This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json) Hash identifier: jAWMtTb0NKQLO3h2ge2nlOltFPO7sfGcuh++fUB7Ydw= Subject key identifier: D4:04:EA:A7:FB:EE:99:31:26:95:14:5A:28:50:70:4C:1C:9E:21:AF Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2971D5737A3400116F54A9A8064B59938599B276 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa Signing time: Tue 18 Nov 2025 00:40:07 +0000 ROA not before: Tue 18 Nov 2025 00:40:07 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.84.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:71:d5:73:7a:34:00:11:6f:54:a9:a8:06:4b:59:93:85:99:b2:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:07 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=8cb847b4d90bc200c5f308c074d525521145a0f0d03032e748889ac00bd64d6e, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:0b:47:af:81:90:65:1d:88:90:86:25:8b:69: 58:c9:a1:0e:76:a1:26:9d:1e:fa:f5:ed:35:ee:92: 46:60:7c:c8:bb:61:d4:1c:2f:c2:1c:22:f9:4b:b6: 00:47:42:ba:b9:c0:8f:82:ae:ee:27:79:41:7f:03: 51:9f:ed:9f:d7:75:b0:5f:0b:d9:26:f0:78:79:ed: 58:cb:48:4b:b1:01:6f:7d:0c:3f:c1:ec:3f:b4:a6: 1d:d5:c3:3e:4f:e3:74:46:a2:7e:04:ca:20:ed:16: c3:4b:7f:65:19:5c:07:3a:be:22:b8:e5:05:3b:bf: 6d:bf:e9:d0:d4:00:18:1d:5c:70:a7:aa:33:a0:44: 3d:eb:17:97:e5:23:6e:8e:3b:ee:ce:b7:1e:3c:6c: d1:44:83:b2:4f:de:ff:66:c9:12:64:cf:31:5c:af: 37:e1:60:5a:47:8c:13:37:d1:89:b4:ca:1a:99:16: 4a:43:3e:35:ca:68:f9:f8:87:d6:be:b8:d3:eb:29: 09:de:e9:ed:0b:63:5e:bd:83:3e:ac:c1:a0:d4:91: d1:a1:44:70:88:d8:0b:6c:70:fd:ff:21:d4:43:78: 53:71:06:ea:2b:9f:f0:91:49:fb:33:95:e9:c3:fa: d6:b6:25:1b:7d:f7:bd:15:68:51:fb:d0:d4:0e:ff: 1b:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:04:EA:A7:FB:EE:99:31:26:95:14:5A:28:50:70:4C:1C:9E:21:AF X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.84.0.0/16 Signature Algorithm: sha256WithRSAEncryption bf:66:90:22:78:dc:9b:fd:87:e8:56:96:d4:b1:3e:5b:a1:8f: 9f:f5:5e:11:ef:78:ed:31:28:53:53:6d:f5:10:61:cb:bc:4f: 67:10:e9:93:22:93:2d:c5:9e:78:7d:b4:01:6e:01:9c:53:ec: e7:11:9b:0f:b5:65:be:85:f3:f1:02:53:5b:79:ad:1d:4d:12: 74:79:9b:51:3a:00:7f:84:0e:42:5b:50:77:ba:d2:18:37:2e: c9:e3:2f:2f:51:f2:45:44:29:c1:9e:a3:2e:51:09:cd:c9:96: 72:36:bd:b9:5c:9e:96:cd:f3:4a:32:01:c9:42:fd:2f:ad:d7: 27:1e:12:e4:32:f1:10:48:d9:9a:46:a0:d2:ac:11:10:65:42: 68:d0:07:5b:78:12:fe:5d:14:cd:87:11:d0:22:00:ac:25:83: b0:76:c7:2f:10:38:c9:ff:6e:89:52:27:a9:32:12:7a:b6:44: 11:a7:f9:ca:e4:d4:b1:30:9b:7b:78:ba:af:42:ef:e0:2a:e9: a6:0d:fb:67:67:ab:92:3d:04:a2:78:78:0d:0c:02:6e:a0:d7: 29:f9:6f:f5:e0:50:15:87:2f:ee:b7:96:23:31:e7:27:bf:ca: c0:9f:95:fa:d0:c8:51:87:38:2b:86:d1:ce:7a:4b:ba:c9:1a: 11:fa:2c:f7 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUKXHVc3o0ABFvVKmoBktZk4WZsnYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDdaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDhjYjg0N2I0ZDkwYmMyMDBjNWYzMDhjMDc0ZDUyNTUyMTE0NWEwZjBkMDMw MzJlNzQ4ODg5YWMwMGJkNjRkNmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQLR6+BkGUdiJCGJYtpWMmhDnahJp0e+vXtNe6SRmB8yLth1Bwvwhwi+Uu2 AEdCurnAj4Ku7id5QX8DUZ/tn9d1sF8L2SbweHntWMtIS7EBb30MP8HsP7SmHdXD Pk/jdEaifgTKIO0Ww0t/ZRlcBzq+IrjlBTu/bb/p0NQAGB1ccKeqM6BEPesXl+Uj bo477s63Hjxs0USDsk/e/2bJEmTPMVyvN+FgWkeMEzfRibTKGpkWSkM+Ncpo+fiH 1r640+spCd7p7QtjXr2DPqzBoNSR0aFEcIjYC2xw/f8h1EN4U3EG6iuf8JFJ+zOV 6cP61rYlG333vRVoUfvQ1A7/GzMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTUBOqn ++6ZMSaVFFooUHBMHJ4hrzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G CSqGSIb3DQEBCwUAA4IBAQC/ZpAieNyb/YfoVpbUsT5boY+f9V4R73jtMShTU231 EGHLvE9nEOmTIpMtxZ54fbQBbgGcU+znEZsPtWW+hfPxAlNbea0dTRJ0eZtROgB/ hA5CW1B3utIYNy7J4y8vUfJFRCnBnqMuUQnNyZZyNr25XJ6WzfNKMgHJQv0vrdcn HhLkMvEQSNmaRqDSrBEQZUJo0AdbeBL+XRTNhxHQIgCsJYOwdscvEDjJ/26JUiep MhJ6tkQRp/nK5NSxMJt7eLqvQu/gKummDftnZ6uSPQSieHgNDAJuoNcp+W/14FAV hy/ut5YjMecnv8rAn5X60MhRhzgrhtHOeku6yRoR+iz3 -----END CERTIFICATE-----Generated at Sat Dec 6 10:54:27 2025 by rpki-client