e0tE2qLsXFGbAF8b+LGt2ie8rGoQT56rlnPvp27HpvdGLwHL775atm1 SeFWeQGmSqQBfZgbqu9R4usgh4ReLYJkNgbTYsxPB0fM0w6dDOrKzAcnMJqsSyS1 c5x9eX2zjMh6V7YorykQzc6z2mFAClCBUjqPscMmveBseQ3P11R8cKtqRQUP1E4K sVQbhMo7HIZy0d6lYGbZK0mfXOu28Gg6J5Z223GDrV8i -----END CERTIFICATE-----Generated at Mon Dec 15 20:21:08 2025 by rpki-client