This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json) Hash identifier: jtIWsrdK/2P07RtLPskV6WN/eiVKuoBC9fggJRyzZOE= Subject key identifier: 52:82:A0:30:15:FA:FE:8F:D2:69:53:9C:7C:4A:D1:2B:C4:22:8C:15 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 08590DFE87E639BBEF95C3B38F1ADDF8169B1F24 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa Signing time: Wed 10 Dec 2025 06:50:30 +0000 ROA not before: Wed 10 Dec 2025 06:50:30 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.184.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:59:0d:fe:87:e6:39:bb:ef:95:c3:b3:8f:1a:dd:f8:16:9b:1f:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:30 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=263e0c56bf3b668df97fafa64ec34cbae648c704c51f9c6e31135d25132965cd, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:52:ce:4e:26:1b:50:07:4b:21:2f:48:9a:4d: 93:98:49:c5:c8:c6:07:74:d8:71:60:b3:69:f3:79: 5d:30:d9:63:e5:06:fb:11:b1:9b:40:67:e1:41:20: 7b:b4:63:fe:93:6e:07:97:1b:55:2e:00:c3:84:75: 05:1d:88:22:73:a4:09:19:ef:32:2e:3f:ad:68:0a: a7:a1:ba:c0:24:8b:d9:22:e1:ae:9c:41:16:49:e6: b9:40:f8:93:fd:1c:14:b7:ac:6d:db:30:45:14:d3: 48:e2:ed:3e:9e:ca:1f:e1:fe:c9:22:c4:32:ac:99: f4:da:2b:66:57:a7:18:d7:ca:4d:3e:dc:ee:7c:bf: 33:22:a0:ea:cb:9e:79:26:b2:52:a4:05:0a:2f:21: 25:ea:62:e7:77:5f:85:af:19:f8:27:7d:a2:82:68: ec:84:a2:08:ce:c7:55:51:fb:f0:fc:85:2e:39:36: 6a:9e:b5:66:87:71:8b:65:c4:41:f9:76:50:bb:df: 77:ed:94:83:68:90:b5:0c:78:45:13:cd:a8:b5:56: 69:d1:3c:5b:52:9e:a1:45:db:38:25:c5:58:0f:82: d1:a9:75:85:66:86:d1:17:fb:2b:24:0b:11:e5:da: ce:88:73:c9:20:3f:38:1f:e8:63:4d:44:f5:86:fc: 76:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:82:A0:30:15:FA:FE:8F:D2:69:53:9C:7C:4A:D1:2B:C4:22:8C:15 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.184.0.0/15 Signature Algorithm: sha256WithRSAEncryption 9c:b2:56:f6:d0:ec:1f:9c:fd:30:9a:cb:b5:e8:15:58:fb:17: 67:2f:84:79:13:5d:6c:b2:07:cf:14:ec:2c:44:38:7f:5d:90: d0:58:b4:3c:dc:5c:ee:71:64:0a:42:2f:3f:f9:aa:f5:6e:6c: 11:76:ce:2f:57:d6:e7:b4:2b:60:d2:17:9c:06:ca:4f:4f:52: 5a:4e:32:3c:4f:69:52:ca:5b:04:3f:08:74:f5:30:6f:d5:10: 03:3d:5f:59:11:70:4c:fb:25:38:84:d7:e9:64:05:53:a5:bf: 6b:47:c7:f7:9e:e8:b9:3e:b6:be:a2:46:cb:8b:13:e6:71:eb: 69:2a:09:c8:57:66:41:a0:14:b8:5a:fb:b2:26:c5:39:6f:f5: f5:5f:26:cb:3b:62:ee:2b:8a:de:1a:22:81:54:89:4e:cc:31: e7:fb:4e:58:d1:49:7a:dd:40:56:5a:80:67:e3:5b:71:a4:3c: 5f:c6:9f:63:cf:f7:59:cf:4c:e2:dd:28:d7:b2:87:39:72:47: 17:b2:a4:48:fd:66:cd:e6:8a:19:e3:3e:35:44:f1:6f:f8:a2: 79:f8:cc:5a:8c:38:e0:b4:8e:da:63:1d:44:b1:b4:f1:c3:42: 91:d0:ab:1b:4a:2d:eb:b4:2d:8f:bc:fc:76:98:43:71:f2:3e: ba:b4:fa:bd -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUCFkN/ofmObvvlcOzjxrd+BabHyQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwMzBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDI2M2UwYzU2YmYzYjY2OGRmOTdmYWZhNjRlYzM0Y2JhZTY0OGM3MDRjNTFm OWM2ZTMxMTM1ZDI1MTMyOTY1Y2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJSzk4mG1AHSyEvSJpNk5hJxcjGB3TYcWCzafN5XTDZY+UG+xGxm0Bn4UEg e7Rj/pNuB5cbVS4Aw4R1BR2IInOkCRnvMi4/rWgKp6G6wCSL2SLhrpxBFknmuUD4 k/0cFLesbdswRRTTSOLtPp7KH+H+ySLEMqyZ9NorZlenGNfKTT7c7ny/MyKg6sue eSayUqQFCi8hJepi53dfha8Z+Cd9ooJo7ISiCM7HVVH78PyFLjk2ap61Zodxi2XE Qfl2ULvfd+2Ug2iQtQx4RRPNqLVWadE8W1KeoUXbOCXFWA+C0al1hWaG0Rf7KyQL EeXazohzySA/OB/oY01E9Yb8dqUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSgqAw Ffr+j9JpU5x8StErxCKMFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G CSqGSIb3DQEBCwUAA4IBAQCcslb20OwfnP0wmsu16BVY+xdnL4R5E11ssgfPFOws RDh/XZDQWLQ83FzucWQKQi8/+ar1bmwRds4vV9bntCtg0hecBspPT1JaTjI8T2lS ylsEPwh09TBv1RADPV9ZEXBM+yU4hNfpZAVTpb9rR8f3nui5Pra+okbLixPmcetp KgnIV2ZBoBS4WvuyJsU5b/X1XybLO2LuK4reGiKBVIlOzDHn+05Y0Ul63UBWWoBn 41txpDxfxp9jz/dZz0zi3SjXsoc5ckcXsqRI/WbN5ooZ4z41RPFv+KJ5+MxajDjg tI7aYx1EsbTxw0KR0KsbSi3rtC2PvPx2mENx8j66tPq9 -----END CERTIFICATE-----Generated at Wed Dec 17 15:19:58 2025 by rpki-client