This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json) Hash identifier: uugSmw/NA8oAC1Mmt/YoCKy2EwL8dS5IfTWGkQh2W2A= Subject key identifier: 6D:28:45:DD:D7:24:28:54:26:06:7E:B6:6F:95:B0:8C:F8:CB:F4:CD Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0A00568E715060187222E86F57D6B29FAEE36EDB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa Signing time: Sat 15 Nov 2025 06:50:19 +0000 ROA not before: Sat 15 Nov 2025 06:50:19 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.152.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:00:56:8e:71:50:60:18:72:22:e8:6f:57:d6:b2:9f:ae:e3:6e:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:19 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=ade142bcf44934fc72f8a015a26ff4cd1f574cbd026cb16c3b65b7f6ae8513ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:31:4f:13:8d:81:ac:c5:87:b4:11:b7:cd:99: a6:52:68:f5:80:45:df:24:6b:72:71:d1:d6:3a:0b: 69:d5:0c:ec:57:09:8c:8d:a7:fb:fa:46:cc:96:00: 91:d2:16:37:89:ee:62:91:77:24:9d:9c:c3:66:36: 8a:8a:69:50:a0:bb:7d:d3:34:f9:c4:67:9b:53:ed: ae:2c:47:47:a2:98:0a:18:5a:87:63:0f:8f:36:a1: f5:0a:6e:06:aa:ca:ab:69:00:06:06:88:fc:55:26: 8b:04:5e:3a:8b:e8:53:a0:35:2d:45:d7:af:fb:71: 3d:d6:a0:ed:57:3d:14:73:4f:c3:7a:f9:05:30:ab: e2:af:c1:82:b1:b7:89:9a:3d:0f:c5:c2:3b:ee:04: 8a:bb:86:1b:90:8d:38:72:4f:ce:68:ea:f5:82:23: dd:6b:db:c3:53:19:a7:01:cb:59:9f:51:0d:1c:5b: 14:98:5a:6d:42:8e:bd:3c:87:36:e0:93:50:bc:4a: 23:5e:50:d1:c5:05:41:88:e4:b2:f5:90:91:6e:5a: a1:81:8d:3a:7e:62:14:95:7a:e0:26:05:ca:1b:ee: c9:96:3e:e6:48:cb:ad:b7:92:f8:d2:59:ff:40:0d: 84:cf:6c:79:11:4b:e4:70:c2:83:b8:cb:9e:26:cb: 28:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:28:45:DD:D7:24:28:54:26:06:7E:B6:6F:95:B0:8C:F8:CB:F4:CD X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.152.0.0/15 Signature Algorithm: sha256WithRSAEncryption 65:2a:68:d5:29:9f:62:3c:69:2c:cb:26:63:4e:2c:cb:df:e6: 06:ad:ed:8b:3e:17:fe:de:1d:2a:a2:e7:c9:d2:31:f8:28:4b: ec:fe:4a:b8:cd:fc:91:5b:94:6e:f7:0b:71:4c:c7:a2:1c:07: fd:25:f6:e7:34:b3:29:e8:7c:d3:2a:01:a5:24:e4:c0:9b:8d: 58:0c:1a:b9:33:88:6c:5b:b8:a0:87:77:fc:12:59:fe:41:65: 9c:1f:7c:6b:74:98:84:b5:88:93:b4:75:09:74:73:79:c0:3b: ef:0c:be:e2:a9:dc:00:f1:ac:27:11:0c:0c:22:4b:f6:f4:f7: 74:e8:e3:d5:ba:85:88:16:f8:8f:98:ce:fe:f2:db:da:b5:77: af:55:4c:db:82:d2:db:d2:91:0f:48:c9:44:3b:a1:b9:de:9e: 2e:eb:a8:6b:1d:07:15:6d:5c:aa:49:95:41:ef:02:48:cf:ed: 9b:7a:1b:85:48:0d:ff:d4:03:e7:85:5e:fb:f9:c1:97:1d:a1: bd:ef:ca:67:2c:c6:a8:60:89:39:a5:82:4c:98:86:09:25:c1: 80:f2:9b:5f:a0:a1:94:40:d9:d2:a7:a3:b1:55:3b:10:9d:fb: 90:dd:8b:89:1d:b4:d3:a9:1a:ea:29:8c:55:3a:34:7a:45:15: 2e:8c:72:3a -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUCgBWjnFQYBhyIuhvV9ayn67jbtswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMTlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGFkZTE0MmJjZjQ0OTM0ZmM3MmY4YTAxNWEyNmZmNGNkMWY1NzRjYmQwMjZj YjE2YzNiNjViN2Y2YWU4NTEzZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO0xTxONgazFh7QRt82ZplJo9YBF3yRrcnHR1joLadUM7FcJjI2n+/pGzJYA kdIWN4nuYpF3JJ2cw2Y2ioppUKC7fdM0+cRnm1PtrixHR6KYChhah2MPjzah9Qpu BqrKq2kABgaI/FUmiwReOovoU6A1LUXXr/txPdag7Vc9FHNPw3r5BTCr4q/BgrG3 iZo9D8XCO+4EiruGG5CNOHJPzmjq9YIj3Wvbw1MZpwHLWZ9RDRxbFJhabUKOvTyH NuCTULxKI15Q0cUFQYjksvWQkW5aoYGNOn5iFJV64CYFyhvuyZY+5kjLrbeS+NJZ /0ANhM9seRFL5HDCg7jLnibLKMkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRtKEXd 1yQoVCYGfrZvlbCM+Mv0zTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G CSqGSIb3DQEBCwUAA4IBAQBlKmjVKZ9iPGksyyZjTizL3+YGre2LPhf+3h0qoufJ 0jH4KEvs/kq4zfyRW5Ru9wtxTMeiHAf9JfbnNLMp6HzTKgGlJOTAm41YDBq5M4hs W7igh3f8Eln+QWWcH3xrdJiEtYiTtHUJdHN5wDvvDL7iqdwA8awnEQwMIkv29Pd0 6OPVuoWIFviPmM7+8tvatXevVUzbgtLb0pEPSMlEO6G53p4u66hrHQcVbVyqSZVB 7wJIz+2behuFSA3/1APnhV77+cGXHaG978pnLMaoYIk5pYJMmIYJJcGA8ptfoKGU QNnSp6OxVTsQnfuQ3YuJHbTTqRrqKYxVOjR6RRUujHI6 -----END CERTIFICATE-----Generated at Sat Dec 6 14:43:05 2025 by rpki-client