This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json) Hash identifier: +4OD6jc7NAgXdoZTNyMCL8ZXRtNmXW1K737138TQCoQ= Subject key identifier: B0:D7:7A:61:9A:1E:BC:78:B5:F6:04:82:7B:62:46:DD:83:BA:F2:2B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3FBEB4753B6DC70359CB30C3433AF4998C85249E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa Signing time: Wed 10 Dec 2025 06:40:24 +0000 ROA not before: Wed 10 Dec 2025 06:40:24 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 57.101.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:be:b4:75:3b:6d:c7:03:59:cb:30:c3:43:3a:f4:99:8c:85:24:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:24 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d0933a098801f77aa06d406e3a1801b128e53e6d8f55fc9ffd3e2d351d998d4c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e5:05:5e:8f:fb:5a:e8:bb:9b:4e:00:83:3d: 21:21:f5:a8:40:80:df:b3:7c:ba:57:cb:86:70:34: b5:99:af:1c:75:fc:3e:cc:fa:a1:01:03:47:7e:41: 6f:c8:50:72:24:8c:c0:14:63:c1:6f:76:ca:26:0f: 73:99:b7:37:9c:d7:e4:10:ea:ef:10:73:19:b3:bd: d7:74:6e:7d:54:bb:f2:c4:a5:7f:c4:9b:20:86:f5: 18:4d:88:7c:9f:dd:10:76:0c:26:82:f8:cb:bf:41: 0e:5e:a2:79:90:08:e8:46:ca:df:f1:c3:7f:ba:67: e7:d0:90:ce:83:6b:be:bb:f9:7d:69:9e:a5:1b:1b: 8a:9e:9e:df:9d:45:6c:d8:ab:8d:2a:d4:b0:f5:9d: 3e:18:51:f5:d7:1b:e8:22:75:f6:5f:a3:fd:df:b8: 23:45:95:2e:6e:e5:b7:f6:0f:eb:18:aa:82:65:bf: c4:55:c9:b9:f8:19:43:ab:53:b7:78:93:dc:28:f8: f4:4a:60:cd:b7:6a:1d:06:84:f8:a8:43:24:dd:54: 3a:5d:b1:66:98:2e:11:c1:81:32:d4:fb:ea:ce:b4: f7:c1:92:3d:ab:f8:ea:d0:2a:6f:53:53:56:6f:07: 2c:f9:d3:1c:73:88:2b:05:49:f0:b7:74:1e:90:32: 98:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:D7:7A:61:9A:1E:BC:78:B5:F6:04:82:7B:62:46:DD:83:BA:F2:2B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.101.0.0/16 Signature Algorithm: sha256WithRSAEncryption 4f:ff:93:d4:b0:d3:63:5f:bb:50:21:54:7b:2e:47:55:38:f8: e0:fe:ac:2b:40:3e:90:a8:f3:38:b0:79:b8:37:d4:eb:1d:b6: 16:94:1c:20:8b:8d:30:2f:c3:81:af:3f:39:ca:22:31:d1:52: 9a:1d:fc:f2:63:6c:f2:67:1a:1f:c1:13:e3:2f:31:13:cd:d0: 6a:80:30:69:10:65:59:c3:ef:e8:36:35:9e:31:89:cf:f8:50: bd:d1:93:6e:b9:eb:d9:91:33:fe:9d:fa:1f:7e:ca:45:b4:2a: 09:83:66:de:0e:38:82:30:bb:55:ed:ee:54:b9:c7:27:78:45: bc:93:61:58:d1:62:f1:22:94:48:92:16:3d:19:50:c8:fd:3d: 8a:b0:d0:23:19:f1:63:30:7f:6f:8c:2f:e1:e3:62:0e:c3:a8: 6d:d5:77:13:fa:98:7a:c0:c7:55:84:d2:a8:ea:6d:17:7f:01: 9b:42:fa:7c:35:28:83:54:1e:ca:40:40:32:3b:50:b5:f7:8d: 64:4c:19:04:1a:68:1e:03:4c:a5:95:e4:01:0c:74:1f:26:43: 05:62:fe:cb:3d:d3:fb:55:35:1a:df:51:14:88:ef:1b:4b:b6: 8f:eb:19:8f:27:92:0d:66:db:41:83:7e:0e:5c:76:f9:39:b2: b2:54:7b:60 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUP760dTttxwNZyzDDQzr0mYyFJJ4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMjRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQwOTMzYTA5ODgwMWY3N2FhMDZkNDA2ZTNhMTgwMWIxMjhlNTNlNmQ4ZjU1 ZmM5ZmZkM2UyZDM1MWQ5OThkNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALvlBV6P+1rou5tOAIM9ISH1qECA37N8ulfLhnA0tZmvHHX8Psz6oQEDR35B b8hQciSMwBRjwW92yiYPc5m3N5zX5BDq7xBzGbO913RufVS78sSlf8SbIIb1GE2I fJ/dEHYMJoL4y79BDl6ieZAI6EbK3/HDf7pn59CQzoNrvrv5fWmepRsbip6e351F bNirjSrUsPWdPhhR9dcb6CJ19l+j/d+4I0WVLm7lt/YP6xiqgmW/xFXJufgZQ6tT t3iT3Cj49EpgzbdqHQaE+KhDJN1UOl2xZpguEcGBMtT76s6098GSPav46tAqb1NT Vm8HLPnTHHOIKwVJ8Ld0HpAymC0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSw13ph mh68eLX2BIJ7Ykbdg7ryKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G CSqGSIb3DQEBCwUAA4IBAQBP/5PUsNNjX7tQIVR7LkdVOPjg/qwrQD6QqPM4sHm4 N9TrHbYWlBwgi40wL8OBrz85yiIx0VKaHfzyY2zyZxofwRPjLzETzdBqgDBpEGVZ w+/oNjWeMYnP+FC90ZNuuevZkTP+nfoffspFtCoJg2beDjiCMLtV7e5UuccneEW8 k2FY0WLxIpRIkhY9GVDI/T2KsNAjGfFjMH9vjC/h42IOw6ht1XcT+ph6wMdVhNKo 6m0XfwGbQvp8NSiDVB7KQEAyO1C1941kTBkEGmgeA0ylleQBDHQfJkMFYv7LPdP7 VTUa31EUiO8bS7aP6xmPJ5INZttBg34OXHb5ObKyVHtg -----END CERTIFICATE-----Generated at Sun Jan 25 07:29:11 2026 by rpki-client