This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json) Hash identifier: wy7gKKkS/dtMxq+rmrPM6zdEZsVDuwUxnZNW2B4iITs= Subject key identifier: E7:2B:E3:26:6E:F2:6C:42:FA:A0:AD:30:43:45:DC:3C:06:5F:7E:06 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 067F8E992A91D7F306F7708D03495184C2D942B6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa Signing time: Wed 10 Dec 2025 06:50:46 +0000 ROA not before: Wed 10 Dec 2025 06:50:46 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.196.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:7f:8e:99:2a:91:d7:f3:06:f7:70:8d:03:49:51:84:c2:d9:42:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:46 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=87748ca176936745b951c5ade35c8ae673ebad6881a3098e87c161ce2b9cee9d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:d0:4b:d8:04:a7:f8:4b:9c:a7:fb:35:a5:08: 12:0b:eb:82:a2:f7:84:c8:12:81:06:3e:3d:bb:66: d6:8c:d3:b9:2c:dc:35:6a:d9:3c:6e:b5:f9:1b:60: ac:fd:53:4c:d2:83:dc:4c:6d:f5:c0:ec:a7:1c:6e: 5b:14:ab:db:8b:f7:aa:68:af:d1:17:89:d9:7b:fa: 2c:9f:35:fa:1d:39:ee:e7:e6:a4:6d:3e:b5:12:d4: 99:4e:e6:38:0f:d3:e9:1b:45:48:27:a4:a9:17:39: f1:68:e8:17:3c:5c:a9:9c:69:65:ac:11:32:23:96: ee:98:4a:e7:0e:c3:ce:d4:9b:41:70:60:77:59:f3: 48:3b:95:37:d0:8a:84:e1:28:63:e1:20:e5:f9:29: fe:5a:61:2d:4b:b9:89:25:b2:7a:ff:ab:c4:85:2f: 5d:da:69:48:3f:88:23:d8:04:71:fe:47:0c:e6:85: 96:a6:04:87:a9:84:39:b6:d9:f9:cc:ff:69:5b:10: 0b:60:7b:a9:c7:ab:62:8f:e8:65:00:cb:6d:06:ed: d3:12:30:90:58:6d:02:9e:10:89:92:c9:5c:27:ee: 10:dc:47:55:02:c7:97:ef:9b:be:38:7c:48:30:95: 31:35:39:d0:77:57:29:2d:3d:73:88:7d:5c:62:b0: b7:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:2B:E3:26:6E:F2:6C:42:FA:A0:AD:30:43:45:DC:3C:06:5F:7E:06 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.196.0.0/15 Signature Algorithm: sha256WithRSAEncryption 69:3d:5d:0c:7a:05:5c:64:c5:37:a5:75:46:51:58:8d:00:35: d6:20:52:c6:9a:14:ee:e1:99:3f:2a:f2:ed:54:8d:8a:8a:a0: 1a:6d:59:26:98:15:e9:e8:96:e1:36:79:d8:67:b6:1a:49:d5: 72:10:14:38:1b:c1:64:be:a7:54:81:b8:49:15:89:50:e7:91: 04:96:fb:1d:ed:cf:2e:b7:59:6b:7c:f6:5f:bb:0b:ec:34:54: 5f:5a:3d:fc:33:33:d9:2f:dc:74:10:63:ef:5e:80:33:b4:89: 51:f0:f2:db:c0:a9:a1:e6:e0:0d:d7:b6:21:54:f2:b8:f6:09: e5:57:d2:d6:ad:40:b9:0b:62:ae:9f:01:a3:b9:48:aa:50:91: d0:70:ea:0c:33:66:fe:82:b4:3d:94:77:b1:1c:df:e0:f7:d8: c0:12:f0:e1:08:b2:b0:f3:6d:f5:97:b3:06:71:92:b7:06:6d: 61:b5:2a:09:b8:ea:fb:5f:f9:ed:fb:f1:65:3c:6e:6a:cd:b8: ab:8f:16:1a:79:9c:3c:d2:3f:9d:b1:26:43:3a:4c:71:90:9e: ca:d8:11:b9:5d:e8:a5:ae:d9:9d:48:7a:5b:ea:b6:af:b8:6d: 75:d4:cd:d2:d6:f0:00:6d:d3:59:da:cb:ff:57:c6:3e:ce:05: 8f:89:7f:78 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUBn+OmSqR1/MG93CNA0lRhMLZQrYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDg3NzQ4Y2ExNzY5MzY3NDViOTUxYzVhZGUzNWM4YWU2NzNlYmFkNjg4MWEz MDk4ZTg3YzE2MWNlMmI5Y2VlOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO/QS9gEp/hLnKf7NaUIEgvrgqL3hMgSgQY+Pbtm1ozTuSzcNWrZPG61+Rtg rP1TTNKD3Ext9cDspxxuWxSr24v3qmiv0ReJ2Xv6LJ81+h057ufmpG0+tRLUmU7m OA/T6RtFSCekqRc58WjoFzxcqZxpZawRMiOW7phK5w7DztSbQXBgd1nzSDuVN9CK hOEoY+Eg5fkp/lphLUu5iSWyev+rxIUvXdppSD+II9gEcf5HDOaFlqYEh6mEObbZ +cz/aVsQC2B7qcerYo/oZQDLbQbt0xIwkFhtAp4QiZLJXCfuENxHVQLHl++bvjh8 SDCVMTU50HdXKS09c4h9XGKwt3MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTnK+Mm bvJsQvqgrTBDRdw8Bl9+BjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G CSqGSIb3DQEBCwUAA4IBAQBpPV0MegVcZMU3pXVGUViNADXWIFLGmhTu4Zk/KvLt VI2KiqAabVkmmBXp6JbhNnnYZ7YaSdVyEBQ4G8FkvqdUgbhJFYlQ55EElvsd7c8u t1lrfPZfuwvsNFRfWj38MzPZL9x0EGPvXoAztIlR8PLbwKmh5uAN17YhVPK49gnl V9LWrUC5C2KunwGjuUiqUJHQcOoMM2b+grQ9lHexHN/g99jAEvDhCLKw8231l7MG cZK3Bm1htSoJuOr7X/nt+/FlPG5qzbirjxYaeZw80j+dsSZDOkxxkJ7K2BG5Xeil rtmdSHpb6ravuG111M3S1vAAbdNZ2sv/V8Y+zgWPiX94 -----END CERTIFICATE-----Generated at Tue Dec 16 07:00:57 2025 by rpki-client