This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json) Hash identifier: R2qpv7u4H+XN96rJe7/J5y6V//Td3BaB0lZnxqtH1IE= Subject key identifier: C7:9E:65:8F:D6:58:9D:AD:DB:A9:27:36:E6:BA:F9:48:33:20:84:97 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 56EADBA565B5F5F20079E95E1E15AF82DB3246DB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa Signing time: Thu 11 Dec 2025 01:00:06 +0000 ROA not before: Thu 11 Dec 2025 01:00:06 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.112.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:ea:db:a5:65:b5:f5:f2:00:79:e9:5e:1e:15:af:82:db:32:46:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:06 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=72c1ebf91a9fc0bf9a725fa345de038cdb7fac1912566ffa5cb42d4ad2f3c15d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:61:72:3b:a8:b6:ca:dd:2b:50:03:b1:ba:2e: 09:71:6c:83:bd:f6:ef:bf:cd:3c:51:dd:b1:02:f1: db:37:65:8f:8b:10:da:80:d2:18:c8:9f:0f:99:da: 23:d2:90:dd:a1:38:7f:ee:d9:d0:dd:b5:35:73:77: e4:8a:c6:b6:89:2f:dc:d6:61:a6:b0:d9:ed:cd:88: 0d:65:ef:7a:5d:92:a1:99:38:22:20:2b:71:40:10: 82:54:00:ee:8e:38:8a:35:05:0f:c2:f7:b6:cb:e6: 94:13:a5:61:8a:33:ee:16:e6:97:15:22:3a:8d:97: 81:5a:d0:1f:89:fb:44:1c:61:3b:fd:a2:ff:d8:32: 9a:32:2a:6f:db:1c:02:c4:73:0a:8b:e3:9d:a0:67: fc:1b:fa:a9:26:a3:03:17:0f:8d:9c:f4:eb:82:c6: 3d:92:e6:43:11:a6:95:62:5e:a4:69:e6:65:83:f3: 0d:d9:a3:9f:34:8a:8d:51:0b:14:75:cb:6c:89:25: 14:51:a3:96:45:64:ab:b6:8c:97:ea:e7:85:55:ab: 40:d2:aa:ae:70:e3:ff:ac:41:64:db:36:4c:69:3b: fb:33:77:23:4d:9a:3b:0b:0e:e2:53:9d:b8:bb:4f: 06:06:64:f5:72:82:02:72:bb:d9:e8:67:0f:da:df: f4:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:9E:65:8F:D6:58:9D:AD:DB:A9:27:36:E6:BA:F9:48:33:20:84:97 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.112.0/21 Signature Algorithm: sha256WithRSAEncryption cf:7f:34:bb:72:dd:5e:47:e0:16:45:fc:58:1f:d6:f1:32:7c: 0c:72:d3:2e:2a:52:b0:1e:b5:80:93:ec:d6:19:e7:11:31:8f: 6f:1d:52:24:62:56:f3:72:e8:5f:42:a5:4a:77:d9:72:36:e0: b4:27:a6:b7:c3:91:51:f8:18:86:fa:6f:ae:ce:37:45:0f:67: 35:41:b6:fa:50:b1:d3:cc:d1:2e:96:9e:7c:4c:42:e1:c8:9c: 0b:84:0e:3f:40:ba:54:e2:46:c6:d5:b2:70:a0:57:e6:22:df: 86:bf:28:14:aa:a6:ad:fe:52:f7:7e:08:d9:a8:ae:ab:37:99: 06:26:9d:53:d4:3f:ae:31:68:56:71:59:34:e3:3c:45:1b:0c: f2:64:61:bb:ab:95:a6:49:44:76:de:4a:44:5e:1d:3f:44:bc: 96:9a:d6:9c:f5:63:e2:ba:ce:7a:dc:e0:fa:e5:72:1c:71:26: 4c:58:ec:c0:03:60:ec:a3:12:0a:b3:2b:a7:da:c1:da:fa:f1: 4d:d0:4f:ff:65:9c:db:f9:e2:7e:ae:81:25:7a:f5:55:f4:e1: 90:34:85:8e:df:1a:f6:b0:a9:32:5d:da:81:dc:a5:20:89:47: bc:a1:a4:6a:6e:0a:d8:64:fc:d5:cb:04:80:11:e4:20:93:af: 30:5b:9e:53 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUVurbpWW19fIAeeleHhWvgtsyRtswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMDZaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDcyYzFlYmY5MWE5ZmMwYmY5YTcyNWZhMzQ1ZGUwMzhjZGI3ZmFjMTkxMjU2 NmZmYTVjYjQyZDRhZDJmM2MxNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxhcjuotsrdK1ADsbouCXFsg73277/NPFHdsQLx2zdlj4sQ2oDSGMifD5na I9KQ3aE4f+7Z0N21NXN35IrGtokv3NZhprDZ7c2IDWXvel2SoZk4IiArcUAQglQA 7o44ijUFD8L3tsvmlBOlYYoz7hbmlxUiOo2XgVrQH4n7RBxhO/2i/9gymjIqb9sc AsRzCovjnaBn/Bv6qSajAxcPjZz064LGPZLmQxGmlWJepGnmZYPzDdmjnzSKjVEL FHXLbIklFFGjlkVkq7aMl+rnhVWrQNKqrnDj/6xBZNs2TGk7+zN3I02aOwsO4lOd uLtPBgZk9XKCAnK72ehnD9rf9NsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHnmWP 1lidrdupJzbmuvlIMyCElzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN BgkqhkiG9w0BAQsFAAOCAQEAz380u3LdXkfgFkX8WB/W8TJ8DHLTLipSsB61gJPs 1hnnETGPbx1SJGJW83LoX0KlSnfZcjbgtCemt8ORUfgYhvpvrs43RQ9nNUG2+lCx 08zRLpaefExC4cicC4QOP0C6VOJGxtWycKBX5iLfhr8oFKqmrf5S934I2aiuqzeZ BiadU9Q/rjFoVnFZNOM8RRsM8mRhu6uVpklEdt5KRF4dP0S8lprWnPVj4rrOetzg +uVyHHEmTFjswANg7KMSCrMrp9rB2vrxTdBP/2Wc2/nifq6BJXr1VfThkDSFjt8a 9rCpMl3agdylIIlHvKGkam4K2GT81csEgBHkIJOvMFueUw== -----END CERTIFICATE-----Generated at Wed Dec 17 18:28:31 2025 by rpki-client