This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json) Hash identifier: nLPrcjbjMS6SPlimbaRrYhClFC3v4EEozkv5Y5SG8yU= Subject key identifier: 91:FF:B1:6E:65:E9:81:CF:E5:BA:A5:3A:81:C3:38:90:A3:18:44:93 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 11D35635883A71121DFEAE8DB63831950F98BB0F Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa Signing time: Wed 10 Dec 2025 06:30:15 +0000 ROA not before: Wed 10 Dec 2025 06:30:15 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.34.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:d3:56:35:88:3a:71:12:1d:fe:ae:8d:b6:38:31:95:0f:98:bb:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:15 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=491897dab1610b4f2812335c0459644e9848517710ed4d3aded3e2a181c8b4b1, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:e7:9c:e5:bc:94:7d:bc:04:1a:33:32:84:b9: 9a:69:55:a7:93:93:d0:bb:ff:36:a7:32:ce:ee:3b: e3:51:20:76:29:27:51:33:1b:4d:2e:da:36:ad:48: ee:5d:d8:6d:79:37:aa:88:e4:d3:94:90:1f:cb:e5: 29:51:ed:83:cc:c3:a5:af:aa:c5:84:62:bd:58:bb: 3c:0d:04:99:16:d4:e1:2e:35:dc:fd:b8:11:b6:9f: 06:f2:d8:ee:08:95:ee:2e:09:45:f7:28:79:bd:50: 31:19:f2:46:d1:9e:7c:b6:17:1d:9e:3d:f4:ac:89: 57:70:a3:45:0d:e6:54:d7:82:2b:18:b1:2d:ca:08: f3:14:ff:63:15:b1:1a:a1:02:81:99:ae:ce:ba:6d: 01:27:3f:84:09:89:25:29:14:10:b3:72:86:31:3f: f5:64:e0:09:7d:e1:b1:31:55:30:c5:c2:1d:d2:81: 05:72:a1:5b:cc:65:b4:63:0b:b5:12:51:90:9e:ca: d7:4a:a1:71:0d:39:58:44:55:7b:ce:df:9c:a4:68: 96:12:db:8a:ec:cb:20:26:e3:da:fb:ac:df:1e:72: a5:64:c3:76:3a:ea:5c:6c:40:a9:e8:e8:4b:1e:66: 7c:9a:4d:75:45:28:a6:f2:94:ea:96:83:9d:7a:5d: 79:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:FF:B1:6E:65:E9:81:CF:E5:BA:A5:3A:81:C3:38:90:A3:18:44:93 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.34.0.0/15 Signature Algorithm: sha256WithRSAEncryption b4:49:6c:8c:fa:46:8d:dd:fb:b5:e7:f6:e1:ce:29:90:e7:c7: aa:36:e8:4c:21:50:d4:40:d3:c5:e7:cc:03:39:94:d0:df:4e: 4d:aa:da:94:97:fe:73:f7:f8:66:9d:27:a0:77:b9:70:82:61: a7:7a:bd:e1:1e:61:c3:52:55:ee:dd:ed:ff:b3:3a:77:f9:0d: b6:81:bc:00:a2:9e:f5:af:ad:f6:ac:b0:12:75:a7:c8:26:b7: 14:81:94:fc:9d:68:24:0f:02:49:31:ed:5a:d0:8a:05:af:b3: 6d:dc:86:68:a6:dd:d3:fa:d3:3c:47:14:aa:27:ac:2b:5c:05: 88:09:f8:b2:50:20:29:3a:19:f3:48:f3:ef:c5:e8:e5:85:7a: e2:67:0e:73:30:12:fc:22:66:d3:a4:55:55:7e:ca:b5:f2:5c: 9f:ab:bf:47:d7:65:90:e1:af:72:b3:46:95:d6:69:1a:9c:6e: 39:fa:1a:6e:b6:a0:a2:93:4c:8d:f8:d7:31:41:35:cc:c3:04: 15:37:60:33:ac:89:f5:80:7c:04:22:e5:61:4a:02:1a:7b:89: 4e:6b:d3:aa:21:42:68:fd:61:bf:88:72:6f:e8:f4:47:7d:91: 2b:cc:18:a4:02:ff:80:13:70:b6:fc:5d:00:ee:49:68:22:9e: fc:d3:bf:22 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUEdNWNYg6cRId/q6NtjgxlQ+Yuw8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ5MTg5N2RhYjE2MTBiNGYyODEyMzM1YzA0NTk2NDRlOTg0ODUxNzcxMGVk NGQzYWRlZDNlMmExODFjOGI0YjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOjnnOW8lH28BBozMoS5mmlVp5OT0Lv/Nqcyzu4741EgdiknUTMbTS7aNq1I 7l3YbXk3qojk05SQH8vlKVHtg8zDpa+qxYRivVi7PA0EmRbU4S413P24EbafBvLY 7giV7i4JRfcoeb1QMRnyRtGefLYXHZ499KyJV3CjRQ3mVNeCKxixLcoI8xT/YxWx GqECgZmuzrptASc/hAmJJSkUELNyhjE/9WTgCX3hsTFVMMXCHdKBBXKhW8xltGML tRJRkJ7K10qhcQ05WERVe87fnKRolhLbiuzLICbj2vus3x5ypWTDdjrqXGxAqejo Sx5mfJpNdUUopvKU6paDnXpdeeECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSR/7Fu ZemBz+W6pTqBwziQoxhEkzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G CSqGSIb3DQEBCwUAA4IBAQC0SWyM+kaN3fu15/bhzimQ58eqNuhMIVDUQNPF58wD OZTQ305NqtqUl/5z9/hmnSegd7lwgmGner3hHmHDUlXu3e3/szp3+Q22gbwAop71 r632rLASdafIJrcUgZT8nWgkDwJJMe1a0IoFr7Nt3IZopt3T+tM8RxSqJ6wrXAWI CfiyUCApOhnzSPPvxejlhXriZw5zMBL8ImbTpFVVfsq18lyfq79H12WQ4a9ys0aV 1mkanG45+hputqCik0yN+NcxQTXMwwQVN2AzrIn1gHwEIuVhSgIae4lOa9OqIUJo /WG/iHJv6PRHfZErzBikAv+AE3C2/F0A7kloIp78078i -----END CERTIFICATE-----Generated at Wed Dec 17 17:44:48 2025 by rpki-client