This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json) Hash identifier: JnVBaU/9WNVfWgQv0BLFCEdSX611vIMuoRyrMcl3QyI= Subject key identifier: D0:47:25:F3:09:35:49:0B:67:5D:A1:AE:9D:6C:51:52:C0:E0:0C:A5 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 20C744CBD6C44E0529B7A0C81145B9884A398A33 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa Signing time: Sun 16 Nov 2025 01:00:20 +0000 ROA not before: Sun 16 Nov 2025 01:00:20 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:c7:44:cb:d6:c4:4e:05:29:b7:a0:c8:11:45:b9:88:4a:39:8a:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 16 01:00:20 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=babae52f5188fcceb77c52b1cd48caef3a0679ab7cf1ffd2087a0c21d253cf05, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c2:9a:ad:cd:eb:cf:70:16:1d:1f:1e:24:73: c3:f8:98:75:92:df:da:51:9e:60:93:f1:b9:e2:c1: 1a:7d:3e:97:f6:41:7b:d3:33:bb:44:df:a6:dc:be: e4:25:4c:c6:61:d5:51:a0:6e:85:d5:59:be:42:82: 3f:6a:59:e6:6b:9a:d5:2b:6b:d2:08:93:d6:f6:ef: 88:94:9d:43:c6:9e:1a:d0:6d:5b:94:c9:68:7c:af: db:59:88:c0:f6:ac:b7:ad:fd:09:b9:b9:9b:e9:8e: a1:ec:f9:1b:c3:57:52:d8:7a:d8:21:1c:d6:df:06: 08:d5:31:9c:d7:e7:fb:d7:8f:f3:5c:52:a9:38:9f: 6a:b9:1b:6d:60:87:7b:20:8a:8f:39:3b:42:bc:bf: f7:9b:c9:bb:65:0f:58:64:a5:c8:27:5d:e6:c6:34: 70:10:7c:4d:26:e2:0e:ed:70:83:6b:14:38:b8:d2: fd:7b:12:92:4b:ad:c3:88:5e:82:6a:44:50:6e:b6: a7:94:2a:c4:17:6d:cc:e8:b9:01:e8:83:2a:07:da: 82:1b:d8:12:ea:05:78:8b:8b:0c:45:2d:c4:94:20: d1:af:7d:3a:da:b0:fc:fd:20:0e:80:8e:08:7b:68: 0e:0c:7e:ba:08:98:f9:ae:59:c1:c5:f9:ce:9d:36: fa:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:47:25:F3:09:35:49:0B:67:5D:A1:AE:9D:6C:51:52:C0:E0:0C:A5 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.204.0/24 Signature Algorithm: sha256WithRSAEncryption 63:c3:d2:22:a4:de:f8:51:39:5d:c0:50:66:48:63:24:1f:12: 8b:4e:10:f8:cb:b8:69:98:7a:06:85:02:72:44:90:99:37:04: 04:22:e8:99:f1:3e:9e:73:a6:48:09:b4:d3:0d:4c:59:20:3c: 84:66:1b:c7:b0:6b:76:c5:e3:c2:c8:1a:d6:84:d1:fb:07:a3: 65:50:0e:81:49:53:84:17:88:89:cc:c2:48:10:84:bd:84:9c: f7:cf:5e:1c:1d:01:50:d4:a3:62:55:d8:b8:05:c9:2d:dc:4c: 10:01:b5:7b:0c:2d:42:f3:7a:b2:21:5e:ff:e4:9c:64:4d:32: 4d:77:10:9d:99:4a:68:71:58:ad:df:79:3a:a5:14:4a:61:c7: ba:46:9d:01:3c:59:72:5f:6b:cb:97:b7:48:9f:d2:8c:26:9e: f4:9d:e9:3f:06:da:c0:10:bd:b0:45:74:4b:c7:4c:13:2b:59: f4:71:5f:6f:02:aa:02:98:a5:31:dd:01:51:61:7e:c7:a3:16: 78:b5:fa:54:c7:36:f1:18:e5:3a:ac:08:1a:77:3a:a4:9b:99: 43:4a:da:84:bd:99:2c:3e:f9:fa:7f:9b:0e:69:18:bc:3b:60: 79:67:49:a6:8d:43:82:e3:df:85:18:77:c9:40:ce:8e:2b:5d: a5:00:f4:c7 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUIMdEy9bETgUpt6DIEUW5iEo5ijMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTYwMTAwMjBaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGJhYmFlNTJmNTE4OGZjY2ViNzdjNTJiMWNkNDhjYWVmM2EwNjc5YWI3Y2Yx ZmZkMjA4N2EwYzIxZDI1M2NmMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKzCmq3N689wFh0fHiRzw/iYdZLf2lGeYJPxueLBGn0+l/ZBe9Mzu0Tfpty+ 5CVMxmHVUaBuhdVZvkKCP2pZ5mua1Str0giT1vbviJSdQ8aeGtBtW5TJaHyv21mI wPast639Cbm5m+mOoez5G8NXUth62CEc1t8GCNUxnNfn+9eP81xSqTifarkbbWCH eyCKjzk7Qry/95vJu2UPWGSlyCdd5sY0cBB8TSbiDu1wg2sUOLjS/XsSkkutw4he gmpEUG62p5QqxBdtzOi5AeiDKgfaghvYEuoFeIuLDEUtxJQg0a99Otqw/P0gDoCO CHtoDgx+ugiY+a5ZwcX5zp02+s8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTQRyXz CTVJC2ddoa6dbFFSwOAMpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN BgkqhkiG9w0BAQsFAAOCAQEAY8PSIqTe+FE5XcBQZkhjJB8Si04Q+Mu4aZh6BoUC ckSQmTcEBCLomfE+nnOmSAm00w1MWSA8hGYbx7BrdsXjwsga1oTR+wejZVAOgUlT hBeIiczCSBCEvYSc989eHB0BUNSjYlXYuAXJLdxMEAG1ewwtQvN6siFe/+ScZE0y TXcQnZlKaHFYrd95OqUUSmHHukadATxZcl9ry5e3SJ/SjCae9J3pPwbawBC9sEV0 S8dMEytZ9HFfbwKqApilMd0BUWF+x6MWeLX6VMc28RjlOqwIGnc6pJuZQ0rahL2Z LD75+n+bDmkYvDtgeWdJpo1DguPfhRh3yUDOjitdpQD0xw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:25 2025 by rpki-client