This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json) Hash identifier: 6CA6P3Rr/se1gJyu16Qsi3wdc8mey5djbek9hvI2HOM= Subject key identifier: C2:EF:C0:A9:9C:9A:48:CE:0B:66:A6:67:47:9E:F2:35:54:43:72:5B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1E0FF2D0E7B28769EBF0995FAB9ECF8E1C565B27 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa Signing time: Wed 10 Dec 2025 06:50:48 +0000 ROA not before: Wed 10 Dec 2025 06:50:48 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.216.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:0f:f2:d0:e7:b2:87:69:eb:f0:99:5f:ab:9e:cf:8e:1c:56:5b:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:48 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ba0d750468fb2ab2ee50600af4b1f5cf090198bdb50ae54607d75e8a543b3050, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d7:d5:30:56:71:8d:8f:b4:a3:e8:94:3e:90: 54:26:f4:d1:3b:e4:ab:40:a7:3a:45:2b:05:03:12: 74:10:4b:dd:b4:2b:9c:6a:4e:bc:b4:b6:4d:39:18: 04:e3:a5:f5:4e:11:a1:f8:f1:b1:f1:ca:16:f4:fd: b0:41:74:f4:10:f2:c4:a4:a0:0a:69:8a:91:da:c1: f9:b6:28:ba:a1:21:a7:87:5a:98:83:9c:86:45:bc: fe:ff:a4:3d:f7:33:74:14:48:c5:95:a1:31:21:8a: 58:9a:e2:0c:cb:68:e6:66:8d:27:53:72:06:2a:42: af:56:10:22:4e:77:2e:84:e4:f4:c4:5f:7d:26:2e: 6d:59:9a:45:34:c5:76:d5:da:92:de:d2:5a:e7:0a: 6e:66:53:5b:61:ce:c7:59:08:f3:9e:60:f0:29:02: 03:b0:2f:30:a9:73:00:8a:9a:78:5a:50:34:68:62: 15:11:0d:99:05:d1:0b:9d:07:b5:8d:90:61:58:04: 94:0c:d2:7d:45:43:98:bc:76:01:0f:db:55:bc:db: 1d:77:b7:83:8b:62:3e:6d:b8:66:3b:2b:d8:01:db: d7:b6:6a:96:53:e8:43:b1:f2:de:f2:b8:fa:c0:87: 78:ab:46:f7:ef:ef:ee:be:49:e7:b7:4a:f9:20:64: 5d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:EF:C0:A9:9C:9A:48:CE:0B:66:A6:67:47:9E:F2:35:54:43:72:5B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.216.0.0/15 Signature Algorithm: sha256WithRSAEncryption 49:74:cd:86:8a:5d:7d:93:95:f0:48:37:73:ff:51:f3:7a:d8: 87:c7:a9:31:f7:d7:95:7f:91:1c:bb:ec:f6:69:4e:29:25:2d: 2c:15:6c:36:4b:be:26:ad:40:3d:dd:a8:91:cf:8a:50:44:c8: 9c:c8:36:c5:c2:a0:7a:a0:2e:f4:35:28:55:de:eb:2e:77:41: 1f:a2:12:46:73:91:fd:6b:bc:ce:1a:96:d9:4f:f5:da:e9:26: 93:4d:97:7f:41:b0:88:f0:63:2f:4a:d6:e5:6a:68:e6:59:f9: c6:8c:e6:eb:18:b9:46:c2:e4:10:3c:e7:5b:36:bb:c8:d9:1e: a0:14:f2:5b:99:f9:76:ac:b7:92:b1:b9:82:90:ff:a5:93:0c: fc:90:cf:43:f1:69:e8:da:1d:f7:85:82:65:66:91:19:cd:93: 71:6c:55:30:eb:95:47:a6:15:5c:68:3e:88:0a:e9:01:16:a4: 22:58:0c:ae:97:c3:df:20:32:ba:ce:ee:d5:c4:be:e1:a8:f9: 33:b8:e1:82:38:d3:39:76:5f:31:b6:a8:50:6f:6e:31:d9:af: d6:45:31:9e:e9:f1:d2:67:f6:33:99:50:8c:5a:fc:27:2c:fc: d4:13:17:f3:6f:7f:ca:96:c9:bd:98:a3:28:44:70:85:02:66: 2b:2d:f4:ff -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUHg/y0Oeyh2nr8Jlfq57PjhxWWycwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJhMGQ3NTA0NjhmYjJhYjJlZTUwNjAwYWY0YjFmNWNmMDkwMTk4YmRiNTBh ZTU0NjA3ZDc1ZThhNTQzYjMwNTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPX1TBWcY2PtKPolD6QVCb00Tvkq0CnOkUrBQMSdBBL3bQrnGpOvLS2TTkY BOOl9U4RofjxsfHKFvT9sEF09BDyxKSgCmmKkdrB+bYouqEhp4damIOchkW8/v+k PfczdBRIxZWhMSGKWJriDMto5maNJ1NyBipCr1YQIk53LoTk9MRffSYubVmaRTTF dtXakt7SWucKbmZTW2HOx1kI855g8CkCA7AvMKlzAIqaeFpQNGhiFRENmQXRC50H tY2QYVgElAzSfUVDmLx2AQ/bVbzbHXe3g4tiPm24Zjsr2AHb17ZqllPoQ7Hy3vK4 +sCHeKtG9+/v7r5J57dK+SBkXVECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTC78Cp nJpIzgtmpmdHnvI1VENyWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G CSqGSIb3DQEBCwUAA4IBAQBJdM2Gil19k5XwSDdz/1HzetiHx6kx99eVf5Ecu+z2 aU4pJS0sFWw2S74mrUA93aiRz4pQRMicyDbFwqB6oC70NShV3usud0EfohJGc5H9 a7zOGpbZT/Xa6SaTTZd/QbCI8GMvStblamjmWfnGjObrGLlGwuQQPOdbNrvI2R6g FPJbmfl2rLeSsbmCkP+lkwz8kM9D8Wno2h33hYJlZpEZzZNxbFUw65VHphVcaD6I CukBFqQiWAyul8PfIDK6zu7VxL7hqPkzuOGCONM5dl8xtqhQb24x2a/WRTGe6fHS Z/YzmVCMWvwnLPzUExfzb3/Klsm9mKMoRHCFAmYrLfT/ -----END CERTIFICATE-----Generated at Tue Dec 16 18:00:11 2025 by rpki-client