This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json) Hash identifier: uBKkbkKO0vqSVv/Hq2ef0KOsj8ps02lizYtLFLmzcUU= Subject key identifier: 83:CC:63:89:B6:E9:8E:4E:DC:8E:FA:8F:FB:88:73:98:5F:98:14:9C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 181D53B2A257D86582F350A746E7981F8E9E0F88 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa Signing time: Tue 18 Nov 2025 00:40:09 +0000 ROA not before: Tue 18 Nov 2025 00:40:09 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.46.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:1d:53:b2:a2:57:d8:65:82:f3:50:a7:46:e7:98:1f:8e:9e:0f:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:09 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=4cc1784ea47f2c998e80b357c56fff0db75da27b92640e90585c4f1793ffd5fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:76:2f:67:6c:73:f2:95:cd:eb:78:f4:05:2b: 18:6e:00:07:14:be:ba:22:0c:bd:c0:a9:fb:34:82: 43:28:f3:d8:52:f6:c5:c7:df:a6:2f:21:c1:f8:b5: db:49:7a:e9:0c:dc:c3:a4:43:c8:71:9e:fe:8f:d3: f8:38:74:bb:04:10:dc:e9:2f:c2:d2:f5:36:1f:2e: 9e:35:1f:83:73:df:78:18:c0:ce:90:fd:cf:92:08: ea:3e:35:6c:1d:38:bb:aa:99:69:c0:4d:d3:f1:90: 2f:8d:0d:4e:58:25:43:f0:b5:a3:98:ff:d7:42:f4: eb:9b:95:68:0c:29:eb:95:72:01:7b:36:b7:9d:1d: 19:94:9f:d6:66:bb:52:76:3e:8c:54:cf:12:44:ac: ca:8a:bb:2f:b1:55:95:be:b9:85:f4:34:6c:01:6e: 2f:a1:8c:2c:e5:e5:47:0c:2e:35:4a:56:c8:92:77: 8a:a7:b0:cd:f4:63:11:e5:58:16:89:2b:7f:a2:4c: 6f:f4:93:11:b1:49:be:9a:fd:aa:82:ec:2d:8d:14: 6a:f4:e2:7c:f0:1a:10:6c:79:39:a4:70:96:3a:af: 9e:80:e0:4c:7d:b2:be:a5:e6:90:23:b1:fc:5a:50: d9:df:84:82:12:8a:4a:57:49:93:03:ce:22:15:bb: e5:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:CC:63:89:B6:E9:8E:4E:DC:8E:FA:8F:FB:88:73:98:5F:98:14:9C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.46.0.0/15 Signature Algorithm: sha256WithRSAEncryption 56:08:53:8c:c5:6d:6f:a5:88:22:e4:f4:8a:4c:5c:60:83:78: d5:17:7d:a3:1c:2e:26:5b:6d:06:de:c9:4f:8f:69:28:d1:f4: b5:ef:a5:85:62:3a:9a:3e:2b:ff:9b:4b:48:5b:38:95:49:6b: e7:a5:b1:dc:01:52:bc:9e:7c:70:13:fb:bf:e2:d6:f6:43:01: 8b:51:24:74:ab:fa:99:e5:21:bf:c2:4c:fb:c3:8a:ef:ba:9f: 16:c8:7c:51:23:b0:80:0c:17:00:8e:a1:24:50:09:e0:1e:b7: 96:f0:4f:c3:3a:e0:e6:c2:49:41:0b:85:a8:54:cf:da:ff:c7: 1b:1a:56:43:3b:5a:03:9e:e6:b4:47:3f:46:dc:67:ba:cc:b4: 6d:75:af:d1:cf:24:87:c0:91:b3:0e:a6:50:33:9b:2a:79:18: 9d:a9:a3:c9:f8:bd:19:67:15:44:9b:e3:78:47:cb:ce:fa:98: 03:24:ed:cf:ec:0a:a3:83:e5:23:d9:ac:5a:b0:ba:00:61:0e: 1a:95:c2:98:3d:e9:c5:a3:ac:e1:bb:bb:13:4c:ba:70:7b:ca: 0e:60:94:fd:e0:f7:a9:98:06:da:d3:3b:c7:91:29:c1:d8:db: be:80:a5:65:0e:bf:78:43:bc:dd:2d:f4:f6:0c:58:2e:6f:48: 15:a7:17:26 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUGB1TsqJX2GWC81CnRueYH46eD4gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDlaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDRjYzE3ODRlYTQ3ZjJjOTk4ZTgwYjM1N2M1NmZmZjBkYjc1ZGEyN2I5MjY0 MGU5MDU4NWM0ZjE3OTNmZmQ1ZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANt2L2dsc/KVzet49AUrGG4ABxS+uiIMvcCp+zSCQyjz2FL2xcffpi8hwfi1 20l66Qzcw6RDyHGe/o/T+Dh0uwQQ3OkvwtL1Nh8unjUfg3PfeBjAzpD9z5II6j41 bB04u6qZacBN0/GQL40NTlglQ/C1o5j/10L065uVaAwp65VyAXs2t50dGZSf1ma7 UnY+jFTPEkSsyoq7L7FVlb65hfQ0bAFuL6GMLOXlRwwuNUpWyJJ3iqewzfRjEeVY Fokrf6JMb/STEbFJvpr9qoLsLY0UavTifPAaEGx5OaRwljqvnoDgTH2yvqXmkCOx /FpQ2d+EghKKSldJkwPOIhW75dcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDzGOJ tumOTtyO+o/7iHOYX5gUnDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NjI1MmU5YTMtNGZkYy00YzQzLWI5MWItZGViNThjYTJkZDdjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G CSqGSIb3DQEBCwUAA4IBAQBWCFOMxW1vpYgi5PSKTFxgg3jVF32jHC4mW20G3slP j2ko0fS176WFYjqaPiv/m0tIWziVSWvnpbHcAVK8nnxwE/u/4tb2QwGLUSR0q/qZ 5SG/wkz7w4rvup8WyHxRI7CADBcAjqEkUAngHreW8E/DOuDmwklBC4WoVM/a/8cb GlZDO1oDnua0Rz9G3Ge6zLRtda/RzySHwJGzDqZQM5sqeRidqaPJ+L0ZZxVEm+N4 R8vO+pgDJO3P7Aqjg+Uj2axasLoAYQ4alcKYPenFo6zhu7sTTLpwe8oOYJT94Pep mAba0zvHkSnB2Nu+gKVlDr94Q7zdLfT2DFgub0gVpxcm -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:24 2025 by rpki-client