This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json) Hash identifier: rYSgNDFf9Q8JRthdJqACwdNaTQ7633OBq2XV6V/BWCs= Subject key identifier: 3A:13:E8:62:43:A6:1E:2F:87:66:46:67:34:79:06:CA:C2:DD:67:1B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 5F0A0161F0E070BB16432A55891F1043E22D4156 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa Signing time: Wed 10 Dec 2025 06:40:17 +0000 ROA not before: Wed 10 Dec 2025 06:40:17 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.166.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:0a:01:61:f0:e0:70:bb:16:43:2a:55:89:1f:10:43:e2:2d:41:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:17 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e73ab65f64afb093d2517f2c2c3ed6acab468f0586cc436acd3cab033eb0084f, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:2e:ae:c6:e1:f4:ec:5c:d1:9b:a3:46:83:c4: 6c:f5:4f:8d:7c:45:4e:77:d9:f8:41:b6:34:2f:19: 2b:2e:82:3a:c9:aa:a3:2f:26:33:61:83:22:24:e1: f0:30:81:a5:3f:bf:f3:7a:34:17:b6:2e:cd:85:74: 92:98:80:ad:b4:8c:34:36:38:c7:bd:2a:23:71:19: 02:52:9d:39:70:a4:da:d2:49:c1:85:0b:98:30:10: d3:67:2d:96:de:03:8a:39:96:95:23:9b:69:cf:43: bd:24:0d:9c:b9:c9:21:6c:c1:cd:18:a1:e2:ba:50: 05:fd:85:80:d7:61:0b:47:cf:63:2c:a8:bc:6a:e9: 84:35:b5:00:ef:6e:a7:17:57:8c:7e:86:8d:cc:2c: 3b:24:b4:05:eb:7f:37:3a:74:52:21:ef:f2:90:5a: 0d:82:ee:4f:37:99:3c:08:8f:46:c2:c8:c3:c9:65: b4:32:b4:c3:f9:f2:6c:38:5d:99:78:f4:f4:f1:38: 04:2b:86:23:aa:ad:f4:8a:ce:9b:49:af:d7:95:06: b5:07:59:26:61:16:96:95:cf:bd:51:e3:b7:78:7e: 30:ec:57:17:bc:1f:20:7e:fb:d2:2b:91:f1:d6:6f: 0f:cf:0b:86:2b:ed:7b:75:0e:2c:0e:3e:84:83:d5: e9:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:13:E8:62:43:A6:1E:2F:87:66:46:67:34:79:06:CA:C2:DD:67:1B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.166.0.0/15 Signature Algorithm: sha256WithRSAEncryption 6b:70:39:6b:aa:a8:a7:f6:63:79:d4:61:a2:82:d2:2c:13:34: 3f:d6:2c:59:c2:6d:35:fb:cd:59:53:0c:08:d7:9a:fc:ab:f3: 23:f8:66:ff:9e:e6:a0:98:e1:c8:bc:b4:ea:02:0a:13:9d:89: 99:5d:85:41:4d:60:7c:d4:e6:6f:0b:a5:a4:5b:d3:0f:b3:bd: e8:e5:51:2c:fc:b9:f4:36:fb:01:31:82:40:22:48:4f:fe:86: c6:c0:29:f0:9b:f2:de:8d:db:e6:3f:c1:16:24:a2:c2:38:f1: da:1a:d3:64:46:1c:23:7d:ad:05:0f:72:c1:12:ed:1e:2e:36: 59:a9:5a:49:4b:ee:b0:3c:7d:fd:6e:2b:b2:01:47:fe:4f:6a: 2f:2c:2b:0a:93:8b:ab:42:dc:5f:b4:06:4a:83:33:ba:0b:4d: 1b:68:f2:b4:a3:cf:58:23:6e:28:48:d7:2a:25:da:e2:fe:72: 7f:49:c6:a0:00:ce:40:b8:d1:a2:40:d9:94:1e:6e:4f:35:10: 38:3c:42:cf:53:fe:db:99:80:01:a4:dc:63:16:07:1e:af:7f: 13:2c:ff:fd:f2:69:31:83:66:03:47:0d:48:14:16:3f:24:eb: 09:59:af:f2:fb:a2:5b:e0:26:36:10:fd:15:24:c0:e9:a4:f5: dd:af:75:78 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUXwoBYfDgcLsWQypViR8QQ+ItQVYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMTdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU3M2FiNjVmNjRhZmIwOTNkMjUxN2YyYzJjM2VkNmFjYWI0NjhmMDU4NmNj NDM2YWNkM2NhYjAzM2ViMDA4NGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQursbh9Oxc0ZujRoPEbPVPjXxFTnfZ+EG2NC8ZKy6COsmqoy8mM2GDIiTh 8DCBpT+/83o0F7YuzYV0kpiArbSMNDY4x70qI3EZAlKdOXCk2tJJwYULmDAQ02ct lt4DijmWlSObac9DvSQNnLnJIWzBzRih4rpQBf2FgNdhC0fPYyyovGrphDW1AO9u pxdXjH6GjcwsOyS0Bet/Nzp0UiHv8pBaDYLuTzeZPAiPRsLIw8lltDK0w/nybDhd mXj09PE4BCuGI6qt9IrOm0mv15UGtQdZJmEWlpXPvVHjt3h+MOxXF7wfIH770iuR 8dZvD88Lhivte3UOLA4+hIPV6f8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6E+hi Q6YeL4dmRmc0eQbKwt1nGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G CSqGSIb3DQEBCwUAA4IBAQBrcDlrqqin9mN51GGigtIsEzQ/1ixZwm01+81ZUwwI 15r8q/Mj+Gb/nuagmOHIvLTqAgoTnYmZXYVBTWB81OZvC6WkW9MPs73o5VEs/Ln0 NvsBMYJAIkhP/obGwCnwm/LejdvmP8EWJKLCOPHaGtNkRhwjfa0FD3LBEu0eLjZZ qVpJS+6wPH39biuyAUf+T2ovLCsKk4urQtxftAZKgzO6C00baPK0o89YI24oSNcq Jdri/nJ/ScagAM5AuNGiQNmUHm5PNRA4PELPU/7bmYABpNxjFgcer38TLP/98mkx g2YDRw1IFBY/JOsJWa/y+6Jb4CY2EP0VJMDppPXdr3V4 -----END CERTIFICATE-----Generated at Mon Dec 15 20:21:05 2025 by rpki-client