This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json) Hash identifier: WO6TDF8y7NypxKmOxSS5ELzBk7kZ5vt/6zUXU/UkAVQ= Subject key identifier: 36:B8:3C:4E:11:AE:41:EA:FC:44:9B:DC:52:D8:6E:C7:57:80:16:23 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 7EDA22214F363AAA1D32915A35DFC41F7461A839 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa Signing time: Tue 18 Nov 2025 00:40:32 +0000 ROA not before: Tue 18 Nov 2025 00:40:32 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.21.183.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:da:22:21:4f:36:3a:aa:1d:32:91:5a:35:df:c4:1f:74:61:a8:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:32 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=cf90ccee45f540125505a15ff20fa2fa757796c396643e0d8dd4196280a075b6, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:26:b3:53:da:9b:68:1c:5c:45:41:de:8b:e4: 3c:eb:42:eb:c1:81:79:06:44:2d:bd:5b:7f:67:0d: 9c:ff:35:9e:31:48:06:4c:30:75:12:f4:c3:9e:74: c2:ef:42:22:19:50:d1:5c:ef:93:cd:2b:e7:8c:dc: 6a:d6:02:60:2b:b0:82:b6:4f:04:00:af:32:5f:2c: ff:6b:3c:b4:b9:28:23:7e:d9:9d:81:79:57:d7:40: b9:ea:5e:d1:a1:46:f5:7b:2d:bf:e6:b2:6d:14:8f: 72:10:9b:2d:f4:06:0d:57:60:89:69:7f:48:bf:19: 13:d8:89:3d:99:f4:74:82:f6:a7:4e:d8:85:dc:d5: f8:91:eb:07:9c:d9:ff:d1:43:1c:d2:e6:8c:1a:e9: 3e:0a:47:d6:23:43:90:fd:05:c8:ab:25:5d:7b:78: 0c:33:6c:c9:12:d2:8a:d9:ff:de:be:c7:81:f6:55: c8:a5:c6:2f:7e:93:f8:81:8d:6f:f9:df:c8:59:f6: 6f:36:6e:de:31:49:2d:ae:7f:2c:0a:07:29:d8:33: 64:55:b0:e9:92:35:2b:08:8a:22:8b:e4:a1:40:32: 25:56:da:50:74:94:e0:3d:23:bd:c7:4b:27:b2:42: 42:c4:d3:15:68:b4:ed:24:47:c5:ea:95:7a:07:d5: 72:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:B8:3C:4E:11:AE:41:EA:FC:44:9B:DC:52:D8:6E:C7:57:80:16:23 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.21.183.0/24 Signature Algorithm: sha256WithRSAEncryption b4:7e:25:c2:53:30:b9:dc:f4:a6:04:23:99:03:fe:7c:00:28: 7a:62:5a:5c:2e:f5:95:69:12:d1:be:4e:84:23:64:9e:4a:fc: 1f:57:78:82:98:78:11:5d:c8:37:a5:81:2b:e1:eb:9d:db:1f: 96:57:b3:93:e2:04:8e:d9:c0:47:08:f2:65:16:ed:0a:43:6a: ca:4a:99:59:b5:ba:f3:69:59:e0:22:63:e3:ff:c8:8e:5b:8e: 66:3f:52:62:a9:38:a7:e2:27:2f:f6:14:75:30:f8:82:66:c3: 82:7a:e5:f2:29:4d:6f:e5:4b:a9:14:56:f5:39:52:af:9d:bf: 8b:06:98:ac:99:00:d0:c3:69:ed:dd:5c:56:4f:48:31:62:a0: 21:c4:7f:6c:4b:b2:3d:ff:1a:0d:fe:a3:bb:41:15:e6:80:b7: 90:47:54:e2:b9:e6:51:f0:ba:dd:22:14:e2:fe:8f:72:4b:1d: b7:72:f9:05:80:01:13:3a:33:10:a5:12:c1:b4:a2:5f:a1:ce: 7a:37:cc:4e:45:76:e8:67:7a:2f:0f:8e:48:e9:48:89:ab:8a: fc:97:18:d2:ba:d9:48:89:b8:21:02:08:f8:f3:90:b5:11:58: 11:52:7c:9e:b5:31:6f:24:cf:b6:cc:00:87:e0:e9:b9:f7:aa: 5a:3f:82:75 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUftoiIU82OqodMpFaNd/EH3RhqDkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMzJaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGNmOTBjY2VlNDVmNTQwMTI1NTA1YTE1ZmYyMGZhMmZhNzU3Nzk2YzM5NjY0 M2UwZDhkZDQxOTYyODBhMDc1YjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANoms1Pam2gcXEVB3ovkPOtC68GBeQZELb1bf2cNnP81njFIBkwwdRL0w550 wu9CIhlQ0Vzvk80r54zcatYCYCuwgrZPBACvMl8s/2s8tLkoI37ZnYF5V9dAuepe 0aFG9Xstv+aybRSPchCbLfQGDVdgiWl/SL8ZE9iJPZn0dIL2p07YhdzV+JHrB5zZ /9FDHNLmjBrpPgpH1iNDkP0FyKslXXt4DDNsyRLSitn/3r7HgfZVyKXGL36T+IGN b/nfyFn2bzZu3jFJLa5/LAoHKdgzZFWw6ZI1KwiKIovkoUAyJVbaUHSU4D0jvcdL J7JCQsTTFWi07SRHxeqVegfVclUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ2uDxO Ea5B6vxEm9xS2G7HV4AWIzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN BgkqhkiG9w0BAQsFAAOCAQEAtH4lwlMwudz0pgQjmQP+fAAoemJaXC71lWkS0b5O hCNknkr8H1d4gph4EV3IN6WBK+Hrndsfllezk+IEjtnARwjyZRbtCkNqykqZWbW6 82lZ4CJj4//IjluOZj9SYqk4p+InL/YUdTD4gmbDgnrl8ilNb+VLqRRW9TlSr52/ iwaYrJkA0MNp7d1cVk9IMWKgIcR/bEuyPf8aDf6ju0EV5oC3kEdU4rnmUfC63SIU 4v6Pcksdt3L5BYABEzozEKUSwbSiX6HOejfMTkV26Gd6Lw+OSOlIiauK/JcY0rrZ SIm4IQII+POQtRFYEVJ8nrUxbyTPtswAh+DpufeqWj+CdQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:35 2025 by rpki-client