This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json) Hash identifier: ezC2Lg6M3PZkki5xjWYLj2vZfoo5TFY5udvb8puRDF4= Subject key identifier: 77:86:70:93:89:6E:8E:25:71:58:42:6D:C4:46:BE:73:92:A9:65:36 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 2822D81CE2B31FB7EA7D605F1B1036749903895F Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa Signing time: Sat 15 Nov 2025 06:40:57 +0000 ROA not before: Sat 15 Nov 2025 06:40:57 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.228.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:22:d8:1c:e2:b3:1f:b7:ea:7d:60:5f:1b:10:36:74:99:03:89:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:40:57 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=70489b28fa484eaa8cd4029badf9f849889a11f4b552d67c5e6e1193a2f8ac08, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a2:eb:8c:04:c1:b8:19:11:a3:0c:54:05:4b: 88:44:e2:aa:7f:a2:f9:98:73:99:b9:36:31:2b:fe: be:b4:c6:f6:6c:a3:bb:e2:bd:e5:69:a4:4e:36:f1: 97:2f:15:36:e2:e5:13:58:80:b3:76:20:eb:f7:f7: 26:b1:06:29:c1:09:dd:4b:8d:4a:78:c4:ee:1f:e6: d1:24:dc:bd:e4:17:e3:7f:9f:9a:0c:0d:64:54:de: b6:4b:13:5a:d3:94:f7:9c:b4:09:fd:ff:d4:55:c6: 3b:e4:a5:62:7a:f0:53:70:a2:e8:8b:fb:44:bc:70: 69:ba:8c:68:48:20:fc:d6:b2:f7:06:6e:90:49:d9: 41:55:a4:a2:27:9c:65:81:d3:e4:dd:35:66:af:7e: fc:4b:43:0c:24:1d:df:c9:ee:80:3d:0f:df:88:50: ae:5e:98:bb:18:4f:c6:5f:d5:70:00:2d:c9:5c:7e: 08:32:15:73:11:cd:ec:cd:11:e2:fb:0b:b0:9a:94: fe:a5:56:18:2b:cc:a5:a6:af:ef:33:c5:c5:d5:29: 29:21:8c:52:ae:95:25:fb:d1:8c:ae:75:4d:93:b9: c3:1d:8b:cd:51:76:4b:ca:71:ab:0c:a4:7d:3b:d0: 45:c7:da:20:61:a1:84:ba:b0:f0:da:7c:6c:3b:ef: 47:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:86:70:93:89:6E:8E:25:71:58:42:6D:C4:46:BE:73:92:A9:65:36 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.228.0.0/15 Signature Algorithm: sha256WithRSAEncryption 45:cf:d8:aa:22:6b:20:86:9b:a3:98:5e:a2:2d:c0:60:62:a0: 84:d6:ee:af:fd:b3:fc:b8:b6:e1:90:7a:bf:e8:c1:6c:37:3f: 96:cd:82:9c:de:1f:13:a8:aa:94:9a:26:18:1b:8f:ba:68:18: d8:12:89:d1:e5:48:fd:6d:28:d6:ae:64:6e:ba:d5:06:26:38: 30:08:ce:69:62:35:45:bf:ef:02:88:b0:fa:19:9d:cf:47:e3: 26:41:61:a6:c7:a2:1f:15:2f:f6:85:77:c5:6b:a4:46:7c:48: 27:8a:34:9e:c1:58:d4:29:29:4f:b6:e5:31:a8:46:28:5b:7e: 62:3e:87:a6:f1:49:a8:5e:f4:cc:5c:54:6e:98:cd:28:dc:61: 56:90:be:92:bb:13:d8:a6:69:cd:fe:c0:35:8c:a9:55:8d:6b: 2a:54:c8:c4:e7:b9:2e:a2:3a:fc:d9:02:a8:00:1d:9c:2e:33: 8a:1d:04:b7:56:5f:75:0e:93:e5:78:52:cc:d2:2d:42:9b:ed: 34:89:90:ad:94:b4:a3:9a:e8:53:b2:9c:8d:3c:20:89:4b:fb: 28:cb:47:b9:62:05:65:1d:b6:e1:06:ef:0b:f6:9d:aa:25:81: f2:2d:c2:94:c6:76:43:83:55:2b:33:2c:84:90:ac:41:92:38: 7b:f2:df:29 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUKCLYHOKzH7fqfWBfGxA2dJkDiV8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjQwNTdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDcwNDg5YjI4ZmE0ODRlYWE4Y2Q0MDI5YmFkZjlmODQ5ODg5YTExZjRiNTUy ZDY3YzVlNmUxMTkzYTJmOGFjMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6i64wEwbgZEaMMVAVLiETiqn+i+Zhzmbk2MSv+vrTG9myju+K95WmkTjbx ly8VNuLlE1iAs3Yg6/f3JrEGKcEJ3UuNSnjE7h/m0STcveQX43+fmgwNZFTetksT WtOU95y0Cf3/1FXGO+SlYnrwU3Ci6Iv7RLxwabqMaEgg/Nay9wZukEnZQVWkoiec ZYHT5N01Zq9+/EtDDCQd38nugD0P34hQrl6YuxhPxl/VcAAtyVx+CDIVcxHN7M0R 4vsLsJqU/qVWGCvMpaav7zPFxdUpKSGMUq6VJfvRjK51TZO5wx2LzVF2S8pxqwyk fTvQRcfaIGGhhLqw8Np8bDvvR/sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR3hnCT iW6OJXFYQm3ERr5zkqllNjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G CSqGSIb3DQEBCwUAA4IBAQBFz9iqImsghpujmF6iLcBgYqCE1u6v/bP8uLbhkHq/ 6MFsNz+WzYKc3h8TqKqUmiYYG4+6aBjYEonR5Uj9bSjWrmRuutUGJjgwCM5pYjVF v+8CiLD6GZ3PR+MmQWGmx6IfFS/2hXfFa6RGfEgnijSewVjUKSlPtuUxqEYoW35i Poem8UmoXvTMXFRumM0o3GFWkL6SuxPYpmnN/sA1jKlVjWsqVMjE57kuojr82QKo AB2cLjOKHQS3Vl91DpPleFLM0i1Cm+00iZCtlLSjmuhTspyNPCCJS/soy0e5YgVl HbbhBu8L9p2qJYHyLcKUxnZDg1UrMyyEkKxBkjh78t8p -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:47 2025 by rpki-client