This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json) Hash identifier: MKbyzdQdu8em09MYWoJ/Zxhn0iPCfizivKABkk0EvaA= Subject key identifier: 25:AF:70:F4:A7:AA:AD:75:1C:F4:AA:B5:45:DA:E5:15:5E:5D:A5:CC Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 31F8A7E063A0A89FFC665D68CAE56B6534CB0DB6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa Signing time: Sat 15 Nov 2025 06:50:46 +0000 ROA not before: Sat 15 Nov 2025 06:50:46 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 51.192.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 01:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:f8:a7:e0:63:a0:a8:9f:fc:66:5d:68:ca:e5:6b:65:34:cb:0d:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:46 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5caf986e505a6a6a5cf933a8186053d04a602366bd86fff055b785a7589c0cc3, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:14:7d:ca:18:6f:31:97:23:54:bc:ea:a9:be: 1d:97:05:07:d1:96:3a:8f:89:64:42:a1:db:da:aa: 9d:00:c0:45:a6:55:aa:10:fd:cd:17:2b:03:22:e8: 3d:a2:7a:8c:33:76:68:a4:be:f0:5f:9e:b1:ce:6a: 57:28:9c:3b:a8:a7:20:a4:63:49:d5:89:39:c4:c7: 4f:10:e4:0f:5e:ef:5e:08:d8:2a:4f:fe:16:04:47: ca:f9:aa:10:20:80:0c:97:49:d5:43:f9:4c:50:ea: 39:b2:42:ba:fb:82:f3:1b:2e:bd:52:d7:f7:d6:0c: 6b:7d:a0:d8:fe:de:ca:3e:8f:47:dd:0c:cb:d7:85: 88:54:41:7f:71:b8:d1:a5:45:43:3d:d1:0d:87:ca: 00:c9:a9:a9:d4:20:0f:67:8e:ae:d2:0d:6f:c2:48: 24:ff:7c:ff:5d:f7:b0:01:5c:75:ad:5e:2b:fa:d7: 46:0d:06:b0:96:c9:19:e4:d9:d6:1f:cd:7a:6c:d1: 36:ee:0b:8c:20:30:0b:6a:c4:d8:da:02:4a:d7:c0: 9a:5f:77:f3:f8:af:a3:e2:46:82:c7:4e:04:70:cc: 5a:dd:78:02:c6:f1:07:69:c9:c3:0b:b7:5d:53:b6: 3d:1e:f0:eb:26:9c:5f:43:a8:c1:49:1e:11:91:26: 16:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:AF:70:F4:A7:AA:AD:75:1C:F4:AA:B5:45:DA:E5:15:5E:5D:A5:CC X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.192.0.0/15 Signature Algorithm: sha256WithRSAEncryption 85:b6:2a:bc:e3:27:52:16:0a:e4:5c:20:ae:cf:d4:17:ce:33: f1:ae:7c:e0:da:58:70:60:7f:c7:91:5c:91:74:a7:ae:25:be: fc:ab:66:a6:81:7a:83:94:a2:bc:74:44:88:1f:a8:78:17:79: 5d:5f:38:26:63:93:bf:98:4c:af:05:73:e5:8c:de:e0:a6:59: b0:97:cc:03:aa:9e:54:d9:1b:9d:cb:40:7f:61:6e:d2:e9:a0: 2f:96:40:5c:ca:68:d3:dc:ed:50:39:2c:41:59:50:0f:9e:fa: 05:a0:55:0a:bd:7b:81:fb:68:0c:bb:08:25:22:f1:d3:ad:c9: a0:82:af:b3:ea:63:fd:b0:06:7c:eb:bd:5a:2f:09:4f:f2:e2: 5a:7a:0c:55:07:de:9a:0b:8d:d4:07:03:85:f3:21:06:87:8c: e0:a5:ee:82:33:4a:4a:8f:a9:86:7d:c8:bd:d8:4a:89:c6:bf: a5:60:a7:30:b6:a4:fb:cb:6c:f5:b8:0b:61:6e:05:fd:36:b7: e8:3e:c2:82:18:c9:53:64:d3:50:4e:0b:66:64:4c:e5:54:4f: 24:6b:35:4a:04:e4:41:cc:91:ef:37:e0:bb:d6:17:83:9b:b6: 70:3d:4f:5d:02:3d:83:fc:e2:8e:e0:cf:43:7d:68:46:c3:de: fd:e3:14:cb -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUMfin4GOgqJ/8Zl1oyuVrZTTLDbYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwNDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVjYWY5ODZlNTA1YTZhNmE1Y2Y5MzNhODE4NjA1M2QwNGE2MDIzNjZiZDg2 ZmZmMDU1Yjc4NWE3NTg5YzBjYzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMoUfcoYbzGXI1S86qm+HZcFB9GWOo+JZEKh29qqnQDARaZVqhD9zRcrAyLo PaJ6jDN2aKS+8F+esc5qVyicO6inIKRjSdWJOcTHTxDkD17vXgjYKk/+FgRHyvmq ECCADJdJ1UP5TFDqObJCuvuC8xsuvVLX99YMa32g2P7eyj6PR90My9eFiFRBf3G4 0aVFQz3RDYfKAMmpqdQgD2eOrtINb8JIJP98/133sAFcda1eK/rXRg0GsJbJGeTZ 1h/NemzRNu4LjCAwC2rE2NoCStfAml938/ivo+JGgsdOBHDMWt14AsbxB2nJwwu3 XVO2PR7w6yacX0OowUkeEZEmFgECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQlr3D0 p6qtdRz0qrVF2uUVXl2lzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G CSqGSIb3DQEBCwUAA4IBAQCFtiq84ydSFgrkXCCuz9QXzjPxrnzg2lhwYH/HkVyR dKeuJb78q2amgXqDlKK8dESIH6h4F3ldXzgmY5O/mEyvBXPljN7gplmwl8wDqp5U 2Rudy0B/YW7S6aAvlkBcymjT3O1QOSxBWVAPnvoFoFUKvXuB+2gMuwglIvHTrcmg gq+z6mP9sAZ8671aLwlP8uJaegxVB96aC43UBwOF8yEGh4zgpe6CM0pKj6mGfci9 2EqJxr+lYKcwtqT7y2z1uAthbgX9NrfoPsKCGMlTZNNQTgtmZEzlVE8kazVKBORB zJHvN+C71heDm7ZwPU9dAj2D/OKO4M9DfWhGw9794xTL -----END CERTIFICATE-----Generated at Sat Nov 22 08:48:57 2025 by rpki-client