This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json) Hash identifier: LrseMmBBzb9WF9Rm7JCp/SIQt8jGng3LrasQETkvO8Q= Subject key identifier: 7B:AA:59:E6:D6:1C:56:77:99:07:E5:EE:7E:59:96:24:88:5C:87:BB Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4F46302159772C5165478C084588C3E6FE6271D9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa Signing time: Wed 10 Dec 2025 06:40:20 +0000 ROA not before: Wed 10 Dec 2025 06:40:20 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 151.176.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:46:30:21:59:77:2c:51:65:47:8c:08:45:88:c3:e6:fe:62:71:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:20 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=4163c1ebead239ff47478709d0ffe8d02f961518cadd318b6f4ef80b3cfcfa35, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:77:ca:ba:2e:6a:96:ad:6d:b2:a0:c6:1e:64: c6:45:04:e4:18:a3:df:91:c3:e1:14:12:e4:40:32: 3b:53:a7:c8:df:a0:c7:c8:ae:d4:55:72:b9:b4:f6: 52:66:ea:0f:b7:ea:92:6e:4e:cd:2d:9a:be:ea:59: 01:79:bd:ac:c7:50:57:bc:f8:6e:8e:19:d0:44:ee: 15:79:d9:71:17:5a:bb:72:f6:72:84:00:49:82:8b: 48:82:80:6c:2f:5c:ef:80:24:b5:2d:96:25:67:c0: c1:9b:07:6a:4f:ac:a8:3a:dc:f9:40:e5:0d:84:b3: 2f:c2:fd:db:24:d7:9c:16:e0:be:f9:98:c6:ad:50: d1:5c:c9:6f:8b:27:b1:9a:94:20:10:ec:e3:0a:dd: ce:e2:fb:7a:da:18:2d:11:0c:20:cf:77:67:97:1b: ff:73:95:da:53:e6:f4:a0:da:23:bc:b2:9c:5f:f6: 7d:2b:08:bf:89:31:18:d7:a0:f4:21:82:2b:26:60: 1e:c1:82:a3:8a:51:a8:b8:6c:e5:72:10:f2:a6:eb: e0:f0:03:60:60:fe:a8:2e:62:98:c9:ac:85:38:15: cf:c3:a4:f1:18:a0:7f:a5:79:54:d6:f7:a5:4f:ca: eb:00:ff:0a:ec:91:bf:f7:af:c9:37:11:fa:50:da: 94:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:AA:59:E6:D6:1C:56:77:99:07:E5:EE:7E:59:96:24:88:5C:87:BB X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.176.0.0/16 Signature Algorithm: sha256WithRSAEncryption 19:5e:7b:5b:a4:84:9a:8b:c3:04:8a:75:25:5a:07:c4:55:2f: 17:34:2f:40:cf:a1:8b:b8:d6:2c:de:ea:f5:89:f4:d6:f8:ff: 5a:fc:fb:30:f2:35:ea:56:d3:db:6d:ff:99:db:f8:e6:dc:50: 37:c0:45:ab:7a:72:2a:fe:01:8f:b6:41:e4:b4:a5:f1:64:43: 78:be:96:6d:6c:d9:a9:4a:ee:3a:3d:04:11:65:b8:0d:f8:48: 72:72:fd:e2:05:50:96:34:a7:c9:4e:25:37:5e:8a:a4:94:0c: bb:a9:cb:11:74:de:b3:f5:50:96:61:09:94:39:b6:cd:35:d5: 6e:b2:dc:cc:00:15:73:29:08:c5:cb:2d:f5:a2:4d:94:54:8b: 59:1f:d7:e4:db:10:e9:a2:8e:de:a7:7e:7e:42:59:d7:19:80: 3e:b2:e1:9c:1c:53:b5:45:31:09:a9:ca:09:49:05:37:52:65: b0:44:44:bf:2e:15:6f:93:28:66:a9:20:21:20:cb:ae:71:85: 50:14:cc:a2:a6:18:b0:d6:0c:11:af:dd:c4:f7:98:38:be:02: 5c:8e:ba:bb:b1:f3:ca:6a:16:3b:57:91:52:ab:2c:ff:5a:15: 6a:8d:29:61:3f:13:28:0e:56:50:49:0a:ff:b4:b2:e7:a4:54: 49:68:b9:b0 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUT0YwIVl3LFFlR4wIRYjD5v5icdkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMjBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDQxNjNjMWViZWFkMjM5ZmY0NzQ3ODcwOWQwZmZlOGQwMmY5NjE1MThjYWRk MzE4YjZmNGVmODBiM2NmY2ZhMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMB3yrouapatbbKgxh5kxkUE5Bij35HD4RQS5EAyO1OnyN+gx8iu1FVyubT2 UmbqD7fqkm5OzS2avupZAXm9rMdQV7z4bo4Z0ETuFXnZcRdau3L2coQASYKLSIKA bC9c74AktS2WJWfAwZsHak+sqDrc+UDlDYSzL8L92yTXnBbgvvmYxq1Q0VzJb4sn sZqUIBDs4wrdzuL7etoYLREMIM93Z5cb/3OV2lPm9KDaI7yynF/2fSsIv4kxGNeg 9CGCKyZgHsGCo4pRqLhs5XIQ8qbr4PADYGD+qC5imMmshTgVz8Ok8Rigf6V5VNb3 pU/K6wD/CuyRv/evyTcR+lDalPECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7qlnm 1hxWd5kH5e5+WZYkiFyHuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G CSqGSIb3DQEBCwUAA4IBAQAZXntbpISai8MEinUlWgfEVS8XNC9Az6GLuNYs3ur1 ifTW+P9a/Psw8jXqVtPbbf+Z2/jm3FA3wEWrenIq/gGPtkHktKXxZEN4vpZtbNmp Su46PQQRZbgN+Ehycv3iBVCWNKfJTiU3XoqklAy7qcsRdN6z9VCWYQmUObbNNdVu stzMABVzKQjFyy31ok2UVItZH9fk2xDpoo7ep35+QlnXGYA+suGcHFO1RTEJqcoJ SQU3UmWwRES/LhVvkyhmqSAhIMuucYVQFMyiphiw1gwRr93E95g4vgJcjrq7sfPK ahY7V5FSqyz/WhVqjSlhPxMoDlZQSQr/tLLnpFRJaLmw -----END CERTIFICATE-----Generated at Tue Dec 16 18:00:26 2025 by rpki-client