This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa File: f060e190-89f7-4009-9831-b2d429343b80.roa (raw, json) Hash identifier: 87tgpjeNNef2juaN5UGH7/XXBoTiAyL0AxO+4V2XI5I= Subject key identifier: C8:22:32:7C:B9:ED:78:33:09:B7:6D:C6:D2:C0:81:EB:EF:B7:DD:B1 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 3464D16C70A47BDEA5E5898F0933F5A5CE715881 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa Signing time: Tue 18 Nov 2025 00:40:10 +0000 ROA not before: Tue 18 Nov 2025 00:40:10 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:64:d1:6c:70:a4:7b:de:a5:e5:89:8f:09:33:f5:a5:ce:71:58:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:10 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=6c9d82366c12a36b2e90ce9b59c0996b6e3118cffe172247c5da034f325f66be, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:e8:65:61:83:7f:12:cc:00:fc:bb:84:24:79: 79:12:f7:67:02:76:0f:89:c8:d6:8b:3e:a5:03:65: 4d:0f:7f:0e:a8:95:2f:0e:6c:49:81:26:d7:37:91: 08:e0:29:15:57:5e:a7:af:be:3b:8c:60:1d:f0:b7: 7f:d8:a5:c1:bb:ac:5f:43:33:af:38:2b:4f:37:e0: 8c:0c:96:82:b9:ae:99:61:46:3f:cc:d9:e3:2b:13: b8:70:3f:49:29:25:23:bf:0a:15:33:b7:6c:83:82: d6:e4:d2:52:f9:61:42:da:c2:47:c4:3a:d2:6d:bc: 74:6b:ad:92:54:79:64:74:4d:4d:55:59:9a:22:1f: 2b:dd:75:5b:f7:9c:58:33:51:6c:d6:f7:bd:9f:4b: a4:0e:c0:da:4b:5e:1d:1c:29:ff:34:6e:9c:59:21: 72:c4:43:a6:96:49:9d:57:03:0f:e5:93:55:a6:a1: 13:69:92:65:40:d5:e4:ca:61:0d:b3:6c:77:38:68: cc:f7:38:e4:e6:ec:ff:44:33:84:3f:57:a5:5e:a6: c1:a8:a8:9a:02:3c:2b:b2:cb:a6:ad:35:1a:2a:cf: 5d:2b:83:f9:be:44:f6:62:06:3a:bd:4f:78:af:5e: dc:0f:45:7b:e0:cf:00:4c:70:bb:ba:de:4c:bf:08: b3:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:22:32:7C:B9:ED:78:33:09:B7:6D:C6:D2:C0:81:EB:EF:B7:DD:B1 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.0.0/15 Signature Algorithm: sha256WithRSAEncryption 2a:4f:ac:51:24:e9:7f:c5:ef:a6:25:8b:d8:2d:9a:42:0a:9d: 01:a1:ff:1d:4c:66:14:80:32:44:63:49:85:ce:bc:b9:26:94: 60:f9:d2:e0:a4:23:8f:67:d8:50:26:57:b9:26:58:19:d2:c6: d1:36:78:54:f6:3f:56:81:aa:5c:c3:33:42:7f:34:24:d0:20: be:96:4d:3d:18:9d:0b:20:22:f1:52:94:d9:a3:11:0c:23:9f: ea:f7:ad:eb:36:42:fc:81:24:86:32:44:1c:2d:db:9f:8b:c6: d1:b6:a0:c7:e0:4a:bc:2c:f6:ff:d8:f9:82:10:05:8f:d9:24: 3c:bb:6c:28:32:ce:76:9f:17:1a:fd:52:a2:48:7e:50:33:79: 31:12:e3:f5:b6:7a:79:34:a9:ba:57:f1:85:97:df:45:99:38: 88:60:d2:9a:8a:8b:9f:7f:11:a6:68:0d:fa:69:2d:9d:16:5e: ab:9d:6d:73:6f:94:2b:13:1c:7f:fe:82:1f:f5:90:cf:1b:a7: 31:00:8f:75:79:00:07:ab:ba:e6:b7:c6:21:95:53:23:5c:62: e4:10:24:3e:a0:89:04:a9:eb:1a:ca:b1:e8:cd:17:60:26:74: dc:53:87:7e:ea:82:d8:4f:3b:ce:e8:93:ec:7e:ac:26:86:ea: 88:c4:fd:a0 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUNGTRbHCke96l5YmPCTP1pc5xWIEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMTBaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDZjOWQ4MjM2NmMxMmEzNmIyZTkwY2U5YjU5YzA5OTZiNmUzMTE4Y2ZmZTE3 MjI0N2M1ZGEwMzRmMzI1ZjY2YmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJzoZWGDfxLMAPy7hCR5eRL3ZwJ2D4nI1os+pQNlTQ9/DqiVLw5sSYEm1zeR COApFVdep6++O4xgHfC3f9ilwbusX0MzrzgrTzfgjAyWgrmumWFGP8zZ4ysTuHA/ SSklI78KFTO3bIOC1uTSUvlhQtrCR8Q60m28dGutklR5ZHRNTVVZmiIfK911W/ec WDNRbNb3vZ9LpA7A2kteHRwp/zRunFkhcsRDppZJnVcDD+WTVaahE2mSZUDV5Mph DbNsdzhozPc45Obs/0QzhD9XpV6mwaiomgI8K7LLpq01GirPXSuD+b5E9mIGOr1P eK9e3A9Fe+DPAExwu7reTL8Is2UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTIIjJ8 ue14Mwm3bcbSwIHr77fdsTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZjA2MGUxOTAtODlmNy00MDA5LTk4MzEtYjJkNDI5MzQzYjgwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G CSqGSIb3DQEBCwUAA4IBAQAqT6xRJOl/xe+mJYvYLZpCCp0Bof8dTGYUgDJEY0mF zry5JpRg+dLgpCOPZ9hQJle5JlgZ0sbRNnhU9j9WgapcwzNCfzQk0CC+lk09GJ0L ICLxUpTZoxEMI5/q963rNkL8gSSGMkQcLdufi8bRtqDH4Eq8LPb/2PmCEAWP2SQ8 u2woMs52nxca/VKiSH5QM3kxEuP1tnp5NKm6V/GFl99FmTiIYNKaiouffxGmaA36 aS2dFl6rnW1zb5QrExx//oIf9ZDPG6cxAI91eQAHq7rmt8YhlVMjXGLkECQ+oIkE qesayrHozRdgJnTcU4d+6oLYTzvO6JPsfqwmhuqIxP2g -----END CERTIFICATE-----Generated at Sat Dec 6 11:00:09 2025 by rpki-client