This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json) Hash identifier: Esbq3YhHmstvXuO7t55qiLPDN6zrzu2yykjHvVDdxTw= Subject key identifier: E5:6E:E8:00:C7:89:AA:4E:EF:2D:85:90:36:D5:93:A7:74:53:79:66 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 70395E0167EC9814200A11C3A179DD20E8C11E59 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa Signing time: Thu 11 Dec 2025 01:00:22 +0000 ROA not before: Thu 11 Dec 2025 01:00:22 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 51.16.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:39:5e:01:67:ec:98:14:20:0a:11:c3:a1:79:dd:20:e8:c1:1e:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 11 01:00:22 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=05493f99686e4d2e2c409dd1a6025f57c1c7bebcdf942c4ef4501d3954492262, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:1e:34:68:29:ae:d2:7f:af:86:6b:9d:3c:8f: 2a:cc:07:c8:bb:6e:24:fa:73:32:d4:1a:0f:ef:50: 10:1b:0c:9e:18:70:fb:7c:97:15:ec:83:1b:7b:c5: 8f:47:16:e9:46:25:89:3d:f3:c1:88:1b:d7:44:fc: 97:5d:22:fb:df:d8:bf:15:8f:37:88:2a:ec:e5:05: 12:be:80:63:40:df:30:f4:dc:2d:16:8b:b5:e6:36: 12:12:a6:0f:23:d7:b5:14:48:60:cc:7d:a2:bc:e8: 49:13:1e:4a:62:8e:8a:38:f2:c0:f6:36:04:29:3d: 3d:4b:1d:6e:69:ad:9a:ae:69:67:7f:7e:d5:8d:ba: 11:0a:93:27:23:5d:bc:17:47:34:e6:80:7e:d3:16: 23:4a:21:d4:1f:16:8d:2a:2d:bd:2f:5f:d3:99:0d: 0c:12:b6:fe:fa:43:21:b2:6e:b2:ab:88:cb:16:de: b4:e9:b5:d4:20:3a:3c:51:90:ee:1a:62:82:a2:75: f2:50:e6:16:7f:8b:11:3c:53:56:85:5a:24:5c:e0: c3:75:cb:2e:95:23:3f:28:04:bf:27:66:f7:52:60: 76:36:1b:77:22:90:37:32:f6:c8:fe:bc:5b:8e:2d: d7:93:ff:20:4a:33:83:6b:aa:97:9f:6c:5b:44:20: e1:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:6E:E8:00:C7:89:AA:4E:EF:2D:85:90:36:D5:93:A7:74:53:79:66 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.16.205.0/24 Signature Algorithm: sha256WithRSAEncryption 86:24:d4:08:d6:27:5e:64:25:33:93:18:35:a5:bf:d0:61:13: 2f:93:aa:a4:7f:ec:6b:f8:ae:a1:1f:ad:9f:07:13:ec:e9:b4: 1b:22:82:24:e8:36:aa:bb:a0:9c:64:91:ba:da:13:6a:0f:42: 5c:46:8f:53:5b:89:b9:dd:56:03:a5:d2:51:18:26:ad:0c:4f: c4:30:48:a4:2a:80:5a:54:2c:24:f0:b0:17:0f:64:ca:07:ee: 71:66:25:0e:91:55:b2:fe:e5:4c:16:ab:c8:43:e4:bd:ad:aa: 7f:bd:a7:dd:f6:52:da:96:09:c5:9b:80:81:f6:c8:c3:51:3c: 58:c6:93:55:69:1f:02:24:ff:d0:60:41:d1:a3:6e:13:54:51: 4e:ed:4d:ba:6e:4c:b6:80:c2:a4:cb:83:ba:a9:14:bf:bd:96: ce:87:89:5e:95:0e:6b:dc:9f:5f:d4:e8:19:5e:fe:21:50:18: d0:a8:dd:cb:92:9f:c3:75:27:3d:41:d3:83:fe:db:79:5b:a1: db:b6:29:97:e9:de:95:0c:8e:7a:6d:e6:12:e9:b2:78:1b:4b: 39:81:55:bb:80:ea:9e:49:f7:36:e4:60:97:30:8d:c4:68:85: c6:68:37:e0:fb:7f:eb:30:b9:d2:96:c4:27:ec:72:f4:64:81: 04:6c:00:08 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgIUcDleAWfsmBQgChHDoXndIOjBHlkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTEwMTAwMjJaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDA1NDkzZjk5Njg2ZTRkMmUyYzQwOWRkMWE2MDI1ZjU3YzFjN2JlYmNkZjk0 MmM0ZWY0NTAxZDM5NTQ0OTIyNjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ4eNGgprtJ/r4ZrnTyPKswHyLtuJPpzMtQaD+9QEBsMnhhw+3yXFeyDG3vF j0cW6UYliT3zwYgb10T8l10i+9/YvxWPN4gq7OUFEr6AY0DfMPTcLRaLteY2EhKm DyPXtRRIYMx9orzoSRMeSmKOijjywPY2BCk9PUsdbmmtmq5pZ39+1Y26EQqTJyNd vBdHNOaAftMWI0oh1B8WjSotvS9f05kNDBK2/vpDIbJusquIyxbetOm11CA6PFGQ 7hpigqJ18lDmFn+LETxTVoVaJFzgw3XLLpUjPygEvydm91JgdjYbdyKQNzL2yP68 W44t15P/IEozg2uql59sW0Qg4bMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTlbugA x4mqTu8thZA21ZOndFN5ZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN BgkqhkiG9w0BAQsFAAOCAQEAhiTUCNYnXmQlM5MYNaW/0GETL5OqpH/sa/iuoR+t nwcT7Om0GyKCJOg2qrugnGSRutoTag9CXEaPU1uJud1WA6XSURgmrQxPxDBIpCqA WlQsJPCwFw9kygfucWYlDpFVsv7lTBaryEPkva2qf72n3fZS2pYJxZuAgfbIw1E8 WMaTVWkfAiT/0GBB0aNuE1RRTu1Num5MtoDCpMuDuqkUv72WzoeJXpUOa9yfX9To GV7+IVAY0Kjdy5Kfw3UnPUHTg/7beVuh27Ypl+nelQyOem3mEumyeBtLOYFVu4Dq nkn3NuRglzCNxGiFxmg34Pt/6zC50pbEJ+xy9GSBBGwACA== -----END CERTIFICATE-----Generated at Fri Dec 19 20:10:40 2025 by rpki-client