This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json) Hash identifier: K/DO63ml/5FeDM63jqeqQMddxx3zNm6/LEO5KQEG3jQ= Subject key identifier: 5D:B1:D3:79:AC:14:94:2A:C2:EC:21:6E:76:E3:FD:EB:1D:6D:06:DB Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0C45D1F9F14E97D2E47A575B3DDA0346D9990F87 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa Signing time: Wed 10 Dec 2025 06:30:12 +0000 ROA not before: Wed 10 Dec 2025 06:30:12 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.220.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:45:d1:f9:f1:4e:97:d2:e4:7a:57:5b:3d:da:03:46:d9:99:0f:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:12 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=742aa2e713550698355bb25fc0124547b7dc834fb4b885ba2b1aed79b2284204, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:cb:3a:32:27:9a:80:82:76:10:b6:35:62:23: 8a:42:78:ab:5d:4b:12:ac:65:f7:93:4a:66:7b:e5: f3:a7:ce:b0:e5:8d:f9:d3:53:11:52:e7:33:f8:97: 12:8f:ed:3f:38:5e:0c:24:95:a7:ed:15:3d:0d:8f: c1:44:fa:33:82:64:55:33:0f:af:e7:c1:1f:58:c8: 42:31:23:08:6c:fc:b1:ac:3a:07:21:a7:1b:00:6a: b2:ad:f6:37:d0:fc:a5:25:0b:10:b0:4f:80:9e:64: 89:20:6c:f1:25:2b:e8:4a:0b:37:04:77:93:06:63: 40:28:df:c6:aa:e8:48:74:42:2b:58:42:df:d7:2f: d0:53:77:59:77:c8:bf:e1:92:b7:b5:25:75:05:f9: 0a:50:d7:93:0a:c4:53:e1:b2:65:26:89:24:2b:c3: b5:39:94:28:f0:61:14:eb:da:5a:e8:47:fc:a6:dd: d1:14:c0:09:2d:17:e9:e1:b5:27:83:10:a0:e7:fb: a4:5d:76:e0:ce:e8:9b:71:32:f1:c1:b9:34:4e:82: bf:cc:3e:f9:20:30:81:fd:e8:1f:19:11:e8:6d:43: 14:f9:aa:03:2c:ca:0d:ba:ca:2b:7c:3b:56:9a:a9: ec:8e:0e:88:65:e5:5b:99:6e:5d:ae:b1:dd:9d:ee: a2:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:B1:D3:79:AC:14:94:2A:C2:EC:21:6E:76:E3:FD:EB:1D:6D:06:DB X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.220.0.0/15 Signature Algorithm: sha256WithRSAEncryption a3:af:04:0d:41:8f:13:bb:6f:c6:e0:76:b2:ab:50:ab:7b:11: bd:7d:f8:59:f8:b6:cc:de:de:1b:64:3d:c2:07:e0:75:24:dd: 64:56:c8:e4:d3:df:e9:61:13:48:e1:92:36:fa:15:10:bb:7b: 84:c3:1d:73:eb:95:37:2e:a2:3e:74:3a:1d:bd:98:20:df:11: b3:b0:cb:7e:36:3c:57:ff:a9:94:3a:89:d7:87:25:a1:e4:d3: c9:22:09:10:19:1b:df:26:bd:a9:d0:ad:23:0f:71:90:02:7f: 48:03:07:13:03:85:98:89:d9:d3:9c:81:1a:0f:76:35:10:bd: 91:4c:ef:ef:00:0b:e5:fa:0c:5a:d3:95:74:0e:95:67:00:00: 58:df:a8:21:be:7e:cf:42:98:53:b9:25:96:f9:b6:05:68:4d: 64:dd:64:6e:b6:5c:95:03:a1:42:ad:c4:aa:fa:a1:2e:22:e5: 20:09:26:75:01:f7:5b:ed:fe:5d:31:fb:d4:7b:c2:f8:44:96: 73:8f:74:b8:8b:da:ef:e9:e5:46:f4:c9:e9:13:ca:46:bb:46: 0b:1e:0b:13:36:fe:c4:b2:d6:d9:bc:bf:6f:81:ce:ab:1b:df: b9:09:90:4c:4a:6b:d8:86:bd:06:e4:69:ad:ba:78:ab:4f:79: e3:5a:c4:67 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUDEXR+fFOl9LkeldbPdoDRtmZD4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDc0MmFhMmU3MTM1NTA2OTgzNTViYjI1ZmMwMTI0NTQ3YjdkYzgzNGZiNGI4 ODViYTJiMWFlZDc5YjIyODQyMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOLLOjInmoCCdhC2NWIjikJ4q11LEqxl95NKZnvl86fOsOWN+dNTEVLnM/iX Eo/tPzheDCSVp+0VPQ2PwUT6M4JkVTMPr+fBH1jIQjEjCGz8saw6ByGnGwBqsq32 N9D8pSULELBPgJ5kiSBs8SUr6EoLNwR3kwZjQCjfxqroSHRCK1hC39cv0FN3WXfI v+GSt7UldQX5ClDXkwrEU+GyZSaJJCvDtTmUKPBhFOvaWuhH/Kbd0RTACS0X6eG1 J4MQoOf7pF124M7om3Ey8cG5NE6Cv8w++SAwgf3oHxkR6G1DFPmqAyzKDbrKK3w7 Vpqp7I4OiGXlW5luXa6x3Z3uog8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdsdN5 rBSUKsLsIW524/3rHW0G2zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G CSqGSIb3DQEBCwUAA4IBAQCjrwQNQY8Tu2/G4Hayq1CrexG9ffhZ+LbM3t4bZD3C B+B1JN1kVsjk09/pYRNI4ZI2+hUQu3uEwx1z65U3LqI+dDodvZgg3xGzsMt+NjxX /6mUOonXhyWh5NPJIgkQGRvfJr2p0K0jD3GQAn9IAwcTA4WYidnTnIEaD3Y1EL2R TO/vAAvl+gxa05V0DpVnAABY36ghvn7PQphTuSWW+bYFaE1k3WRutlyVA6FCrcSq +qEuIuUgCSZ1Afdb7f5dMfvUe8L4RJZzj3S4i9rv6eVG9MnpE8pGu0YLHgsTNv7E stbZvL9vgc6rG9+5CZBMSmvYhr0G5GmtunirT3njWsRn -----END CERTIFICATE-----Generated at Wed Dec 17 17:47:18 2025 by rpki-client