This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json) Hash identifier: DIGdiK4CAmdUb6b5nj2F1b6I4cs3BXkUBHpXyu5JEoE= Subject key identifier: A5:D4:89:2B:59:BD:75:F8:23:55:9D:17:E9:3D:88:D7:F5:96:A3:66 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 63D77F77D42BBE40D7FF081EF8CA1FC0E119D9B9 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa Signing time: Thu 11 Dec 2025 01:00:24 +0000 ROA not before: Thu 11 Dec 2025 01:00:24 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:d7:7f:77:d4:2b:be:40:d7:ff:08:1e:f8:ca:1f:c0:e1:19:d9:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:24 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=a1bed77f213e3ca3f87d8bbf26200518fc2885fa2dd6cdc5be23100cc1db9a7a, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d6:7e:90:a9:53:c7:59:12:a6:39:40:fc:99: 40:71:7f:bc:10:1d:67:cf:aa:8a:09:8c:9a:91:13: f7:2e:1b:3b:ec:2a:d4:c8:41:ac:6e:f4:80:4e:de: 09:b8:82:c6:9b:e1:04:ec:82:75:49:4b:01:68:2b: e0:2d:0b:58:21:e0:22:25:5f:7a:c1:c7:33:1b:f4: 1d:42:28:d3:96:3a:fb:c5:3b:9b:92:1c:04:5e:de: 0b:49:06:57:f1:97:ec:05:30:44:aa:98:1b:f6:5a: 25:c2:25:e7:c5:72:12:4a:15:c4:8f:d6:31:34:c4: b1:f3:30:66:cd:ef:78:01:32:2e:ab:35:b8:bc:00: 75:0a:61:71:97:c2:60:d5:85:37:93:96:bd:f0:ea: 08:77:0c:12:d3:d7:3f:61:86:9a:73:e3:4a:34:a5: 1a:3c:5f:13:f9:91:c1:56:de:68:12:34:21:d2:cc: 84:c0:d0:25:34:17:3e:ea:fe:97:e3:bb:ee:46:4e: 68:32:f4:99:59:2e:e2:7a:71:c7:e6:cd:b6:30:d6: b3:d1:8a:cd:1e:c0:92:84:1c:91:f0:1a:2b:72:8f: 89:28:a7:ab:14:0d:ce:61:a6:fa:db:23:47:28:92: 14:ba:fb:96:e1:63:97:b9:b7:93:f0:10:3b:d5:d6: c6:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:D4:89:2B:59:BD:75:F8:23:55:9D:17:E9:3D:88:D7:F5:96:A3:66 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.204.0/24 Signature Algorithm: sha256WithRSAEncryption 8a:ad:c9:86:fc:0b:df:41:bb:47:79:6a:2b:89:9b:f5:b0:38: d1:f7:86:dd:2e:a0:2b:e8:7a:62:f8:3d:a0:2a:1e:ef:3a:d3: c4:4b:4d:37:c8:76:db:1d:d9:8b:06:3a:ba:72:6e:df:d8:b4: ee:cb:63:e1:c8:b4:b9:68:7e:73:23:06:0a:28:c0:33:e9:c7: 42:55:40:d8:ef:63:8b:25:a1:f2:14:b0:60:94:dc:a6:44:44: bb:fb:b3:31:9a:f8:d9:cb:3e:17:fd:b7:c6:06:c1:72:76:75: 2b:80:ee:53:1e:95:97:78:4e:e5:b8:bb:08:ac:33:60:25:d5: ff:71:1c:88:4a:b9:64:ba:53:5b:01:6e:5f:42:92:87:62:43: 74:32:2b:86:9c:ff:a5:4d:e8:3d:27:37:a5:fa:35:59:a0:9d: 9d:c8:bd:ee:4c:a4:4d:0f:45:80:19:2a:b7:a3:56:e7:b0:ca: eb:6a:bd:6a:d3:a3:39:0a:0b:5a:40:07:95:6a:0c:74:98:4e: c8:f9:41:03:03:4f:85:18:f8:d6:8a:35:da:74:8b:d8:a7:07: 48:d2:5c:05:8d:22:66:c1:87:16:8c:2c:d8:75:75:1e:f1:f9: 34:de:53:61:cd:80:05:56:88:df:25:19:50:61:d3:4b:14:fe: 66:8c:56:0d -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUY9d/d9QrvkDX/wge+MofwOEZ2bkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjRaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQGExYmVkNzdmMjEzZTNjYTNmODdkOGJiZjI2MjAwNTE4ZmMyODg1ZmEyZGQ2 Y2RjNWJlMjMxMDBjYzFkYjlhN2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7WfpCpU8dZEqY5QPyZQHF/vBAdZ8+qigmMmpET9y4bO+wq1MhBrG70gE7e CbiCxpvhBOyCdUlLAWgr4C0LWCHgIiVfesHHMxv0HUIo05Y6+8U7m5IcBF7eC0kG V/GX7AUwRKqYG/ZaJcIl58VyEkoVxI/WMTTEsfMwZs3veAEyLqs1uLwAdQphcZfC YNWFN5OWvfDqCHcMEtPXP2GGmnPjSjSlGjxfE/mRwVbeaBI0IdLMhMDQJTQXPur+ l+O77kZOaDL0mVku4npxx+bNtjDWs9GKzR7AkoQckfAaK3KPiSinqxQNzmGm+tsj RyiSFLr7luFjl7m3k/AQO9XWxnECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSl1Ikr Wb11+CNVnRfpPYjX9ZajZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN BgkqhkiG9w0BAQsFAAOCAQEAiq3JhvwL30G7R3lqK4mb9bA40feG3S6gK+h6Yvg9 oCoe7zrTxEtNN8h22x3ZiwY6unJu39i07stj4ci0uWh+cyMGCijAM+nHQlVA2O9j iyWh8hSwYJTcpkREu/uzMZr42cs+F/23xgbBcnZ1K4DuUx6Vl3hO5bi7CKwzYCXV /3EciEq5ZLpTWwFuX0KSh2JDdDIrhpz/pU3oPSc3pfo1WaCdnci97kykTQ9FgBkq t6NW57DK62q9atOjOQoLWkAHlWoMdJhOyPlBAwNPhRj41oo12nSL2KcHSNJcBY0i ZsGHFows2HV1HvH5NN5TYc2ABVaI3yUZUGHTSxT+ZoxWDQ== -----END CERTIFICATE-----Generated at Thu Jan 22 22:21:40 2026 by rpki-client