This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json) Hash identifier: tXZ8xB2z4FZkILzhc32BkxyUq9Y9Tj/nBnJvju+DprA= Subject key identifier: 41:D1:08:03:D5:C3:84:47:70:29:B6:F8:56:CB:0A:9D:E7:B8:53:FD Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 40A1A5DF520F5483685C28CE1251A25E39531055 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa Signing time: Thu 11 Dec 2025 01:00:06 +0000 ROA not before: Thu 11 Dec 2025 01:00:06 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.112.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:a1:a5:df:52:0f:54:83:68:5c:28:ce:12:51:a2:5e:39:53:10:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:06 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=26fae597cb5e24cdfdc1d91c54131d01e6d4812ff8b74ecd9a3fc6967c5825e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:4d:58:37:3a:23:f0:ac:ae:62:b8:8f:cd:62: 56:b7:17:bb:cd:0f:6d:0a:38:61:d9:0c:e1:10:09: 17:2b:44:f6:9e:f9:70:82:be:2e:ab:db:dc:cf:0c: 06:21:b5:6a:4b:b8:07:9d:71:56:06:1c:a9:5d:7c: a3:cb:41:69:6a:b1:eb:db:90:1f:9b:a4:79:c4:45: b1:7b:3e:fe:9d:a6:88:84:88:38:46:ae:5f:81:63: e9:6f:22:cb:5a:5d:1a:ed:3e:43:18:e4:98:53:fc: ce:ef:53:5e:bf:5a:d2:9d:7c:b5:6f:41:95:ad:12: 47:0c:5b:27:44:aa:84:4a:2b:0e:bc:26:c3:15:c5: 2f:d3:3f:66:d5:f9:2b:db:2a:62:c2:20:3e:21:5e: dc:cf:eb:ae:3d:6a:89:12:28:e6:f4:d0:c7:cb:f1: 08:bf:0e:4d:d9:ad:f8:9b:44:bc:11:c0:88:a2:8c: a6:25:f4:8e:6d:ff:2a:a5:76:6b:c2:3c:18:6d:c4: 9e:4e:63:52:5f:60:c4:3f:85:e5:6a:e1:9f:c9:34: 7a:b7:e6:1a:13:b1:58:9e:1f:0b:50:1c:61:95:f1: c9:64:17:c3:33:da:f5:74:97:29:cb:3b:ed:be:92: a1:f1:93:41:ee:17:e9:9b:20:17:90:78:5d:4e:87: 94:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:D1:08:03:D5:C3:84:47:70:29:B6:F8:56:CB:0A:9D:E7:B8:53:FD X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.112.0.0/16 Signature Algorithm: sha256WithRSAEncryption 23:20:3d:bd:bd:de:dc:83:53:96:04:77:7d:30:6d:30:1a:e4: cb:3e:99:8b:ae:99:d4:97:30:dc:75:f6:05:be:1d:0e:28:15: eb:c3:33:42:71:c2:fa:5d:26:bc:e4:e1:29:12:66:78:59:f1: 77:b5:2b:38:80:7e:18:94:4e:e1:37:e5:85:0f:9f:3d:eb:89: 14:4c:2a:4f:d4:d4:8e:c1:37:eb:e4:4b:d6:07:11:df:33:d9: fa:2d:d2:64:32:37:5d:cb:70:ff:33:f5:2d:00:5b:2d:47:01: c6:03:39:16:ce:6e:b8:53:54:0a:7d:3b:6f:09:af:ad:bc:1a: 01:e4:a9:cd:b7:92:d5:93:06:77:33:db:35:b9:7d:1d:5f:4e: ff:33:c4:cd:2e:ab:a9:ec:27:58:e1:f2:b4:61:e3:98:8d:91: 91:8a:6a:6e:2f:4a:95:e1:12:29:8b:da:61:cb:dd:a5:9d:ab: f7:82:ab:e9:e8:e3:3a:85:1a:a4:44:58:33:16:08:b3:c4:66: ee:b7:a8:19:2a:4b:01:c3:6d:42:63:15:ca:fa:9d:14:b3:88: 56:69:df:7f:93:fd:bc:82:b4:a6:43:6f:a1:3c:78:72:00:12: 50:ea:c0:48:a3:25:3e:71:70:c7:61:ad:68:84:80:ee:5c:4c: 05:f8:cb:5b -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUQKGl31IPVINoXCjOElGiXjlTEFUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMDZaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDI2ZmFlNTk3Y2I1ZTI0Y2RmZGMxZDkxYzU0MTMxZDAxZTZkNDgxMmZmOGI3 NGVjZDlhM2ZjNjk2N2M1ODI1ZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1NWDc6I/CsrmK4j81iVrcXu80PbQo4YdkM4RAJFytE9p75cIK+Lqvb3M8M BiG1aku4B51xVgYcqV18o8tBaWqx69uQH5ukecRFsXs+/p2miISIOEauX4Fj6W8i y1pdGu0+QxjkmFP8zu9TXr9a0p18tW9Bla0SRwxbJ0SqhEorDrwmwxXFL9M/ZtX5 K9sqYsIgPiFe3M/rrj1qiRIo5vTQx8vxCL8OTdmt+JtEvBHAiKKMpiX0jm3/KqV2 a8I8GG3Enk5jUl9gxD+F5Wrhn8k0erfmGhOxWJ4fC1AcYZXxyWQXwzPa9XSXKcs7 7b6SofGTQe4X6ZsgF5B4XU6HlBkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRB0QgD 1cOER3AptvhWywqd57hT/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G CSqGSIb3DQEBCwUAA4IBAQAjID29vd7cg1OWBHd9MG0wGuTLPpmLrpnUlzDcdfYF vh0OKBXrwzNCccL6XSa85OEpEmZ4WfF3tSs4gH4YlE7hN+WFD58964kUTCpP1NSO wTfr5EvWBxHfM9n6LdJkMjddy3D/M/UtAFstRwHGAzkWzm64U1QKfTtvCa+tvBoB 5KnNt5LVkwZ3M9s1uX0dX07/M8TNLqup7CdY4fK0YeOYjZGRimpuL0qV4RIpi9ph y92lnav3gqvp6OM6hRqkRFgzFgizxGbut6gZKksBw21CYxXK+p0Us4hWad9/k/28 grSmQ2+hPHhyABJQ6sBIoyU+cXDHYa1ohIDuXEwF+Mtb -----END CERTIFICATE-----Generated at Mon Dec 15 15:35:23 2025 by rpki-client