This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa File: 9adb83e6-fa36-47fa-b5be-856fd7247898.roa (raw, json) Hash identifier: BPxUb1H4uKbbDq1o53Gc04daNOzVClK3xc38eXHlhN4= Subject key identifier: 34:3A:D3:1E:EA:BF:35:35:11:BE:7B:10:98:A5:80:CA:6F:07:0E:43 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 499E24D8C713B03B352153AD4B25853289DCE566 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa Signing time: Thu 11 Dec 2025 01:00:20 +0000 ROA not before: Thu 11 Dec 2025 01:00:20 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.104.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:9e:24:d8:c7:13:b0:3b:35:21:53:ad:4b:25:85:32:89:dc:e5:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:20 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=74378afcf5099cbeb47922521f3722148054d2e70c68ebc25c3c31fb5510af8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9b:66:8f:95:2f:d4:38:b0:b3:08:eb:23:5a: 84:9c:36:9e:cc:36:a6:ef:13:16:93:3b:64:1d:4e: ab:3b:aa:a6:60:ea:57:fc:b3:b3:87:bf:db:81:4f: a0:99:93:76:ca:52:dc:13:1f:90:bd:b8:eb:e7:7e: 27:cf:f7:e8:3f:e2:c0:48:35:ec:6d:52:da:d8:77: 8f:a0:34:cc:32:89:fa:5d:9b:97:3f:a1:16:d5:ee: cc:67:95:ec:b7:b0:3e:03:9b:74:ad:c2:21:f2:8d: 61:ee:89:8d:20:98:11:00:ed:d1:e8:e5:a6:27:70: 19:9a:cc:e3:5f:63:e7:e6:6b:53:05:f5:1d:54:ef: 27:15:85:20:14:09:70:5c:47:a8:4e:ef:64:8e:5b: 5d:16:ce:3a:5c:77:94:b1:ac:31:9c:f4:15:99:f4: ab:bc:ac:20:9d:ae:ff:d3:21:66:24:90:d6:ab:40: b9:e1:b3:a7:28:97:4b:96:82:5a:5c:30:a4:d1:95: 2f:bf:dc:ec:1d:53:34:77:84:26:e3:1d:28:95:2c: f4:4f:4a:78:ea:42:ab:70:4b:58:c4:76:ef:08:1a: 25:4f:3a:79:ca:4f:40:10:b3:21:e6:60:c0:6a:eb: 04:a7:58:c0:01:26:06:f8:13:6b:46:37:23:fa:b6: ca:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:3A:D3:1E:EA:BF:35:35:11:BE:7B:10:98:A5:80:CA:6F:07:0E:43 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.104.0/23 Signature Algorithm: sha256WithRSAEncryption 8e:80:2b:5b:dc:fa:10:d6:43:81:8e:db:cf:0d:a4:cf:0f:0f: 81:57:00:9c:a0:eb:ea:53:5f:0d:59:90:99:8a:0b:b1:53:f1: 24:19:87:83:9e:be:3b:3e:0c:45:17:17:7c:9f:24:96:64:56: b1:e0:03:81:55:61:58:fb:b3:96:d4:db:11:0e:9c:dd:b9:5f: f6:a6:99:87:09:27:7f:d9:0d:c2:9b:f7:ae:2e:e4:45:91:eb: ec:88:0a:35:e8:44:a4:23:03:b5:57:f3:9f:76:b5:11:69:2c: e1:ec:b0:8d:d5:c8:2b:30:14:9a:89:7b:9b:52:8f:e7:03:fd: 8d:7b:a2:f7:45:cd:c8:a0:50:f7:a7:24:a6:59:2c:41:2c:60: cc:16:e6:2e:af:ae:fe:44:ad:16:1a:8d:b0:ec:f3:84:91:20: 48:c3:4e:c1:19:d3:b4:b6:1c:e3:12:ab:a7:5f:3d:9a:bf:4b: 24:f6:6e:e7:7f:15:ef:46:4d:2f:8d:8a:b1:af:c6:05:c2:d4: 35:5c:00:30:c7:34:6b:1a:ef:d8:a6:eb:68:5a:44:ed:9c:23: c2:a6:80:82:7d:40:be:31:d4:3d:ea:ca:ba:83:7e:bb:68:b4: 32:39:4c:04:64:44:70:f9:fb:69:d7:5f:80:d3:56:e5:44:c5: 8e:c9:b6:c2 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUSZ4k2McTsDs1IVOtSyWFMonc5WYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjBaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDc0Mzc4YWZjZjUwOTljYmViNDc5MjI1MjFmMzcyMjE0ODA1NGQyZTcwYzY4 ZWJjMjVjM2MzMWZiNTUxMGFmOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALGbZo+VL9Q4sLMI6yNahJw2nsw2pu8TFpM7ZB1OqzuqpmDqV/yzs4e/24FP oJmTdspS3BMfkL246+d+J8/36D/iwEg17G1S2th3j6A0zDKJ+l2blz+hFtXuzGeV 7LewPgObdK3CIfKNYe6JjSCYEQDt0ejlpidwGZrM419j5+ZrUwX1HVTvJxWFIBQJ cFxHqE7vZI5bXRbOOlx3lLGsMZz0FZn0q7ysIJ2u/9MhZiSQ1qtAueGzpyiXS5aC WlwwpNGVL7/c7B1TNHeEJuMdKJUs9E9KeOpCq3BLWMR27wgaJU86ecpPQBCzIeZg wGrrBKdYwAEmBvgTa0Y3I/q2ylECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ0OtMe 6r81NRG+exCYpYDKbwcOQzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv OWFkYjgzZTYtZmEzNi00N2ZhLWI1YmUtODU2ZmQ3MjQ3ODk4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQaDAN BgkqhkiG9w0BAQsFAAOCAQEAjoArW9z6ENZDgY7bzw2kzw8PgVcAnKDr6lNfDVmQ mYoLsVPxJBmHg56+Oz4MRRcXfJ8klmRWseADgVVhWPuzltTbEQ6c3blf9qaZhwkn f9kNwpv3ri7kRZHr7IgKNehEpCMDtVfzn3a1EWks4eywjdXIKzAUmol7m1KP5wP9 jXui90XNyKBQ96ckplksQSxgzBbmLq+u/kStFhqNsOzzhJEgSMNOwRnTtLYc4xKr p189mr9LJPZu538V70ZNL42Ksa/GBcLUNVwAMMc0axrv2KbraFpE7ZwjwqaAgn1A vjHUPerKuoN+u2i0MjlMBGREcPn7addfgNNW5UTFjsm2wg== -----END CERTIFICATE-----Generated at Tue Dec 16 17:59:22 2025 by rpki-client