This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json) Hash identifier: P30nE7lG5Efd0nk8oAX3X6Xhq+n1VuNb8TRBWImXXqQ= Subject key identifier: 7A:70:89:C5:C1:5A:35:0D:2F:DE:FF:72:7A:BD:AA:B5:0D:FA:95:B8 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6FB9A432AF46874AAB546A69D1AFFB08CE65D173 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa Signing time: Sat 15 Nov 2025 06:50:05 +0000 ROA not before: Sat 15 Nov 2025 06:50:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.166.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:b9:a4:32:af:46:87:4a:ab:54:6a:69:d1:af:fb:08:ce:65:d1:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=08032fd71b6de6d439c24d75d30a58198eb15e61f2d020154bb82d5d95dbf210, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:7a:c7:50:3d:cd:b3:23:3f:9d:86:9e:cd:23: 4a:5d:6a:3d:d4:b4:5d:49:86:59:8a:bb:7c:72:8a: 7e:8f:d4:57:ae:d5:32:ac:67:69:b8:0d:88:86:13: 46:b0:a7:f6:34:4b:71:a4:e4:83:50:df:9d:92:e8: 39:92:98:54:5a:06:6a:4b:d5:b6:74:06:87:7b:13: 95:47:68:16:b7:e6:a9:5f:c7:da:91:07:7b:15:e5: 7b:2a:03:87:f6:dd:c6:07:aa:dd:02:c5:9e:6d:ff: c1:a6:e2:bc:bb:f6:a5:df:ec:c4:7c:29:c9:65:1d: 2c:d4:2c:a8:34:5f:e0:13:c1:b8:26:bc:67:dc:de: a4:73:64:a7:57:c4:53:25:6a:34:8d:58:33:fa:f5: c8:5d:1e:a5:d6:17:e6:70:4a:a0:e0:5e:d9:b2:62: 2b:e5:88:fc:02:7e:69:66:80:83:a3:da:d6:19:85: fb:8d:16:26:61:6d:62:ad:0f:21:1e:fb:28:59:11: 4e:4c:46:f3:fa:1a:da:d0:32:95:82:b2:03:05:92: 6d:74:e5:ec:e7:33:2b:b8:1b:01:aa:2c:7a:45:ea: f1:46:5e:50:f2:68:04:b1:5c:45:43:35:7d:83:c6: 80:96:80:f7:4e:dc:73:bc:04:a6:69:d5:0f:5c:d2: 27:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:70:89:C5:C1:5A:35:0D:2F:DE:FF:72:7A:BD:AA:B5:0D:FA:95:B8 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.166.0.0/15 Signature Algorithm: sha256WithRSAEncryption 8b:b8:2d:08:6e:c3:d5:a4:97:30:10:09:e6:ed:0e:c0:d7:fa: a5:87:5f:fa:2d:fc:78:eb:e3:07:b1:32:5b:f0:6b:0e:1c:0b: 5f:13:11:f0:84:77:f6:9c:cc:d1:d8:9b:09:28:40:58:b3:7b: 09:cc:e9:1c:b8:de:e7:d3:e6:24:64:5c:46:1a:2d:49:ad:a7: 65:0b:3a:d0:a9:e0:91:c3:88:cc:e6:2a:fe:62:c8:bc:fa:1e: 0c:25:2c:ad:0c:52:ad:e7:8a:d2:a4:53:d1:fe:dc:e7:69:da: 12:d6:fe:bd:03:62:51:46:45:45:e7:56:de:8e:62:a2:6b:ca: 08:ec:c1:e3:a0:1e:5e:a7:c0:cb:a7:7d:d7:20:4d:a0:19:b0: fc:cf:2c:30:bc:bb:b8:d8:b2:86:9c:96:d4:5f:f5:50:84:10: f0:4b:c9:d3:0b:b8:01:0a:09:d9:e7:6b:8b:f6:56:9e:ab:95: d3:e3:9e:4d:d4:6d:ad:02:cb:d7:1d:65:db:af:e1:5f:a6:48: 44:2f:f8:8b:f4:c0:9f:c1:10:52:6b:bf:03:e8:ea:7a:f0:ba: 12:55:52:da:71:07:71:6f:cf:aa:44:68:86:95:d5:db:aa:95: cf:8d:a1:83:c8:2b:20:8e:1f:bf:71:dc:bb:29:66:a9:28:cd: 3c:42:6f:ab -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUb7mkMq9Gh0qrVGpp0a/7CM5l0XMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA4MDMyZmQ3MWI2ZGU2ZDQzOWMyNGQ3NWQzMGE1ODE5OGViMTVlNjFmMmQw MjAxNTRiYjgyZDVkOTVkYmYyMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOl6x1A9zbMjP52Gns0jSl1qPdS0XUmGWYq7fHKKfo/UV67VMqxnabgNiIYT RrCn9jRLcaTkg1DfnZLoOZKYVFoGakvVtnQGh3sTlUdoFrfmqV/H2pEHexXleyoD h/bdxgeq3QLFnm3/wabivLv2pd/sxHwpyWUdLNQsqDRf4BPBuCa8Z9zepHNkp1fE UyVqNI1YM/r1yF0epdYX5nBKoOBe2bJiK+WI/AJ+aWaAg6Pa1hmF+40WJmFtYq0P IR77KFkRTkxG8/oa2tAylYKyAwWSbXTl7OczK7gbAaosekXq8UZeUPJoBLFcRUM1 fYPGgJaA907cc7wEpmnVD1zSJ18CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR6cInF wVo1DS/e/3J6vaq1DfqVuDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G CSqGSIb3DQEBCwUAA4IBAQCLuC0IbsPVpJcwEAnm7Q7A1/qlh1/6Lfx46+MHsTJb 8GsOHAtfExHwhHf2nMzR2JsJKEBYs3sJzOkcuN7n0+YkZFxGGi1JradlCzrQqeCR w4jM5ir+Ysi8+h4MJSytDFKt54rSpFPR/tznadoS1v69A2JRRkVF51bejmKia8oI 7MHjoB5ep8DLp33XIE2gGbD8zywwvLu42LKGnJbUX/VQhBDwS8nTC7gBCgnZ52uL 9laeq5XT455N1G2tAsvXHWXbr+FfpkhEL/iL9MCfwRBSa78D6Op68LoSVVLacQdx b8+qRGiGldXbqpXPjaGDyCsgjh+/cdy7KWapKM08Qm+r -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:54 2025 by rpki-client