This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json) Hash identifier: NiX6lO26qwbkzW3i3hCW6aDyu+hu6kpSIXF5fYne02s= Subject key identifier: 8A:B0:89:9D:77:06:D4:DE:AE:8E:07:66:7E:E3:CE:CC:CC:3F:1F:E3 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 43A2C1E77983CF87CECE6EFD034804FFF9E639FE Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa Signing time: Sat 15 Nov 2025 06:50:47 +0000 ROA not before: Sat 15 Nov 2025 06:50:47 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.200.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:a2:c1:e7:79:83:cf:87:ce:ce:6e:fd:03:48:04:ff:f9:e6:39:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:47 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9bf8f5194921d829954b31c22c0a222935ce3f3d39485404d67ff9bc0fca0014, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:42:5c:af:f2:db:f0:84:36:bc:b7:99:2c:1c: 5e:cc:30:2e:e1:c1:5f:04:20:86:12:eb:25:b2:f1: f1:3e:00:f7:41:16:a9:8f:e5:c8:d3:70:75:c1:4b: 70:f7:f6:7e:6e:1a:36:94:f3:38:43:2e:85:42:9c: 95:7e:50:eb:fe:b3:0e:e2:78:a5:45:d3:f3:c3:08: 8b:cc:d1:1b:34:55:45:8a:48:4c:11:f7:8a:99:67: 66:4d:d2:f5:ce:2b:35:40:70:0b:e1:f8:a7:4c:02: 2e:73:56:77:14:f6:91:0c:48:22:d9:01:66:f4:e6: 6e:bb:5b:70:b7:c5:eb:a9:35:df:3c:6f:88:d5:a8: 95:cb:55:42:c0:41:25:0a:f0:40:33:15:cf:30:11: 6f:dc:b8:5f:95:d2:7f:1a:8a:94:5a:69:ea:7e:ac: 86:d3:2d:89:6b:de:e4:b1:af:22:08:6b:34:2b:2a: 1c:76:49:9b:4f:da:df:ed:29:04:e4:42:ec:3f:9d: 32:1c:9e:d8:93:4d:0f:62:a9:cd:25:a2:2a:6e:0a: 51:3e:0f:ee:0d:aa:e9:ac:f0:1b:be:89:81:52:14: 56:77:7b:4a:cd:eb:68:8c:76:67:6b:7d:07:cd:2f: a9:cd:8b:47:e8:98:8e:40:f4:a9:61:4d:3f:32:89: 7e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:B0:89:9D:77:06:D4:DE:AE:8E:07:66:7E:E3:CE:CC:CC:3F:1F:E3 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.200.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7d:ca:ca:99:c1:97:fd:95:0f:59:43:34:09:2d:2b:6b:60:8c: 0c:aa:96:53:09:85:7c:99:a2:60:5e:35:37:eb:e6:83:bf:83: 96:4e:42:ab:61:7a:57:6b:1f:2c:02:b1:d9:bb:b8:50:31:b8: 03:8f:ec:71:ec:74:5f:32:bc:41:3b:b0:cc:3a:0b:66:f3:58: 94:f6:96:ec:fb:3b:de:8d:d7:a6:88:64:53:98:dc:74:59:34: 7b:fa:08:1e:60:fb:83:b2:57:f7:5b:27:d2:bc:35:b2:5a:e2: 37:2e:71:7a:17:f7:0d:3f:8e:a7:3d:68:a1:dd:47:09:fc:5b: d2:fb:b9:85:d6:e4:1c:8f:0f:3a:77:8b:d5:19:d6:1a:52:cf: 68:f6:28:e3:f2:14:98:79:43:22:83:b0:48:0c:e0:be:43:50: f1:7d:13:97:d6:f3:12:d9:6c:a3:d6:19:27:8c:6d:7f:07:05: 12:9a:bc:91:08:e8:e2:03:bb:86:02:ba:40:14:a2:da:9f:58: bd:01:ee:82:6f:61:4a:0f:c0:db:7b:1a:3b:05:5f:d9:dc:09: 63:44:5c:b1:01:60:03:4c:ba:96:b8:34:f0:7e:34:ba:31:1f: 8a:f3:25:8e:3e:8c:02:6f:4e:d5:bf:fe:47:bc:b1:0e:ee:b4: 75:b9:e4:4c -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUQ6LB53mDz4fOzm79A0gE//nmOf4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDliZjhmNTE5NDkyMWQ4Mjk5NTRiMzFjMjJjMGEyMjI5MzVjZTNmM2QzOTQ4 NTQwNGQ2N2ZmOWJjMGZjYTAwMTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOlCXK/y2/CENry3mSwcXswwLuHBXwQghhLrJbLx8T4A90EWqY/lyNNwdcFL cPf2fm4aNpTzOEMuhUKclX5Q6/6zDuJ4pUXT88MIi8zRGzRVRYpITBH3iplnZk3S 9c4rNUBwC+H4p0wCLnNWdxT2kQxIItkBZvTmbrtbcLfF66k13zxviNWolctVQsBB JQrwQDMVzzARb9y4X5XSfxqKlFpp6n6shtMtiWve5LGvIghrNCsqHHZJm0/a3+0p BORC7D+dMhye2JNND2KpzSWiKm4KUT4P7g2q6azwG76JgVIUVnd7Ss3raIx2Z2t9 B80vqc2LR+iYjkD0qWFNPzKJfjsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKsImd dwbU3q6OB2Z+487MzD8f4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G CSqGSIb3DQEBCwUAA4IBAQB9ysqZwZf9lQ9ZQzQJLStrYIwMqpZTCYV8maJgXjU3 6+aDv4OWTkKrYXpXax8sArHZu7hQMbgDj+xx7HRfMrxBO7DMOgtm81iU9pbs+zve jdemiGRTmNx0WTR7+ggeYPuDslf3WyfSvDWyWuI3LnF6F/cNP46nPWih3UcJ/FvS +7mF1uQcjw86d4vVGdYaUs9o9ijj8hSYeUMig7BIDOC+Q1DxfROX1vMS2Wyj1hkn jG1/BwUSmryRCOjiA7uGArpAFKLan1i9Ae6Cb2FKD8Dbexo7BV/Z3AljRFyxAWAD TLqWuDTwfjS6MR+K8yWOPowCb07Vv/5HvLEO7rR1ueRM -----END CERTIFICATE-----Generated at Sat Dec 6 14:42:37 2025 by rpki-client