This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa File: c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa (raw, json) Hash identifier: 18pyanxVR0L2SHowUucCGYgwr6Q9Sfez3V10Yg3BhZ0= Subject key identifier: 66:2C:54:E8:00:C1:5E:F3:E4:56:43:12:02:85:68:1A:73:4B:C7:AF Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 13D57312D3CAF0AF045B8635277349C7EC6DB6EB Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa Signing time: Tue 18 Nov 2025 00:40:27 +0000 ROA not before: Tue 18 Nov 2025 00:40:27 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.238.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:d5:73:12:d3:ca:f0:af:04:5b:86:35:27:73:49:c7:ec:6d:b6:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:27 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=4ca6184b028daae526d9978cd06b28e49ca5bfc15ebd497bedefae790d578b42, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:2d:72:03:12:6b:10:76:f6:23:ed:03:48:56: 29:a8:fa:08:7f:90:4d:ec:42:3a:f1:32:6d:66:95: ad:f7:03:fd:d8:f2:ba:78:a0:c9:00:27:4e:ba:bd: 04:0d:ec:d4:97:96:8f:c9:c7:94:89:57:f8:ac:35: 59:b3:3d:ef:3b:80:45:f1:bc:ee:60:f4:99:63:79: e5:2b:2e:40:b7:a2:c3:52:73:ce:ff:87:96:8e:58: da:d2:46:fd:a5:c0:b2:47:98:45:2b:90:aa:e6:bd: dc:79:d4:a8:1b:fa:de:12:f2:0a:6e:af:e9:33:99: 34:21:1c:c7:d3:0f:c3:b4:41:eb:bc:d4:f3:f5:bb: c3:ba:ab:59:33:6b:0e:ef:4c:da:e5:ca:a0:c2:6d: ff:c4:39:81:23:bb:42:02:2b:34:75:7e:db:de:7f: c1:96:3c:42:9f:5a:ee:67:b8:ca:9d:d1:33:6f:96: a1:72:c0:ec:6a:ca:cf:14:36:9d:86:61:6d:36:24: 6c:4d:f7:a4:bc:b3:32:f8:b9:a4:75:ee:6b:b2:cf: 82:3e:b0:55:12:0d:2b:6b:e6:91:56:24:5d:7e:0e: 3b:cb:6c:20:95:db:c5:4b:d9:81:3a:a2:24:b4:be: b4:db:54:ba:28:1a:7b:0e:c4:28:e4:86:25:b2:d0: 24:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:2C:54:E8:00:C1:5E:F3:E4:56:43:12:02:85:68:1A:73:4B:C7:AF X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.238.0/23 Signature Algorithm: sha256WithRSAEncryption a7:c2:02:7f:26:71:60:02:21:db:a3:d3:40:a9:92:57:02:08: cd:93:8d:12:3f:f7:11:72:37:be:59:c9:ba:13:0e:db:da:17: ac:fd:23:5a:68:8f:71:bf:e5:47:3c:b3:3a:28:64:41:5e:8f: 4b:bc:ee:4a:60:51:12:b5:bb:3a:a0:18:dc:83:51:ce:1f:cf: 11:8c:43:81:e3:27:2b:66:e4:b9:b6:1b:e7:d4:2e:76:42:02: e2:06:be:54:a0:16:ed:7c:87:67:21:69:b8:70:ce:18:f9:f0: ec:e3:38:f5:a6:62:ba:db:73:55:b6:4e:2b:f0:89:07:7f:d5: bf:99:74:f2:89:ac:b8:71:0a:52:b5:28:ed:03:94:10:da:19: 96:e9:0a:00:b0:05:8b:c8:26:38:f4:34:4f:46:32:33:44:b6: 18:fa:e5:da:f3:b6:08:01:d2:2d:a5:4b:1d:32:e6:34:a7:ec: de:8e:c9:f1:47:a7:56:31:6b:ef:60:cf:2f:2d:62:f7:be:12: e1:c4:05:96:87:32:c4:12:ab:45:54:47:7d:c7:ae:02:66:cf: ca:66:72:fc:ad:6e:3a:2a:25:29:21:7c:b3:b5:cd:db:69:0c: 67:df:a9:ba:da:95:9e:91:7e:7f:3f:72:ea:af:7b:8a:03:3b: 82:b1:62:31 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUE9VzEtPK8K8EW4Y1J3NJx+xttuswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMjdaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDRjYTYxODRiMDI4ZGFhZTUyNmQ5OTc4Y2QwNmIyOGU0OWNhNWJmYzE1ZWJk NDk3YmVkZWZhZTc5MGQ1NzhiNDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOQtcgMSaxB29iPtA0hWKaj6CH+QTexCOvEybWaVrfcD/djyunigyQAnTrq9 BA3s1JeWj8nHlIlX+Kw1WbM97zuARfG87mD0mWN55SsuQLeiw1Jzzv+Hlo5Y2tJG /aXAskeYRSuQqua93HnUqBv63hLyCm6v6TOZNCEcx9MPw7RB67zU8/W7w7qrWTNr Du9M2uXKoMJt/8Q5gSO7QgIrNHV+295/wZY8Qp9a7me4yp3RM2+WoXLA7GrKzxQ2 nYZhbTYkbE33pLyzMvi5pHXua7LPgj6wVRINK2vmkVYkXX4OO8tsIJXbxUvZgTqi JLS+tNtUuigaew7EKOSGJbLQJD0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmLFTo AMFe8+RWQxIChWgac0vHrzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YzhmZDhjNDQtNzUxNC00MGU2LTkxOTgtZTBiNmUzN2I0YzY5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQ7jAN BgkqhkiG9w0BAQsFAAOCAQEAp8ICfyZxYAIh26PTQKmSVwIIzZONEj/3EXI3vlnJ uhMO29oXrP0jWmiPcb/lRzyzOihkQV6PS7zuSmBRErW7OqAY3INRzh/PEYxDgeMn K2bkubYb59QudkIC4ga+VKAW7XyHZyFpuHDOGPnw7OM49aZiuttzVbZOK/CJB3/V v5l08omsuHEKUrUo7QOUENoZlukKALAFi8gmOPQ0T0YyM0S2GPrl2vO2CAHSLaVL HTLmNKfs3o7J8UenVjFr72DPLy1i974S4cQFlocyxBKrRVRHfceuAmbPymZy/K1u OiolKSF8s7XN22kMZ9+putqVnpF+fz9y6q97igM7grFiMQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:53 2025 by rpki-client