This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json) Hash identifier: 5/V7LsRgbUuLOXLP9WWdi5d8zSiCJi0dgdVjA55JbgM= Subject key identifier: 2D:AB:A1:BC:C3:13:E9:CF:BF:5C:26:AC:D1:DE:A9:14:4E:CC:C4:29 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 6195932E71CAA29C6EB9B561BE92089CE905D2D2 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa Signing time: Wed 10 Dec 2025 06:40:37 +0000 ROA not before: Wed 10 Dec 2025 06:40:37 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.69.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:95:93:2e:71:ca:a2:9c:6e:b9:b5:61:be:92:08:9c:e9:05:d2:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:40:37 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=202da32f1f103e97c56d64ad144173856f5268f36b9954dab587ef1db34208dd, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8f:6e:3e:d3:e4:38:7e:09:87:55:5e:84:18: af:ed:90:9b:c9:e6:a6:29:be:95:64:12:7f:d6:7a: d9:b7:95:82:eb:58:09:04:ac:c6:0b:54:56:c2:d1: 72:10:89:74:3b:a9:96:69:88:b7:72:9d:79:9c:a6: f2:cd:b5:b8:b5:fd:74:50:d5:22:a6:27:59:5e:13: 56:12:61:11:d6:b8:8d:67:39:b3:65:29:4c:a1:ac: 45:99:f8:fd:17:9b:34:19:7a:f0:af:3f:50:a5:4e: cb:54:d1:ff:7b:d1:90:f0:c8:0f:a7:b8:3b:68:0b: 3c:07:aa:8c:c1:cc:3b:7f:93:b8:2d:83:d8:12:30: c8:26:74:e8:54:05:0b:30:d0:0e:cf:e0:1a:5a:fa: 23:f0:51:0b:41:ac:04:88:4a:aa:b6:54:27:b0:1e: d8:54:be:24:11:c8:e9:40:2b:d3:da:5c:c4:44:83: 3e:fb:d0:b1:68:32:d6:cf:a6:ad:0a:99:31:66:f6: 94:76:c8:23:19:f5:c3:7c:fb:c8:6c:cd:cf:3e:b5: 25:9c:33:84:6c:3d:91:f0:ae:4d:cb:02:4d:e4:e5: 61:ff:e3:97:6e:19:b8:f0:ec:b4:26:3f:0f:35:61: b4:f3:47:68:70:51:37:35:5f:3a:00:9e:31:7f:e0: 1f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:AB:A1:BC:C3:13:E9:CF:BF:5C:26:AC:D1:DE:A9:14:4E:CC:C4:29 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.69.0.0/16 Signature Algorithm: sha256WithRSAEncryption d3:d0:1c:2f:19:c9:36:8a:4f:a7:53:04:21:91:2a:da:f0:52: 2f:10:5a:c0:be:c5:2f:e8:ef:47:21:63:62:ba:46:45:e4:c1: 09:99:d0:bd:f9:5b:0d:2e:1c:38:60:05:13:db:63:27:7b:7d: d6:a6:0d:bf:42:19:e3:d2:f8:10:00:7e:45:9f:b1:12:c9:8c: 80:bb:7d:af:60:3c:7f:9f:d3:37:0a:be:86:2f:b6:4c:74:07: 95:cd:e5:79:d3:c5:17:4c:1f:20:d9:45:73:a6:28:e8:e6:c1: 1a:45:4f:01:b2:97:49:29:7f:67:71:09:d7:9e:38:5c:f4:11: 3e:41:b6:a5:ba:79:ff:e3:e0:2e:78:1b:ce:14:d3:0e:75:92: 39:f7:80:2c:b7:e1:4c:33:81:1e:a7:72:cc:9a:04:a5:13:c4: f5:2f:63:6b:57:8c:ba:22:b6:6f:73:09:98:df:99:fd:02:21: c6:00:95:90:15:05:1f:2d:a3:4c:fe:7a:4f:75:e8:86:0d:7d: ed:54:5d:6f:b9:01:f4:b8:c2:69:99:f7:8c:06:ea:0a:bc:6a: 95:b4:06:e7:72:9a:90:13:23:aa:37:46:65:b0:6f:fc:95:90: c4:85:7a:dc:4b:0b:0b:1e:ab:66:2f:ad:24:40:cb:02:c3:2e: f8:63:20:42 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUYZWTLnHKopxuubVhvpIInOkF0tIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjQwMzdaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDIwMmRhMzJmMWYxMDNlOTdjNTZkNjRhZDE0NDE3Mzg1NmY1MjY4ZjM2Yjk5 NTRkYWI1ODdlZjFkYjM0MjA4ZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALiPbj7T5Dh+CYdVXoQYr+2Qm8nmpim+lWQSf9Z62beVgutYCQSsxgtUVsLR chCJdDuplmmIt3KdeZym8s21uLX9dFDVIqYnWV4TVhJhEda4jWc5s2UpTKGsRZn4 /RebNBl68K8/UKVOy1TR/3vRkPDID6e4O2gLPAeqjMHMO3+TuC2D2BIwyCZ06FQF CzDQDs/gGlr6I/BRC0GsBIhKqrZUJ7Ae2FS+JBHI6UAr09pcxESDPvvQsWgy1s+m rQqZMWb2lHbIIxn1w3z7yGzNzz61JZwzhGw9kfCuTcsCTeTlYf/jl24ZuPDstCY/ DzVhtPNHaHBRNzVfOgCeMX/gH6kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQtq6G8 wxPpz79cJqzR3qkUTszEKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G CSqGSIb3DQEBCwUAA4IBAQDT0BwvGck2ik+nUwQhkSra8FIvEFrAvsUv6O9HIWNi ukZF5MEJmdC9+VsNLhw4YAUT22Mne33Wpg2/Qhnj0vgQAH5Fn7ESyYyAu32vYDx/ n9M3Cr6GL7ZMdAeVzeV508UXTB8g2UVzpijo5sEaRU8BspdJKX9ncQnXnjhc9BE+ Qbalunn/4+AueBvOFNMOdZI594Ast+FMM4Eep3LMmgSlE8T1L2NrV4y6IrZvcwmY 35n9AiHGAJWQFQUfLaNM/npPdeiGDX3tVF1vuQH0uMJpmfeMBuoKvGqVtAbncpqQ EyOqN0ZlsG/8lZDEhXrcSwsLHqtmL60kQMsCwy74YyBC -----END CERTIFICATE-----Generated at Wed Dec 10 13:35:02 2025 by rpki-client