This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json) Hash identifier: dayp/+2xCKRIQjIHLB8bfOOBUf3V2N4hY2IOVe6wijw= Subject key identifier: 60:5E:05:4C:C8:17:DD:FF:95:C4:54:58:97:5E:41:0F:6C:B4:24:0C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 111ABF068B3D450257C09F7D634BD7CF3A1ECA81 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa Signing time: Sun 16 Nov 2025 01:00:07 +0000 ROA not before: Sun 16 Nov 2025 01:00:07 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.0.112.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:1a:bf:06:8b:3d:45:02:57:c0:9f:7d:63:4b:d7:cf:3a:1e:ca:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:07 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=7a6f0aae3f4dee42a8810b82596d462696de29adaeb3d3e8ff81143d571f5988, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:45:ea:ad:77:8d:9b:1b:78:88:71:b7:8d:87: 35:00:2f:ea:75:bb:54:2d:6d:47:33:e1:61:15:d7: 06:d2:94:ca:04:be:02:a6:89:81:9f:34:2f:74:d1: 66:a1:57:fe:4c:3f:15:b9:08:f1:51:51:72:65:4e: 97:d2:67:1d:b5:a9:85:e3:b4:48:02:0a:8f:67:cc: 16:49:2f:07:c2:ee:43:0a:7f:a5:31:5b:51:bb:3b: 5a:bb:ba:9c:09:37:c6:1f:43:e3:ed:d1:de:4e:9c: 61:e7:6e:05:c8:f9:0d:5a:e0:3d:e9:d5:8d:1a:ab: d3:9e:97:b9:b7:be:97:cb:25:53:bf:4d:51:7d:29: 72:c4:25:fb:eb:99:a5:f3:cc:c4:fb:9a:2b:1b:42: ce:f5:c9:f5:33:e3:b8:f0:b9:ec:a9:29:66:80:bd: f4:7a:77:f5:a8:1a:df:20:2f:00:44:86:75:cf:ed: bd:bf:cf:f9:26:52:0a:1e:33:6f:78:d9:21:36:30: f3:d4:00:43:c9:4c:7d:dd:72:3a:52:bd:88:36:ce: a3:94:77:97:7c:49:f4:97:85:0d:08:22:ad:3c:9e: b5:05:2e:3a:d3:4d:75:c6:e0:95:eb:ab:17:71:41: a7:d4:40:75:eb:68:92:53:c8:77:c8:5b:05:7e:fe: 87:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:5E:05:4C:C8:17:DD:FF:95:C4:54:58:97:5E:41:0F:6C:B4:24:0C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.0.112.0/21 Signature Algorithm: sha256WithRSAEncryption 0b:41:bf:62:00:72:e0:cf:45:27:60:c5:8b:cd:75:5f:f1:13: 41:e3:3e:37:04:00:0e:6b:9e:4c:f0:3a:f3:fd:15:6c:ae:3e: dc:01:8e:5d:6a:dc:47:a8:6f:f4:37:dd:fc:71:d6:95:59:8e: ec:5b:52:9a:75:0a:99:b5:80:11:37:1b:66:f7:a4:38:d1:94: c3:91:5b:9d:16:11:48:c9:6f:a8:c5:e7:20:5f:d5:e0:c9:ef: e7:d5:76:d4:b4:43:88:bd:c4:1e:b2:ec:55:e8:84:31:34:f0: de:37:50:a7:97:50:29:51:d8:79:b0:cf:b3:93:85:8f:eb:8c: 90:64:ef:8b:04:bd:54:77:06:84:e5:29:2a:20:0b:c3:c2:27: 70:e7:29:35:86:5b:c4:31:a1:40:b9:dc:df:bd:ca:3a:a4:76: fd:9c:ff:a4:60:54:62:d5:c4:48:28:7c:18:a0:a7:e3:ce:be: 9d:0d:aa:2a:de:85:78:0d:5d:c2:7e:79:32:a0:c4:15:cd:2b: a0:5a:0c:f9:fd:30:87:25:7a:5a:7b:05:8d:04:fe:0e:9d:e1: 78:5e:b1:a3:8f:4b:26:d6:d2:42:03:31:4d:6e:90:79:f4:e0: 87:a7:2e:81:82:24:41:ff:5d:b3:d7:ce:d0:5c:43:90:af:82: 35:ba:28:0b -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUERq/Bos9RQJXwJ99Y0vXzzoeyoEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMDdaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDdhNmYwYWFlM2Y0ZGVlNDJhODgxMGI4MjU5NmQ0NjI2OTZkZTI5YWRhZWIz ZDNlOGZmODExNDNkNTcxZjU5ODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKlF6q13jZsbeIhxt42HNQAv6nW7VC1tRzPhYRXXBtKUygS+AqaJgZ80L3TR ZqFX/kw/FbkI8VFRcmVOl9JnHbWpheO0SAIKj2fMFkkvB8LuQwp/pTFbUbs7Wru6 nAk3xh9D4+3R3k6cYeduBcj5DVrgPenVjRqr056Xube+l8slU79NUX0pcsQl++uZ pfPMxPuaKxtCzvXJ9TPjuPC57KkpZoC99Hp39aga3yAvAESGdc/tvb/P+SZSCh4z b3jZITYw89QAQ8lMfd1yOlK9iDbOo5R3l3xJ9JeFDQgirTyetQUuOtNNdcbgleur F3FBp9RAdetoklPId8hbBX7+h20CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRgXgVM yBfd/5XEVFiXXkEPbLQkDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN BgkqhkiG9w0BAQsFAAOCAQEAC0G/YgBy4M9FJ2DFi811X/ETQeM+NwQADmueTPA6 8/0VbK4+3AGOXWrcR6hv9Dfd/HHWlVmO7FtSmnUKmbWAETcbZvekONGUw5FbnRYR SMlvqMXnIF/V4Mnv59V21LRDiL3EHrLsVeiEMTTw3jdQp5dQKVHYebDPs5OFj+uM kGTviwS9VHcGhOUpKiALw8IncOcpNYZbxDGhQLnc373KOqR2/Zz/pGBUYtXESCh8 GKCn486+nQ2qKt6FeA1dwn55MqDEFc0roFoM+f0whyV6WnsFjQT+Dp3heF6xo49L JtbSQgMxTW6QefTgh6cugYIkQf9ds9fO0FxDkK+CNbooCw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:56:38 2025 by rpki-client