This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json) Hash identifier: 9aF4d6Nl6ctFoFgGktvTndRa37RFl0ZbRs9H31hThLw= Subject key identifier: E8:65:4D:FA:F6:4E:7A:84:E5:84:F3:13:F7:D9:2B:33:6B:0C:8C:4E Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 29E0FDD1A3285F3A3EE4C648ECB398B66D470F10 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa Signing time: Wed 10 Dec 2025 06:50:32 +0000 ROA not before: Wed 10 Dec 2025 06:50:32 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.152.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:e0:fd:d1:a3:28:5f:3a:3e:e4:c6:48:ec:b3:98:b6:6d:47:0f:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:32 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=219791ca033423f0ca002630d0d2573c7274df1e78e206d0625562b56076008c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:27:e5:bc:91:ce:59:25:3b:1b:b8:50:69:e4: 40:eb:e8:a8:77:34:99:fc:47:f4:62:e2:ec:04:fd: 77:19:21:d3:73:28:e5:e7:ab:89:7a:83:72:84:10: a2:b2:b8:38:70:4f:fe:d0:4e:50:85:fa:af:ae:8a: 48:e2:99:39:3d:cf:73:15:05:13:14:da:2e:1a:15: e8:de:5c:a2:22:31:14:2f:da:7b:a0:58:15:41:6a: 47:e5:ae:49:76:4a:d2:e5:cc:c2:61:92:fb:1b:2d: 42:c7:cf:2f:c1:3e:a8:8a:05:3b:a6:9d:93:ea:e5: 2d:be:aa:a3:44:e9:ed:54:a8:a9:19:6e:7f:7b:50: 3a:a9:4b:af:17:92:af:93:ca:52:25:40:f0:dd:dd: 98:51:e0:4b:91:e1:0c:6b:7c:6b:ce:16:6b:a9:11: 71:9a:a7:96:4e:1d:5b:a1:7e:9b:e7:45:4b:f1:64: 29:bc:d9:8f:ec:63:1a:9e:a7:de:e6:07:b6:c1:19: a2:a2:00:ab:af:a6:d5:35:b3:dc:d7:25:3c:10:b6: 54:13:83:3f:d1:e4:84:14:11:07:a8:17:62:e1:ea: 73:00:07:45:4d:45:e0:7c:2f:ae:82:ab:af:f5:d2: 53:ce:45:26:f3:9f:4d:3d:09:e9:dc:f8:d9:2c:69: c2:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:65:4D:FA:F6:4E:7A:84:E5:84:F3:13:F7:D9:2B:33:6B:0C:8C:4E X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.152.0.0/15 Signature Algorithm: sha256WithRSAEncryption c7:d3:bb:15:3c:30:d1:ab:6f:5b:94:91:7c:4d:6d:5e:76:b8: 77:0b:63:a1:b8:26:e6:97:59:51:9b:ed:0b:82:ea:42:3e:f8: f9:c0:d9:9d:7e:37:df:55:f3:f5:6d:c5:04:93:50:51:28:4d: b4:dc:16:8d:ed:ff:bf:cc:e0:9e:fd:f5:2d:24:ed:04:16:a4: 1d:a4:e3:30:3d:8c:7a:5a:de:f4:75:df:1f:33:17:af:3f:cf: c3:a2:ff:4d:ba:a1:9b:04:b0:82:1e:09:01:bd:4a:cb:59:c8: a0:b1:39:21:4d:e0:84:0d:47:69:47:82:d0:e9:3f:97:cc:c0: 5b:f2:29:ca:fa:61:6b:d3:03:2d:a6:74:86:85:f1:28:bc:41: 51:5e:16:61:77:57:83:1f:d8:bf:60:78:18:13:bf:30:df:de: 42:77:f2:61:fa:23:7c:a6:be:aa:c8:72:03:90:7b:db:f7:14: 10:83:1e:35:ff:c5:76:26:dc:76:a2:a4:c9:96:a4:a5:83:c0: 9c:4c:3d:e7:39:cf:83:8b:c1:61:d9:ec:89:2e:bf:c6:9e:57: 89:8b:23:e0:d5:77:82:c4:22:f6:25:ed:fb:40:16:e9:54:91: ab:f9:8a:05:16:70:45:d8:2b:0e:a1:06:08:fc:d8:e5:39:0b: 49:a2:43:b5 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUKeD90aMoXzo+5MZI7LOYtm1HDxAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIxOTc5MWNhMDMzNDIzZjBjYTAwMjYzMGQwZDI1NzNjNzI3NGRmMWU3OGUy MDZkMDYyNTU2MmI1NjA3NjAwOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMMn5byRzlklOxu4UGnkQOvoqHc0mfxH9GLi7AT9dxkh03Mo5eeriXqDcoQQ orK4OHBP/tBOUIX6r66KSOKZOT3PcxUFExTaLhoV6N5coiIxFC/ae6BYFUFqR+Wu SXZK0uXMwmGS+xstQsfPL8E+qIoFO6adk+rlLb6qo0Tp7VSoqRluf3tQOqlLrxeS r5PKUiVA8N3dmFHgS5HhDGt8a84Wa6kRcZqnlk4dW6F+m+dFS/FkKbzZj+xjGp6n 3uYHtsEZoqIAq6+m1TWz3NclPBC2VBODP9HkhBQRB6gXYuHqcwAHRU1F4HwvroKr r/XSU85FJvOfTT0J6dz42SxpwlcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBToZU36 9k56hOWE8xP32SszawyMTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G CSqGSIb3DQEBCwUAA4IBAQDH07sVPDDRq29blJF8TW1edrh3C2OhuCbml1lRm+0L gupCPvj5wNmdfjffVfP1bcUEk1BRKE203BaN7f+/zOCe/fUtJO0EFqQdpOMwPYx6 Wt70dd8fMxevP8/Dov9NuqGbBLCCHgkBvUrLWcigsTkhTeCEDUdpR4LQ6T+XzMBb 8inK+mFr0wMtpnSGhfEovEFRXhZhd1eDH9i/YHgYE78w395Cd/Jh+iN8pr6qyHID kHvb9xQQgx41/8V2Jtx2oqTJlqSlg8CcTD3nOc+Di8Fh2eyJLr/GnleJiyPg1XeC xCL2Je37QBbpVJGr+YoFFnBF2CsOoQYI/NjlOQtJokO1 -----END CERTIFICATE-----Generated at Wed Dec 17 15:26:25 2025 by rpki-client