This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json) Hash identifier: Gfin/Z5RjborB02aitvNLldcci0iUCGwPY51XVvgXlI= Subject key identifier: 5F:CB:55:18:52:CC:89:CE:31:0A:DE:BF:E6:D9:70:BD:B2:4B:55:AB Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5345F142AFAE6479075C9DC2F67AB4AF38CFCBA6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa Signing time: Sat 15 Nov 2025 06:50:44 +0000 ROA not before: Sat 15 Nov 2025 06:50:44 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.196.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:45:f1:42:af:ae:64:79:07:5c:9d:c2:f6:7a:b4:af:38:cf:cb:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:44 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f247cfa3bba74a26e27fb897be5213d6e81e415dca15f99d8d49447ab5df3040, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:a8:63:04:e7:9a:ce:ef:b6:fc:b2:f5:9f:54: 05:9a:85:f7:89:7e:c8:01:da:99:7e:6c:62:e5:5c: 66:07:33:b7:af:5b:92:1c:bd:a4:09:d7:f3:c3:00: 5f:71:fd:fc:6f:e6:00:4c:82:fd:2b:33:28:e6:92: ba:c1:78:ae:de:b7:bc:f3:ce:47:58:9a:9a:42:ea: 83:51:a6:1f:53:6a:80:cb:0f:31:78:a2:a0:3c:15: a9:64:e2:da:ac:bc:71:41:b7:16:65:11:c9:b3:e7: 89:9d:a7:5e:a7:a2:1f:1f:34:f4:7e:09:c1:a0:5c: c4:70:ae:a5:a6:d8:03:67:d5:31:79:cb:28:c4:c7: c8:44:8a:6a:6c:06:dc:a1:c2:cf:ea:58:4b:21:40: fd:43:c2:3f:45:f6:e0:17:15:af:6d:1e:02:bf:8a: 4a:64:4a:ff:2f:03:dd:2f:52:ef:f6:0b:8c:f8:21: 02:af:fb:44:22:07:64:18:59:0c:d9:82:41:39:60: ea:7e:4f:8f:90:0f:5b:5a:30:4b:14:e8:a7:b5:39: 39:00:49:cd:1c:ee:ea:5d:ec:7a:80:9d:36:12:d1: ce:ba:0b:49:7d:db:75:6b:05:41:29:4e:3b:11:3a: 07:1a:eb:f4:e9:5e:94:d0:ec:20:18:90:6e:af:e2: 8d:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:CB:55:18:52:CC:89:CE:31:0A:DE:BF:E6:D9:70:BD:B2:4B:55:AB X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.196.0.0/15 Signature Algorithm: sha256WithRSAEncryption 05:8c:41:66:d9:cc:f0:41:df:2a:af:36:79:ef:38:1f:ae:58: 6d:5f:f9:8e:ee:d0:b1:b5:b5:45:bd:a2:e8:ed:c9:bf:fa:2b: fe:b3:20:a3:2f:d0:46:59:98:8b:12:6f:61:10:18:02:cf:44: c0:5b:7e:e1:df:cf:64:b9:6c:fb:5b:9a:ee:92:94:b6:aa:1d: b9:1f:47:2e:81:18:02:71:59:26:9e:4d:df:a0:4d:82:8e:44: f0:85:99:f0:86:e4:cd:82:97:ee:18:3a:7e:eb:b1:9f:98:d3: d8:4c:58:92:9c:46:17:1d:bb:04:0d:dd:2e:20:6f:b0:92:e8: 90:7d:09:eb:b2:61:13:7f:e6:9e:ef:3c:b9:0c:d0:78:a9:1b: df:e9:e3:60:1e:42:fa:81:6d:84:77:49:48:f0:0b:a0:62:34: 05:d1:29:36:47:8b:30:de:23:cc:95:27:07:80:8a:7d:0c:be: 07:7a:2a:ca:a7:63:27:7d:cb:6a:f1:a8:84:18:d3:98:bc:66: 3a:cb:84:12:d3:d5:89:63:33:c8:9d:d9:5f:ee:35:8a:23:90: ca:23:83:a3:93:d4:c4:10:f1:34:fd:56:f2:af:12:a4:45:5e: a2:99:88:e9:18:1a:94:2a:4a:da:22:da:e7:3e:52:93:84:fd: da:df:a0:ff -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUU0XxQq+uZHkHXJ3C9nq0rzjPy6YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGYyNDdjZmEzYmJhNzRhMjZlMjdmYjg5N2JlNTIxM2Q2ZTgxZTQxNWRjYTE1 Zjk5ZDhkNDk0NDdhYjVkZjMwNDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPioYwTnms7vtvyy9Z9UBZqF94l+yAHamX5sYuVcZgczt69bkhy9pAnX88MA X3H9/G/mAEyC/SszKOaSusF4rt63vPPOR1iamkLqg1GmH1NqgMsPMXiioDwVqWTi 2qy8cUG3FmURybPniZ2nXqeiHx809H4JwaBcxHCupabYA2fVMXnLKMTHyESKamwG 3KHCz+pYSyFA/UPCP0X24BcVr20eAr+KSmRK/y8D3S9S7/YLjPghAq/7RCIHZBhZ DNmCQTlg6n5Pj5APW1owSxTop7U5OQBJzRzu6l3seoCdNhLRzroLSX3bdWsFQSlO OxE6Bxrr9OlelNDsIBiQbq/ijc8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRfy1UY UsyJzjEK3r/m2XC9sktVqzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G CSqGSIb3DQEBCwUAA4IBAQAFjEFm2czwQd8qrzZ57zgfrlhtX/mO7tCxtbVFvaLo 7cm/+iv+syCjL9BGWZiLEm9hEBgCz0TAW37h389kuWz7W5rukpS2qh25H0cugRgC cVkmnk3foE2CjkTwhZnwhuTNgpfuGDp+67GfmNPYTFiSnEYXHbsEDd0uIG+wkuiQ fQnrsmETf+ae7zy5DNB4qRvf6eNgHkL6gW2Ed0lI8AugYjQF0Sk2R4sw3iPMlScH gIp9DL4HeirKp2Mnfctq8aiEGNOYvGY6y4QS09WJYzPIndlf7jWKI5DKI4Ojk9TE EPE0/VbyrxKkRV6imYjpGBqUKkraItrnPlKThP3a36D/ -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:19 2025 by rpki-client