This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa File: 4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa (raw, json) Hash identifier: 7eyPMciaS5qeAz2Blc0/zbxWDyuL9C7s6Bkftg0poMI= Subject key identifier: 0D:A5:3B:A9:65:F2:A8:10:F7:71:3B:2A:6D:1C:37:BE:13:30:C5:DE Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 199FDBBBAA7E8D05F75CEED942E63B44A3D2E5F6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa Signing time: Sat 15 Nov 2025 06:50:34 +0000 ROA not before: Sat 15 Nov 2025 06:50:34 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 51.164.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:9f:db:bb:aa:7e:8d:05:f7:5c:ee:d9:42:e6:3b:44:a3:d2:e5:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Nov 15 06:50:34 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=13e4d41eebd3ed6928c55c5019b30b69b289fb313c210e623329dc9a6fc6de7a, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:69:4c:4e:4e:59:1e:9a:f5:39:6a:8c:01:54: f5:4c:da:d0:a2:45:db:30:5b:25:0f:2f:54:cc:d7: 20:21:0c:0c:2c:ab:de:63:b5:6e:b8:3b:35:4d:c5: d9:57:ca:79:5e:14:06:21:65:79:a5:dd:69:6e:4f: e5:46:54:cd:a4:7c:89:64:1f:9a:60:fc:f7:bf:5d: df:1b:c3:c7:e8:cb:bc:38:67:b5:12:02:23:a3:0d: 9a:5b:db:0d:11:55:c6:bd:7a:bf:fe:e2:c1:70:e1: 81:e5:87:39:71:cc:e3:51:1b:7f:37:0a:25:cc:0e: 2b:f6:16:ba:a6:b6:b1:56:a4:05:79:7f:1b:7c:0f: 94:73:c7:7b:41:5e:2a:fe:33:13:9d:f0:3a:d9:35: cb:db:a6:28:e9:4e:fd:5a:f9:d6:d3:c8:63:67:f8: 0f:d8:f5:d2:46:1a:3a:a4:71:3b:5f:ef:be:14:b5: 0a:0e:41:83:b8:4c:15:47:01:90:f3:50:f4:90:fa: db:d6:3c:87:c7:4c:9a:cb:b9:17:c5:eb:e7:f9:65: 8d:65:27:36:a9:08:8a:71:74:72:9f:c5:96:28:54: ea:2a:2c:1b:6e:91:c8:56:d5:bc:4a:06:83:22:3c: 87:9a:7c:57:01:f8:e9:0a:05:69:5a:58:cd:35:02: aa:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:A5:3B:A9:65:F2:A8:10:F7:71:3B:2A:6D:1C:37:BE:13:30:C5:DE X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eaaf9aa-bbc4-42a5-9ead-7164e7953aee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.164.0.0/15 Signature Algorithm: sha256WithRSAEncryption 70:62:e7:ca:82:99:12:5d:da:ef:5a:8e:db:1c:e4:57:ec:45: 52:50:b8:96:e5:4e:0e:5c:ed:6c:1f:e5:01:5f:f6:79:75:e7: 45:a8:40:18:e5:52:93:1c:d8:3f:3b:b4:99:f6:75:b1:ef:93: e5:73:12:94:9b:9d:11:76:b6:2b:f3:a5:df:0a:85:db:dc:23: b2:34:c7:50:e3:b6:a1:9a:1e:29:d8:44:46:f4:07:05:50:ca: 94:bc:98:ff:06:de:50:93:6f:40:92:94:2e:24:9d:19:af:a5: 07:7f:ff:60:f2:aa:85:76:07:cf:3c:77:0a:7e:d5:be:a2:6e: e6:6f:e6:e7:3c:8a:cd:fa:b7:b3:e0:b7:06:ff:c4:18:99:7a: c0:dd:11:39:ac:45:71:95:cf:f7:ce:c4:98:44:67:99:30:29: 03:05:cb:7c:2b:7c:d3:bc:55:70:2c:8c:42:73:ca:2f:0c:1b: d2:5c:53:c3:19:3b:1f:8c:b5:97:ce:8c:dd:15:38:bc:13:3a: a5:8b:45:ab:fa:0d:21:dd:80:44:9b:5e:f2:a8:a0:3f:22:a9: 8a:9b:c3:0b:c9:bc:da:fd:31:3a:85:a5:c7:9c:c6:54:ac:6f: 68:46:f7:f6:b4:46:8f:05:23:77:b0:3f:25:6b:b2:7d:3c:b6: b8:69:8d:83 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUGZ/bu6p+jQX3XO7ZQuY7RKPS5fYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTExMTUwNjUwMzRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDEzZTRkNDFlZWJkM2VkNjkyOGM1NWM1MDE5YjMwYjY5YjI4OWZiMzEzYzIx MGU2MjMzMjlkYzlhNmZjNmRlN2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI9pTE5OWR6a9TlqjAFU9Uza0KJF2zBbJQ8vVMzXICEMDCyr3mO1brg7NU3F 2VfKeV4UBiFleaXdaW5P5UZUzaR8iWQfmmD8979d3xvDx+jLvDhntRICI6MNmlvb DRFVxr16v/7iwXDhgeWHOXHM41EbfzcKJcwOK/YWuqa2sVakBXl/G3wPlHPHe0Fe Kv4zE53wOtk1y9umKOlO/Vr51tPIY2f4D9j10kYaOqRxO1/vvhS1Cg5Bg7hMFUcB kPNQ9JD629Y8h8dMmsu5F8Xr5/lljWUnNqkIinF0cp/FlihU6iosG26RyFbVvEoG gyI8h5p8VwH46QoFaVpYzTUCqn8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNpTup ZfKoEPdxOyptHDe+EzDF3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NGVhYWY5YWEtYmJjNC00MmE1LTllYWQtNzE2NGU3OTUzYWVlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G CSqGSIb3DQEBCwUAA4IBAQBwYufKgpkSXdrvWo7bHORX7EVSULiW5U4OXO1sH+UB X/Z5dedFqEAY5VKTHNg/O7SZ9nWx75PlcxKUm50RdrYr86XfCoXb3COyNMdQ47ah mh4p2ERG9AcFUMqUvJj/Bt5Qk29AkpQuJJ0Zr6UHf/9g8qqFdgfPPHcKftW+om7m b+bnPIrN+rez4LcG/8QYmXrA3RE5rEVxlc/3zsSYRGeZMCkDBct8K3zTvFVwLIxC c8ovDBvSXFPDGTsfjLWXzozdFTi8Ezqli0Wr+g0h3YBEm17yqKA/IqmKm8MLybza /TE6haXHnMZUrG9oRvf2tEaPBSN3sD8la7J9PLa4aY2D -----END CERTIFICATE-----Generated at Sat Nov 22 21:32:50 2025 by rpki-client