This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json) Hash identifier: T5s6O0tECyxCYPMTaYheZhkw7WpLhuz1bIIKpcZKWY0= Subject key identifier: 54:C9:3B:CE:AA:C4:74:D8:78:ED:2A:D5:50:7F:DF:83:34:D5:A6:97 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1F0064DF17F25DE129A034F80B06BBDD9DED266B Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa Signing time: Fri 05 Dec 2025 01:00:08 +0000 ROA not before: Fri 05 Dec 2025 01:00:08 +0000 ROA not after: Thu 05 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.118.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:00:64:df:17:f2:5d:e1:29:a0:34:f8:0b:06:bb:dd:9d:ed:26:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 5 01:00:08 2025 GMT Not After : Mar 5 23:59:59 2026 GMT Subject: serialNumber=38a30ea675c0bb7533eee40b1eb8f09122ede82e013b2096a4c85f891b873c72, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:5b:f2:7f:0f:b7:29:27:42:8c:81:f6:0b:2a: 74:a3:fc:f1:f2:75:e3:f7:60:9f:3c:3e:ea:ba:df: 77:20:c9:8e:00:3c:31:54:5a:bc:d6:47:57:1c:0c: c7:de:89:e5:91:d9:15:5a:29:7e:90:b1:25:1d:cd: 66:2c:b2:01:dc:be:d5:bb:c6:8d:ea:2c:12:ed:c1: 77:9b:89:56:cc:9a:ef:7e:4e:45:87:e2:b3:55:0e: 1b:8c:6f:93:5a:af:5c:80:ab:d4:ec:8b:f4:c4:fe: 7a:81:24:c3:8c:69:04:34:00:32:81:ac:68:24:03: 43:74:de:07:a1:a5:83:70:bf:8b:1a:13:14:a8:79: b9:50:9d:52:87:b8:b4:e1:0f:6d:b9:c8:9a:00:7b: d3:3d:2e:6b:ce:14:84:a0:4f:d8:55:be:82:25:47: 19:18:99:d0:d3:de:14:dd:8a:c1:56:f8:99:72:7a: 88:73:87:0b:b3:01:79:35:e2:0a:12:41:f7:dc:8d: 70:06:7d:6f:b2:b1:43:1b:a3:c4:e8:34:f2:76:c5: e7:12:eb:6a:dd:8b:94:67:0d:32:3d:c7:84:28:5e: 47:b6:7a:74:06:a8:f1:89:6f:9a:0d:32:47:3d:14: bf:0c:1c:38:36:71:a6:99:3f:c8:24:99:86:67:7a: c0:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:C9:3B:CE:AA:C4:74:D8:78:ED:2A:D5:50:7F:DF:83:34:D5:A6:97 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.118.0.0/15 Signature Algorithm: sha256WithRSAEncryption 60:b6:9c:f9:e7:09:79:7f:8c:37:8d:92:51:a8:96:a3:0c:25: ae:77:b6:e3:e3:b6:74:2e:1f:10:36:56:b6:f2:fa:f2:a7:63: 6c:20:cd:a6:8c:8b:8d:a4:5e:08:4e:fb:7e:e2:0f:fb:63:4c: 00:9e:70:58:e7:1c:b3:2a:67:38:c5:48:44:36:4a:a0:67:51: cc:79:d4:6c:79:8b:c3:63:a9:fb:61:4d:21:0d:c9:3f:40:1f: 40:a4:89:b4:48:2d:9d:68:05:70:57:38:18:a4:07:d7:c1:f1: 1c:59:23:b0:e5:82:2d:c5:2f:95:15:c5:61:52:9a:b6:d9:5a: a2:d7:f2:c3:a0:c4:09:11:bf:0d:b1:df:82:86:56:6b:fb:be: a4:d5:a5:41:7d:ab:ff:c4:e0:d0:c1:d2:09:1e:3d:f2:e7:cf: 6c:45:01:c0:3a:bb:02:ba:c9:20:8f:4d:94:7e:ec:ea:9b:ab: df:77:79:21:f9:75:56:43:50:a6:ef:2c:92:60:cd:87:59:c1: 68:a5:98:08:3f:39:26:3c:f8:74:d9:95:04:6e:8c:07:31:22: 40:ae:72:97:22:6b:1c:c7:8e:33:a5:40:a9:f4:75:ce:a2:28: 1a:c2:1b:9d:f0:d0:23:9a:3b:38:d2:13:87:ea:b7:63:f7:c5: 8c:a9:71:14 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUHwBk3xfyXeEpoDT4Cwa73Z3tJmswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMDUwMTAwMDhaFw0yNjAzMDUyMzU5NTlaMHoxSTBHBgNV BAUTQDM4YTMwZWE2NzVjMGJiNzUzM2VlZTQwYjFlYjhmMDkxMjJlZGU4MmUwMTNi MjA5NmE0Yzg1Zjg5MWI4NzNjNzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ9b8n8PtyknQoyB9gsqdKP88fJ14/dgnzw+6rrfdyDJjgA8MVRavNZHVxwM x96J5ZHZFVopfpCxJR3NZiyyAdy+1bvGjeosEu3Bd5uJVsya735ORYfis1UOG4xv k1qvXICr1OyL9MT+eoEkw4xpBDQAMoGsaCQDQ3TeB6Glg3C/ixoTFKh5uVCdUoe4 tOEPbbnImgB70z0ua84UhKBP2FW+giVHGRiZ0NPeFN2KwVb4mXJ6iHOHC7MBeTXi ChJB99yNcAZ9b7KxQxujxOg08nbF5xLrat2LlGcNMj3HhCheR7Z6dAao8Ylvmg0y Rz0UvwwcODZxppk/yCSZhmd6wMkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRUyTvO qsR02HjtKtVQf9+DNNWmlzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G CSqGSIb3DQEBCwUAA4IBAQBgtpz55wl5f4w3jZJRqJajDCWud7bj47Z0Lh8QNla2 8vryp2NsIM2mjIuNpF4ITvt+4g/7Y0wAnnBY5xyzKmc4xUhENkqgZ1HMedRseYvD Y6n7YU0hDck/QB9ApIm0SC2daAVwVzgYpAfXwfEcWSOw5YItxS+VFcVhUpq22Vqi 1/LDoMQJEb8Nsd+ChlZr+76k1aVBfav/xODQwdIJHj3y589sRQHAOrsCuskgj02U fuzqm6vfd3kh+XVWQ1Cm7yySYM2HWcFopZgIPzkmPPh02ZUEbowHMSJArnKXImsc x44zpUCp9HXOoigawhud8NAjmjs40hOH6rdj98WMqXEU -----END CERTIFICATE-----Generated at Sat Dec 6 12:49:07 2025 by rpki-client