This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json) Hash identifier: wCvPDIg/a2y5MBTUNJicPEF+Bvy47eqW/OooRYe7jcw= Subject key identifier: 8B:88:83:82:A4:3B:3E:ED:58:EA:FB:1F:50:E8:45:1F:F5:99:82:8D Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1EA729FEC2373157BC051A8CD9DDB0A90F318AB9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa Signing time: Sun 16 Nov 2025 01:00:16 +0000 ROA not before: Sun 16 Nov 2025 01:00:16 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:a7:29:fe:c2:37:31:57:bc:05:1a:8c:d9:dd:b0:a9:0f:31:8a:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:16 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=a9ac26c3010ecdaa1d184842b391d3e6d92ba01a84114b12adc83a983646b375, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:77:d9:3c:85:09:52:2a:a4:e2:44:f5:6f:f8: b4:bf:b8:e2:04:7a:28:bb:2d:ed:02:6c:77:96:f0: 39:5c:27:2c:a5:fd:3d:2a:5c:63:cc:1f:c0:17:d1: db:cf:13:da:ee:ba:6d:6a:94:49:53:de:07:c1:1c: 8a:50:12:c7:dd:56:03:37:23:06:24:25:f2:ec:af: 2a:d6:26:79:68:ca:ca:7c:40:ad:69:47:db:f0:14: a8:83:0f:83:4b:bc:bf:53:94:41:16:a8:4b:83:88: ee:69:67:be:39:15:71:84:ea:d0:32:e2:1c:c7:ca: 35:80:4b:77:70:ff:0c:c1:c4:0b:d2:f4:92:d3:33: 11:12:d3:51:09:39:a4:a8:65:18:3c:f5:ff:36:c5: 66:bb:fe:2c:da:05:e7:4e:f7:08:d4:ba:f0:cf:02: 37:5d:fc:95:78:52:9e:fc:1d:17:c7:d9:99:7e:69: ba:33:66:94:47:b5:74:7f:76:f2:f0:55:20:f2:9b: 22:28:2c:a7:e7:43:8d:56:12:ec:ed:e9:51:b4:62: c5:28:b1:bb:c1:a4:d3:d7:8e:d3:73:21:e3:c9:08: a7:f2:93:fc:15:0a:0c:06:ef:16:c4:83:23:7d:56: ef:58:98:49:49:f8:3e:4f:24:72:b4:15:df:05:94: ed:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:88:83:82:A4:3B:3E:ED:58:EA:FB:1F:50:E8:45:1F:F5:99:82:8D X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.205.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:c1:e4:ab:06:e1:a7:a5:3a:24:45:f6:a0:17:55:ac:80:92: f4:d2:86:2a:e0:b2:2e:24:78:2e:ba:33:d0:76:51:db:96:3e: 07:f1:62:5b:32:8e:07:c0:b4:84:1b:7e:6c:f3:68:ef:c9:9c: 1b:b9:b5:0d:85:24:10:10:fb:4e:b5:d9:7b:22:d5:f1:43:e7: 2c:d4:e8:39:54:64:af:3e:20:cd:c0:79:6c:0a:71:10:8b:e0: db:f4:3d:53:53:d6:9d:99:b0:24:7c:2e:2b:7e:98:54:6b:89: a3:78:20:71:3c:b4:51:b9:64:f4:db:5a:25:54:6f:2c:7f:43: 46:6e:05:67:a0:cd:d7:9a:26:e1:cc:7f:01:8e:5b:c5:11:f5: 31:ae:46:d9:c0:2b:bb:13:70:98:bd:e7:22:bd:ba:2c:0f:4d: f2:09:4e:07:60:9a:69:f3:f9:13:46:fb:6d:d0:78:04:eb:24: a3:97:13:37:5a:ae:c9:38:fd:d9:f2:1a:de:8a:f0:f4:09:3f: b5:a1:82:c3:dd:e4:55:2e:9d:9f:76:cb:03:3f:a1:7c:cc:93: 23:d2:5c:29:da:e5:11:91:03:a0:e7:f0:b8:0b:d7:5e:12:80: b6:ec:2e:3d:c4:6c:3e:cf:65:ca:aa:fd:62:57:97:33:28:d8: 0a:0a:49:9a -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUHqcp/sI3MVe8BRqM2d2wqQ8xirkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMTZaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGE5YWMyNmMzMDEwZWNkYWExZDE4NDg0MmIzOTFkM2U2ZDkyYmEwMWE4NDEx NGIxMmFkYzgzYTk4MzY0NmIzNzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMN32TyFCVIqpOJE9W/4tL+44gR6KLst7QJsd5bwOVwnLKX9PSpcY8wfwBfR 288T2u66bWqUSVPeB8EcilASx91WAzcjBiQl8uyvKtYmeWjKynxArWlH2/AUqIMP g0u8v1OUQRaoS4OI7mlnvjkVcYTq0DLiHMfKNYBLd3D/DMHEC9L0ktMzERLTUQk5 pKhlGDz1/zbFZrv+LNoF5073CNS68M8CN138lXhSnvwdF8fZmX5pujNmlEe1dH92 8vBVIPKbIigsp+dDjVYS7O3pUbRixSixu8Gk09eO03Mh48kIp/KT/BUKDAbvFsSD I31W71iYSUn4Pk8kcrQV3wWU7W0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSLiIOC pDs+7Vjq+x9Q6EUf9ZmCjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN BgkqhkiG9w0BAQsFAAOCAQEATsHkqwbhp6U6JEX2oBdVrICS9NKGKuCyLiR4Lroz 0HZR25Y+B/FiWzKOB8C0hBt+bPNo78mcG7m1DYUkEBD7TrXZeyLV8UPnLNToOVRk rz4gzcB5bApxEIvg2/Q9U1PWnZmwJHwuK36YVGuJo3ggcTy0Ublk9NtaJVRvLH9D Rm4FZ6DN15om4cx/AY5bxRH1Ma5G2cAruxNwmL3nIr26LA9N8glOB2CaafP5E0b7 bdB4BOsko5cTN1quyTj92fIa3orw9Ak/taGCw93kVS6dn3bLAz+hfMyTI9JcKdrl EZEDoOfwuAvXXhKAtuwuPcRsPs9lyqr9YleXMyjYCgpJmg== -----END CERTIFICATE-----Generated at Sat Dec 6 21:36:57 2025 by rpki-client