This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa File: 87cbc454-e777-437d-a43a-911995d2a7ce.roa (raw, json) Hash identifier: fSwt6zY5ynXKZi0aArVMw6cuTK+WgSmxnywbULvHGXc= Subject key identifier: B6:5E:68:2B:17:FB:5A:BC:17:18:62:A5:9E:30:17:75:01:10:B2:9F Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 4F907950293928C89EE6F1DC89F1036F289FE53E Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa Signing time: Tue 18 Nov 2025 00:40:28 +0000 ROA not before: Tue 18 Nov 2025 00:40:28 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.21.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:90:79:50:29:39:28:c8:9e:e6:f1:dc:89:f1:03:6f:28:9f:e5:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:28 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=0dc0b8fd92c1ff1ac1a928b559d4b81d5ec4c202681c627c3b560092626d3b5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:a4:df:ef:da:13:4c:ff:4e:82:19:cd:87:4c: 70:5f:cc:2f:0d:fd:04:c0:5e:bb:78:fa:4f:31:45: fd:83:ca:c0:dd:ba:52:e2:35:ae:88:de:9b:50:a7: 18:f2:8d:36:f2:8c:f4:3f:f6:32:25:16:84:eb:fe: 31:35:0f:1c:be:9a:69:3a:10:84:8f:ae:9c:70:cf: 5c:86:65:c9:27:a3:01:70:a5:61:65:62:19:91:e5: de:7c:c5:25:df:65:e7:82:c8:65:6c:0d:1f:0a:2e: ad:16:37:b6:cc:b8:49:c4:17:67:29:dc:da:1a:3f: 03:40:6d:26:67:e0:45:da:21:ab:99:37:62:dc:03: ed:71:9a:15:97:07:53:14:4f:8b:b0:30:30:ca:32: 83:6f:d2:4d:72:9b:e9:8d:54:a8:22:91:6a:b6:37: 57:c9:3f:50:85:51:18:82:f6:d5:36:2b:46:7d:93: a9:4d:c8:d1:84:59:60:c4:24:ea:9a:09:67:25:29: 9d:d2:2a:ed:01:95:16:b8:73:85:34:ee:c8:5f:dc: 04:77:01:47:f9:cc:ef:ed:c6:21:9d:1b:36:06:3d: ad:1b:c8:f6:92:ef:7f:f5:34:85:c2:df:68:a7:09: 2b:34:96:27:55:e8:48:aa:e3:96:50:fc:e7:c4:4b: 07:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:5E:68:2B:17:FB:5A:BC:17:18:62:A5:9E:30:17:75:01:10:B2:9F X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.21.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0a:89:9a:18:f8:8b:36:e5:e6:fb:43:ec:40:42:6e:a6:f0:79: 5b:f6:c6:13:86:22:6c:f4:b5:6e:ea:00:15:20:40:bc:ea:d0: 67:b0:a3:49:18:8d:22:76:47:56:fa:11:4f:89:29:b8:06:cb: 4d:cf:cf:cc:d2:fe:08:e4:8f:72:ec:9f:6e:f6:39:b9:bd:3b: 8f:9d:38:e0:20:c9:de:39:3b:22:de:a5:e6:a6:ec:0f:25:2c: 23:e1:bb:dd:24:25:5a:d5:a7:c9:bf:91:5f:5f:07:13:21:fd: 83:c2:57:17:7c:50:4c:cd:a2:7e:2f:b9:8f:2d:5e:d1:5e:21: e9:ce:4f:96:dc:e7:40:37:8b:01:b6:fc:85:9a:95:64:8f:07: 5f:2d:90:7f:54:e9:8a:57:69:9e:a8:21:ac:5c:bf:34:5d:3f: bd:2e:0d:16:36:e2:73:1a:9f:e0:58:75:ee:30:9b:f1:c4:8b: 98:03:65:ec:ad:9b:b0:ec:15:03:27:32:aa:54:c2:c3:77:23: 81:8f:20:15:55:97:82:e9:46:44:2b:c6:44:91:f5:b3:72:96: 64:ef:97:9e:77:9a:ba:72:e6:78:ad:76:90:88:a1:7d:ad:6a: b1:6c:e4:7d:98:ff:a0:37:82:c9:9b:cc:64:76:f3:5f:45:0c: 47:d4:be:88 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUT5B5UCk5KMie5vHcifEDbyif5T4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMjhaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDBkYzBiOGZkOTJjMWZmMWFjMWE5MjhiNTU5ZDRiODFkNWVjNGMyMDI2ODFj NjI3YzNiNTYwMDkyNjI2ZDNiNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWk3+/aE0z/ToIZzYdMcF/MLw39BMBeu3j6TzFF/YPKwN26UuI1rojem1Cn GPKNNvKM9D/2MiUWhOv+MTUPHL6aaToQhI+unHDPXIZlySejAXClYWViGZHl3nzF Jd9l54LIZWwNHwourRY3tsy4ScQXZync2ho/A0BtJmfgRdohq5k3YtwD7XGaFZcH UxRPi7AwMMoyg2/STXKb6Y1UqCKRarY3V8k/UIVRGIL21TYrRn2TqU3I0YRZYMQk 6poJZyUpndIq7QGVFrhzhTTuyF/cBHcBR/nM7+3GIZ0bNgY9rRvI9pLvf/U0hcLf aKcJKzSWJ1XoSKrjllD858RLByUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2Xmgr F/tavBcYYqWeMBd1ARCynzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ODdjYmM0NTQtZTc3Ny00MzdkLWE0M2EtOTExOTk1ZDJhN2NlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G CSqGSIb3DQEBCwUAA4IBAQAKiZoY+Is25eb7Q+xAQm6m8Hlb9sYThiJs9LVu6gAV IEC86tBnsKNJGI0idkdW+hFPiSm4BstNz8/M0v4I5I9y7J9u9jm5vTuPnTjgIMne OTsi3qXmpuwPJSwj4bvdJCVa1afJv5FfXwcTIf2DwlcXfFBMzaJ+L7mPLV7RXiHp zk+W3OdAN4sBtvyFmpVkjwdfLZB/VOmKV2meqCGsXL80XT+9Lg0WNuJzGp/gWHXu MJvxxIuYA2XsrZuw7BUDJzKqVMLDdyOBjyAVVZeC6UZEK8ZEkfWzcpZk75eed5q6 cuZ4rXaQiKF9rWqxbOR9mP+gN4LJm8xkdvNfRQxH1L6I -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:56 2025 by rpki-client