This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json) Hash identifier: KTtpo0xe136/7HigCDTDbdOc+WHU3A1tmNJRCHuknqc= Subject key identifier: 49:0B:B5:1D:E6:B5:FE:EC:1B:88:F9:79:49:50:72:63:CF:2A:8E:2C Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 31B012931ABEC368BCC2C953F13897224314DF82 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa Signing time: Sat 15 Nov 2025 06:50:46 +0000 ROA not before: Sat 15 Nov 2025 06:50:46 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.216.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:b0:12:93:1a:be:c3:68:bc:c2:c9:53:f1:38:97:22:43:14:df:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:46 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5ffb6619af1a849577e5a5e842d1935fc39e6d70bd74af72b4fbd233482088c9, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:8b:9f:b3:88:2c:a1:7a:cd:8e:d4:7f:a9:a5: 08:48:d8:e6:ba:a3:72:07:1e:ec:e7:94:d2:e2:f8: cf:93:6c:33:30:4d:83:f0:59:a2:4a:ac:9c:10:a1: bc:98:fb:19:6a:60:31:ac:50:83:2b:80:d9:10:12: dc:71:b1:57:c8:30:15:01:da:4a:d0:10:15:43:9d: 54:da:dc:81:d0:53:31:5d:5b:fe:1d:ab:ca:09:07: 27:63:1a:4a:6a:11:ec:77:11:10:f2:d0:59:4d:3e: 19:03:d6:5f:13:89:cb:c8:02:73:ea:d9:4b:43:10: e9:f9:fc:3f:49:41:8a:14:bc:f4:55:08:0e:d1:d3: f0:0a:b6:3d:57:cc:2c:a7:6d:01:45:a1:a1:82:f5: 79:89:14:a8:4e:7e:f8:6a:06:6c:be:e5:ae:7e:12: 96:cb:5b:6d:6c:36:67:28:d8:04:2a:44:b4:8f:86: b4:a5:a6:b2:f5:c1:68:76:7f:35:a8:76:38:69:8a: 8e:1b:e9:20:29:6a:77:a6:42:5c:22:51:81:07:c0: 03:49:d8:aa:47:bd:d7:1b:2a:77:7e:4b:78:6b:f5: 22:8b:28:d7:f3:19:11:69:7d:9e:d3:bf:48:3e:20: 1b:a7:78:c8:b8:4d:af:e0:87:9c:8d:be:ab:ee:aa: e2:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:0B:B5:1D:E6:B5:FE:EC:1B:88:F9:79:49:50:72:63:CF:2A:8E:2C X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.216.0.0/15 Signature Algorithm: sha256WithRSAEncryption 3b:0a:81:cd:b5:4a:30:f3:ce:b1:23:2d:9d:80:9b:99:dc:f5: 06:ad:49:9d:ab:58:c5:db:d2:12:88:b7:23:ef:f7:18:14:e8: 16:ef:25:35:62:ce:f3:13:e7:00:dc:a8:f8:b6:47:0a:15:b2: c4:33:fe:21:8a:ba:d8:0e:18:fe:a4:35:d6:31:31:73:34:9f: 47:b2:ae:63:1a:99:c1:f5:40:43:6f:37:bc:73:04:60:9d:c1: 13:22:9b:a8:f2:d8:83:f8:d1:5c:4f:20:09:cb:28:66:eb:b4: 37:54:9a:a6:3b:b8:8b:32:0c:d4:da:90:05:f9:c9:48:26:af: c1:13:62:b4:fd:dd:5c:46:e8:78:30:a0:08:95:19:0a:56:84: 23:89:96:87:89:f6:59:86:6a:d9:6f:44:db:8b:9d:3a:3e:53: f0:a0:51:d4:bd:9b:c1:e0:49:f3:64:9d:a9:f1:6a:da:f6:5e: 7a:63:81:41:24:bd:6d:3b:dd:37:c1:67:b1:76:f2:d1:5b:73: 19:01:69:74:03:a6:71:c1:5a:de:96:b2:17:20:d7:c7:9e:47: 45:17:6a:32:37:6f:be:8d:80:62:9d:4a:de:e7:36:f7:21:98: 4d:53:e9:7d:84:39:46:26:9b:de:92:14:a6:07:33:70:81:86: d7:22:21:bc -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUMbASkxq+w2i8wslT8TiXIkMU34IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVmZmI2NjE5YWYxYTg0OTU3N2U1YTVlODQyZDE5MzVmYzM5ZTZkNzBiZDc0 YWY3MmI0ZmJkMjMzNDgyMDg4YzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKWLn7OILKF6zY7Uf6mlCEjY5rqjcgce7OeU0uL4z5NsMzBNg/BZokqsnBCh vJj7GWpgMaxQgyuA2RAS3HGxV8gwFQHaStAQFUOdVNrcgdBTMV1b/h2rygkHJ2Ma SmoR7HcREPLQWU0+GQPWXxOJy8gCc+rZS0MQ6fn8P0lBihS89FUIDtHT8Aq2PVfM LKdtAUWhoYL1eYkUqE5++GoGbL7lrn4SlstbbWw2ZyjYBCpEtI+GtKWmsvXBaHZ/ Nah2OGmKjhvpIClqd6ZCXCJRgQfAA0nYqke91xsqd35LeGv1Ioso1/MZEWl9ntO/ SD4gG6d4yLhNr+CHnI2+q+6q4tECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRJC7Ud 5rX+7BuI+XlJUHJjzyqOLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G CSqGSIb3DQEBCwUAA4IBAQA7CoHNtUow886xIy2dgJuZ3PUGrUmdq1jF29ISiLcj 7/cYFOgW7yU1Ys7zE+cA3Kj4tkcKFbLEM/4hirrYDhj+pDXWMTFzNJ9Hsq5jGpnB 9UBDbze8cwRgncETIpuo8tiD+NFcTyAJyyhm67Q3VJqmO7iLMgzU2pAF+clIJq/B E2K0/d1cRuh4MKAIlRkKVoQjiZaHifZZhmrZb0Tbi506PlPwoFHUvZvB4EnzZJ2p 8Wra9l56Y4FBJL1tO903wWexdvLRW3MZAWl0A6ZxwVrelrIXINfHnkdFF2oyN2++ jYBinUre5zb3IZhNU+l9hDlGJpvekhSmBzNwgYbXIiG8 -----END CERTIFICATE-----Generated at Sat Dec 6 12:46:27 2025 by rpki-client