This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa File: 4264c9e7-8855-4a41-950f-ef8df4425790.roa (raw, json) Hash identifier: 4jPXKZBh/JguLOaCEkGsX+snCIjKZphf2eP15+uKQ+k= Subject key identifier: 54:A9:69:15:D5:27:56:E4:61:CD:6E:AD:6C:A5:98:59:F5:F8:8F:FF Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 1B0B7A7E8AC1B24FC9C485605AC3B4246DC425C6 Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa Signing time: Wed 10 Dec 2025 06:50:49 +0000 ROA not before: Wed 10 Dec 2025 06:50:49 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 51.200.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:0b:7a:7e:8a:c1:b2:4f:c9:c4:85:60:5a:c3:b4:24:6d:c4:25:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:50:49 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=152feab62dd479a9c0979fe83b8df5a3fd56e0c7402f455c8a8de529995d238c, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:6a:c7:8d:47:be:dc:41:6b:89:6f:92:4b:10: db:c5:f9:e8:70:bf:5f:13:69:7f:d2:17:e2:68:d8: 0d:85:2e:76:51:98:6e:25:ab:81:eb:c8:1e:fb:29: 1a:5d:b4:85:70:32:9d:1f:7f:c2:f0:0e:f2:9d:30: 82:22:25:96:e3:ff:c0:0e:f0:ce:f3:d1:74:d5:dc: ca:ed:b0:59:2b:21:88:c1:7a:46:da:a9:dc:5b:cf: 99:57:b1:e7:ae:1b:d4:ed:61:e1:31:1e:86:14:70: b9:dc:a3:69:fc:36:36:8f:0a:d2:a9:07:37:70:6f: 3d:f4:8d:a7:1e:1b:c7:bc:50:86:63:4b:61:aa:49: 06:41:32:20:9e:f4:58:0e:fb:ec:6d:48:4c:d5:de: 2d:1d:74:40:b5:a6:a8:de:1a:32:ca:98:e2:f6:45: ab:7a:f0:fe:31:9d:61:1c:aa:b6:b3:62:84:b7:34: 1c:25:99:89:50:75:4b:c5:8f:58:91:dc:fa:96:32: d5:9d:49:88:4c:09:20:fb:13:3c:88:16:98:15:97: 66:e0:1a:7f:5c:94:07:e3:5e:29:5c:3b:90:7b:3f: cf:87:c6:d0:b5:42:b0:13:eb:f2:25:84:89:5a:50: 00:af:38:25:1e:45:19:cb:25:e4:ee:91:c4:7f:18: f8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:A9:69:15:D5:27:56:E4:61:CD:6E:AD:6C:A5:98:59:F5:F8:8F:FF X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 51.200.0.0/15 Signature Algorithm: sha256WithRSAEncryption b8:f1:50:f8:34:ad:09:32:14:22:85:b7:59:af:7a:7c:48:e1: a1:87:34:60:3c:ef:8b:62:a9:04:ae:83:18:c8:ba:d1:45:1b: 94:5e:8a:82:fb:e4:86:80:67:dc:92:04:7f:d5:19:3a:bf:86: e8:70:a0:45:17:ad:32:fa:a2:7d:f6:7b:2a:d1:bd:c8:9f:5e: 85:27:40:a2:a7:f6:53:7b:1d:92:0a:86:47:25:16:22:d8:4b: 3f:3f:25:0f:bc:83:47:88:b3:fd:68:62:07:9f:b8:91:b4:e7: dd:22:5a:9a:d1:3e:32:6d:9d:f9:71:07:30:e2:16:cd:af:5f: 58:af:37:b0:76:4f:4d:df:14:36:a6:45:3a:75:6d:e7:fc:60: 97:31:46:84:8c:8c:d4:8e:2d:03:e9:1d:ff:e9:2b:21:62:7e: a6:eb:ec:fc:45:c9:05:7b:e6:dd:d9:cc:74:81:a1:7f:20:f5: 8c:5f:76:d7:a1:e3:fa:f2:50:d3:5a:8a:47:c0:66:3f:0f:fd: 23:28:58:7c:0a:90:3f:29:6a:11:5f:3d:7c:19:a1:b4:0b:1d: ef:b0:30:c2:03:05:cd:84:81:62:c3:5c:87:fa:e1:9f:90:65: 6e:4b:2c:05:21:fb:09:ec:6b:06:f0:e1:d7:01:a2:fe:4a:bf: 6c:bc:b2:91 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUGwt6forBsk/JxIVgWsO0JG3EJcYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjUwNDlaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDE1MmZlYWI2MmRkNDc5YTljMDk3OWZlODNiOGRmNWEzZmQ1NmUwYzc0MDJm NDU1YzhhOGRlNTI5OTk1ZDIzOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZqx41HvtxBa4lvkksQ28X56HC/XxNpf9IX4mjYDYUudlGYbiWrgevIHvsp Gl20hXAynR9/wvAO8p0wgiIlluP/wA7wzvPRdNXcyu2wWSshiMF6Rtqp3FvPmVex 564b1O1h4TEehhRwudyjafw2No8K0qkHN3BvPfSNpx4bx7xQhmNLYapJBkEyIJ70 WA777G1ITNXeLR10QLWmqN4aMsqY4vZFq3rw/jGdYRyqtrNihLc0HCWZiVB1S8WP WJHc+pYy1Z1JiEwJIPsTPIgWmBWXZuAaf1yUB+NeKVw7kHs/z4fG0LVCsBPr8iWE iVpQAK84JR5FGcsl5O6RxH8Y+EMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRUqWkV 1SdW5GHNbq1spZhZ9fiP/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv NDI2NGM5ZTctODg1NS00YTQxLTk1MGYtZWY4ZGY0NDI1NzkwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G CSqGSIb3DQEBCwUAA4IBAQC48VD4NK0JMhQihbdZr3p8SOGhhzRgPO+LYqkEroMY yLrRRRuUXoqC++SGgGfckgR/1Rk6v4bocKBFF60y+qJ99nsq0b3In16FJ0Cip/ZT ex2SCoZHJRYi2Es/PyUPvINHiLP9aGIHn7iRtOfdIlqa0T4ybZ35cQcw4hbNr19Y rzewdk9N3xQ2pkU6dW3n/GCXMUaEjIzUji0D6R3/6SshYn6m6+z8RckFe+bd2cx0 gaF/IPWMX3bXoeP68lDTWopHwGY/D/0jKFh8CpA/KWoRXz18GaG0Cx3vsDDCAwXN hIFiw1yH+uGfkGVuSywFIfsJ7GsG8OHXAaL+Sr9svLKR -----END CERTIFICATE-----Generated at Sat Dec 20 02:39:46 2025 by rpki-client