This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json) Hash identifier: rPAvNe1BGDa8pQyZXKZka229s1lf6pf1bhoDXZ/XunM= Subject key identifier: 2D:68:B5:D8:70:CC:6C:80:9B:21:78:F6:71:3B:79:5D:B4:FB:2C:6D Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 327D76E2F75CF215EC5BD37B5D0F1619CC7A7D93 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa Signing time: Sat 15 Nov 2025 06:50:45 +0000 ROA not before: Sat 15 Nov 2025 06:50:45 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.202.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:7d:76:e2:f7:5c:f2:15:ec:5b:d3:7b:5d:0f:16:19:cc:7a:7d:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:45 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=233e0bd94f29a1a1af7f667a16026e261c963e0f6323e0085b47e3c02c1f84c1, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f2:83:98:fd:94:08:01:c5:35:8c:50:99:f7: f1:d3:c9:2d:e0:1b:f7:d9:c6:14:eb:07:1c:a3:51: 72:a1:ce:5e:55:bc:76:54:d2:54:3f:2f:a2:00:e9: 95:f6:f5:d0:7e:9b:78:d4:d1:6a:ee:dd:7f:7e:16: 5f:4b:bd:c0:f8:0f:c3:66:f1:98:71:71:f6:a7:5b: e5:5d:80:3a:2a:ea:32:34:6f:78:4b:bd:ab:fc:ed: e2:75:69:14:33:6d:20:98:4d:b4:59:c6:d4:00:94: a6:06:cf:7c:93:fb:35:5a:5f:d1:a5:f8:e5:b1:8e: 4e:a6:52:b8:d2:43:ec:58:32:f0:dd:41:e3:27:88: e4:51:cf:46:1c:e8:1e:7c:fb:eb:e6:f0:cd:c4:df: 86:0e:db:e8:12:28:fe:bd:7d:01:ee:f6:7f:5e:ff: 3a:9c:36:6a:3b:c4:54:9c:85:be:da:8b:17:b1:bc: 78:42:ef:ce:b5:57:6c:ba:9f:25:83:93:8d:70:1e: 9d:c7:fb:bf:b6:20:b7:d5:5c:f0:c4:27:2a:df:a9: 84:25:0b:bf:af:b9:66:52:37:45:74:81:f0:e0:ac: 3a:28:95:45:d7:eb:87:3d:d2:9a:fd:49:27:08:7f: 66:65:26:e3:31:1c:4b:62:5b:ef:0e:b9:2a:b7:b9: b5:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:68:B5:D8:70:CC:6C:80:9B:21:78:F6:71:3B:79:5D:B4:FB:2C:6D X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.202.0.0/15 Signature Algorithm: sha256WithRSAEncryption cb:bc:ec:f8:ff:8b:34:83:40:39:ca:6d:e3:ef:96:61:bb:e8: d5:39:62:5c:04:f4:52:b6:c2:a7:96:e6:bd:8e:b6:48:44:8a: 5d:06:d7:be:a3:49:e6:ef:37:f9:bf:c0:79:6c:df:c7:54:77: b9:fa:82:99:4b:d3:73:c8:92:d3:7d:d3:6b:c2:14:9a:db:e9: 02:d8:cf:59:23:18:98:02:50:f9:a6:9a:89:e2:60:4e:66:e6: 1a:79:53:4b:07:00:7f:26:f2:a1:0b:ad:9f:31:ac:5e:b9:2b: 4a:5d:38:7d:5e:62:8f:57:b8:27:26:82:c3:10:86:77:33:8b: ee:bf:e8:fb:be:a8:30:78:53:db:ca:53:71:63:48:44:6a:90: e0:f0:d5:0e:28:55:e3:c9:d3:70:63:82:77:cb:d2:c9:fd:23: 97:82:2a:e4:ae:eb:32:97:8e:f1:9c:34:54:86:1b:0a:29:83: a0:01:e0:13:57:32:d9:59:75:11:a9:11:76:7d:50:73:f6:2e: 88:57:fa:e5:f1:12:54:a9:29:0d:67:4a:b0:4d:59:61:0e:8e: de:7e:ef:f9:2b:8b:60:cb:a4:62:f2:4b:55:b8:66:8d:5d:99: 7f:d2:93:57:97:5f:48:5d:da:6c:0b:6e:fd:da:51:dd:36:e1: 3c:18:35:ef -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUMn124vdc8hXsW9N7XQ8WGcx6fZMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDIzM2UwYmQ5NGYyOWExYTFhZjdmNjY3YTE2MDI2ZTI2MWM5NjNlMGY2MzIz ZTAwODViNDdlM2MwMmMxZjg0YzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3yg5j9lAgBxTWMUJn38dPJLeAb99nGFOsHHKNRcqHOXlW8dlTSVD8vogDp lfb10H6beNTRau7df34WX0u9wPgPw2bxmHFx9qdb5V2AOirqMjRveEu9q/zt4nVp FDNtIJhNtFnG1ACUpgbPfJP7NVpf0aX45bGOTqZSuNJD7Fgy8N1B4yeI5FHPRhzo Hnz76+bwzcTfhg7b6BIo/r19Ae72f17/Opw2ajvEVJyFvtqLF7G8eELvzrVXbLqf JYOTjXAencf7v7Ygt9Vc8MQnKt+phCULv6+5ZlI3RXSB8OCsOiiVRdfrhz3Smv1J Jwh/ZmUm4zEcS2Jb7w65Kre5tX8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQtaLXY cMxsgJshePZxO3ldtPssbTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G CSqGSIb3DQEBCwUAA4IBAQDLvOz4/4s0g0A5ym3j75Zhu+jVOWJcBPRStsKnlua9 jrZIRIpdBte+o0nm7zf5v8B5bN/HVHe5+oKZS9NzyJLTfdNrwhSa2+kC2M9ZIxiY AlD5ppqJ4mBOZuYaeVNLBwB/JvKhC62fMaxeuStKXTh9XmKPV7gnJoLDEIZ3M4vu v+j7vqgweFPbylNxY0hEapDg8NUOKFXjydNwY4J3y9LJ/SOXgirkrusyl47xnDRU hhsKKYOgAeATVzLZWXURqRF2fVBz9i6IV/rl8RJUqSkNZ0qwTVlhDo7efu/5K4tg y6Ri8ktVuGaNXZl/0pNXl19IXdpsC2792lHdNuE8GDXv -----END CERTIFICATE-----Generated at Sat Dec 6 12:57:33 2025 by rpki-client