This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa File: 2229ee03-08c0-4c87-acab-bbf5abf49264.roa (raw, json) Hash identifier: bvdmNjFV/ysZPFQmFfCF09iivtX5qdhhD9va2/oF2Q0= Subject key identifier: 61:13:5F:4F:1E:AE:1D:75:DB:80:FA:5A:9E:EF:49:C4:82:84:BA:6B Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1CC254C3E683B79617DB18416992A5D4E2E56609 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa Signing time: Tue 18 Nov 2025 00:40:06 +0000 ROA not before: Tue 18 Nov 2025 00:40:06 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.86.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:c2:54:c3:e6:83:b7:96:17:db:18:41:69:92:a5:d4:e2:e5:66:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 18 00:40:06 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=56e5c26f1ea0086ed506d109b07cc4c0ec803f8365d0efe1e1845813ee22089f, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:cd:3a:ca:9b:ed:4f:ec:78:08:98:cb:03:be: 73:33:22:8c:f7:66:e6:45:c9:4b:f2:d5:30:bf:d5: 90:55:13:0b:84:21:07:ac:5f:ee:71:bf:2f:c2:fa: 86:e9:b1:34:7c:95:65:0a:ed:4f:02:9d:d3:c4:d1: 30:16:08:6d:f3:12:02:b0:b0:39:1a:88:01:e3:ad: c3:ad:92:95:92:8c:d8:26:62:1a:72:d4:b2:13:30: a1:6c:71:f1:d9:6c:f8:3c:3e:6e:d9:d1:f6:f0:61: 42:99:74:68:43:8d:70:08:07:94:f4:2a:9a:aa:98: 76:0b:5f:30:1d:0d:02:7e:2c:4b:1c:a2:6c:4f:1f: dd:59:5d:1a:47:55:d4:4f:53:d6:e5:0d:dd:1a:51: 30:b9:2d:ac:3d:2f:77:34:c4:38:00:9c:ae:30:13: 56:8f:87:28:41:e4:a8:eb:f0:84:62:9d:3a:a9:8c: 07:3a:e8:dd:7e:79:7c:f7:45:ef:c2:13:c7:70:4c: d4:d4:d0:1d:9a:35:a0:ca:18:b2:31:a6:c3:00:53: 48:8c:02:ea:93:f4:c2:dd:88:d5:57:e6:90:13:2d: 6a:51:60:51:29:5c:51:b2:d2:9b:3f:17:77:2f:f5: 61:f2:51:9a:b1:85:58:4d:36:b9:13:6e:6f:1a:99: 52:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:13:5F:4F:1E:AE:1D:75:DB:80:FA:5A:9E:EF:49:C4:82:84:BA:6B X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.86.0.0/15 Signature Algorithm: sha256WithRSAEncryption c5:b1:95:02:ed:5a:68:db:8d:26:73:80:0b:f8:8e:2c:bc:bc: 14:e5:b3:ef:0d:cc:a1:61:9d:24:19:db:ce:df:4e:3a:36:27: 67:45:5b:38:f1:12:76:a9:2e:5b:1f:59:36:b8:a5:a3:ad:14: 55:8f:1b:90:1c:f5:0c:4b:0d:18:0c:a1:50:5f:12:24:2b:5f: 25:2d:db:f7:ce:3c:a4:1f:dd:f1:20:6a:a2:a0:41:51:35:d6: 52:24:ac:12:40:c7:d6:15:ad:6f:2b:5d:42:9a:32:35:c5:7e: 4a:30:b2:e3:e0:67:93:77:45:dc:9e:87:1d:79:c2:34:65:50: 84:fc:68:d3:15:65:fa:dd:b6:3a:a3:a2:04:f6:d8:b2:bf:da: 1b:26:46:a9:e4:a1:1b:41:9c:05:8d:11:0a:d6:66:90:f4:f3: 20:9e:7f:98:40:b8:75:3b:d8:6a:cc:48:0f:f3:99:00:c7:4d: c2:22:75:60:b3:ec:54:6e:9f:18:04:ea:a1:c9:e1:1a:ea:26: e1:1a:64:22:fc:93:25:99:0f:f8:e4:9e:ae:ed:6e:df:e7:e5: e2:24:da:90:73:1a:a5:11:7d:c0:2d:8b:0c:cc:d2:1f:14:d1: 35:03:5c:76:d0:4a:a6:3b:a4:51:17:83:f3:bc:bb:ae:73:e4: 6f:61:65:86 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUHMJUw+aDt5YX2xhBaZKl1OLlZgkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTgwMDQwMDZaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDU2ZTVjMjZmMWVhMDA4NmVkNTA2ZDEwOWIwN2NjNGMwZWM4MDNmODM2NWQw ZWZlMWUxODQ1ODEzZWUyMjA4OWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3NOsqb7U/seAiYywO+czMijPdm5kXJS/LVML/VkFUTC4QhB6xf7nG/L8L6 humxNHyVZQrtTwKd08TRMBYIbfMSArCwORqIAeOtw62SlZKM2CZiGnLUshMwoWxx 8dls+Dw+btnR9vBhQpl0aEONcAgHlPQqmqqYdgtfMB0NAn4sSxyibE8f3VldGkdV 1E9T1uUN3RpRMLktrD0vdzTEOACcrjATVo+HKEHkqOvwhGKdOqmMBzro3X55fPdF 78ITx3BM1NTQHZo1oMoYsjGmwwBTSIwC6pP0wt2I1VfmkBMtalFgUSlcUbLSmz8X dy/1YfJRmrGFWE02uRNubxqZUocCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhE19P Hq4ddduA+lqe70nEgoS6azAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MjIyOWVlMDMtMDhjMC00Yzg3LWFjYWItYmJmNWFiZjQ5MjY0LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G CSqGSIb3DQEBCwUAA4IBAQDFsZUC7Vpo240mc4AL+I4svLwU5bPvDcyhYZ0kGdvO 3046NidnRVs48RJ2qS5bH1k2uKWjrRRVjxuQHPUMSw0YDKFQXxIkK18lLdv3zjyk H93xIGqioEFRNdZSJKwSQMfWFa1vK11CmjI1xX5KMLLj4GeTd0XcnocdecI0ZVCE /GjTFWX63bY6o6IE9tiyv9obJkap5KEbQZwFjREK1maQ9PMgnn+YQLh1O9hqzEgP 85kAx03CInVgs+xUbp8YBOqhyeEa6ibhGmQi/JMlmQ/45J6u7W7f5+XiJNqQcxql EX3ALYsMzNIfFNE1A1x20EqmO6RRF4PzvLuuc+RvYWWG -----END CERTIFICATE-----Generated at Sat Nov 22 21:37:23 2025 by rpki-client