This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json) Hash identifier: Z9nLdLmeCgoDwPsEwpNjCP4K1rnIXgzgi5mxkHV2DUM= Subject key identifier: 99:50:8A:B6:D8:4D:1D:49:B5:ED:70:8B:7F:5D:AB:F6:35:61:90:FA Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3C3E295E4BEF47103E484ED5F722D6D90B4FD5FD Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa Signing time: Tue 25 Nov 2025 20:10:22 +0000 ROA not before: Tue 25 Nov 2025 20:10:22 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.206.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:3e:29:5e:4b:ef:47:10:3e:48:4e:d5:f7:22:d6:d9:0b:4f:d5:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 25 20:10:22 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=ad02e9d04bbfa4ea8eca31c17867690dd2c6a9cb36151be40bacc1e2bb10b125, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:cd:e0:0e:c1:34:1b:02:4f:3b:53:91:ad:1c: 46:1b:60:42:27:3a:f3:03:18:f4:64:2d:4e:9e:10: 7f:07:af:17:ef:60:b1:3d:f0:24:e1:8c:a2:bd:c3: 11:4e:d8:4c:09:0c:d7:aa:03:79:f3:f0:16:83:56: 7d:d1:b2:28:81:47:5f:53:17:93:78:94:6b:2b:51: 9d:80:3f:70:dd:43:77:46:8b:4a:c6:6f:d4:3e:9f: 18:45:f5:62:33:18:5b:3b:13:01:1e:8d:28:55:7e: 7c:0e:7b:a3:fb:c7:e1:d3:9e:11:6f:78:ba:ff:5e: 4c:0f:87:aa:58:ab:8a:ee:ff:d5:e9:32:53:6a:38: 80:e7:3b:d4:1b:78:3a:52:55:24:1d:d7:fb:31:92: 73:d0:6e:b4:42:6d:f1:40:27:35:4f:7b:32:c2:f1: df:81:88:41:0d:8f:6d:c0:b5:ca:4d:85:9a:b3:d7: af:a8:0d:17:f1:34:3d:5a:60:bf:ea:7b:0e:83:e6: 03:11:1f:c8:26:95:4a:63:43:b9:c6:7d:ff:da:36: 9b:0a:f3:b4:fc:88:ba:c5:cf:83:c8:5e:6c:77:4c: af:a1:10:a6:4e:8c:d5:e8:ac:7d:92:a2:26:fd:ad: 08:b1:b2:a1:19:11:93:a4:9f:1c:a9:e0:db:2d:a5: 1c:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:50:8A:B6:D8:4D:1D:49:B5:ED:70:8B:7F:5D:AB:F6:35:61:90:FA X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.206.0.0/15 Signature Algorithm: sha256WithRSAEncryption 3b:88:24:58:bf:46:91:b3:8b:5a:4d:56:22:7f:09:a3:11:a9: 42:ea:22:6d:bb:e0:b1:19:84:9d:05:de:b5:df:3e:25:98:31: c0:ad:62:a9:9a:2c:ca:dd:16:6b:23:3d:0d:80:51:0b:81:aa: 80:ac:f1:5b:44:07:f3:35:36:eb:ec:88:2d:85:b8:15:66:bc: 23:8a:bd:e4:17:37:f2:73:a7:96:3c:92:81:d7:62:ae:a3:c1: 80:78:78:7e:75:d9:7a:f4:ec:90:83:83:f5:f8:ad:92:ab:17: 4f:26:93:23:a6:b1:75:91:bf:ba:6b:89:65:c7:34:88:32:69: bf:e1:13:cf:0f:02:e9:27:b2:d2:1c:00:85:5e:8e:90:83:e8: 09:8f:f2:10:38:41:fe:2c:bf:8a:0b:74:94:28:5c:27:49:a4: 86:08:15:87:02:44:c9:fc:c1:86:42:7d:be:cf:3a:8f:a7:18: 0d:97:1c:a4:a5:f8:1e:19:ef:56:5d:ae:af:a4:80:60:3c:76: a8:4f:83:ce:66:d2:e7:8b:f0:0c:39:b0:6b:33:c6:b9:33:3c: 02:29:34:43:11:a3:f7:fd:1c:c1:8f:9a:37:86:e1:f8:11:e9: 0c:1e:da:e3:c9:0c:a3:9f:19:a9:c8:6a:5a:17:2d:d5:12:06: f2:28:d2:52 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUPD4pXkvvRxA+SE7V9yLW2QtP1f0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMjUyMDEwMjJaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGFkMDJlOWQwNGJiZmE0ZWE4ZWNhMzFjMTc4Njc2OTBkZDJjNmE5Y2IzNjE1 MWJlNDBiYWNjMWUyYmIxMGIxMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7N4A7BNBsCTztTka0cRhtgQic68wMY9GQtTp4QfwevF+9gsT3wJOGMor3D EU7YTAkM16oDefPwFoNWfdGyKIFHX1MXk3iUaytRnYA/cN1Dd0aLSsZv1D6fGEX1 YjMYWzsTAR6NKFV+fA57o/vH4dOeEW94uv9eTA+Hqliriu7/1ekyU2o4gOc71Bt4 OlJVJB3X+zGSc9ButEJt8UAnNU97MsLx34GIQQ2PbcC1yk2FmrPXr6gNF/E0PVpg v+p7DoPmAxEfyCaVSmNDucZ9/9o2mwrztPyIusXPg8hebHdMr6EQpk6M1eisfZKi Jv2tCLGyoRkRk6SfHKng2y2lHIsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSZUIq2 2E0dSbXtcIt/Xav2NWGQ+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G CSqGSIb3DQEBCwUAA4IBAQA7iCRYv0aRs4taTVYifwmjEalC6iJtu+CxGYSdBd61 3z4lmDHArWKpmizK3RZrIz0NgFELgaqArPFbRAfzNTbr7IgthbgVZrwjir3kFzfy c6eWPJKB12Kuo8GAeHh+ddl69OyQg4P1+K2SqxdPJpMjprF1kb+6a4llxzSIMmm/ 4RPPDwLpJ7LSHACFXo6Qg+gJj/IQOEH+LL+KC3SUKFwnSaSGCBWHAkTJ/MGGQn2+ zzqPpxgNlxykpfgeGe9WXa6vpIBgPHaoT4POZtLni/AMObBrM8a5MzwCKTRDEaP3 /RzBj5o3huH4EekMHtrjyQyjnxmpyGpaFy3VEgbyKNJS -----END CERTIFICATE-----Generated at Sat Dec 6 12:45:32 2025 by rpki-client