This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/173784a5-02ac-471e-bb56-8d257dd9d810.roa File: 173784a5-02ac-471e-bb56-8d257dd9d810.roa (raw, json) Hash identifier: x1XyXb06GbUssiaGx7C5USb2fNwM4j1nEQqq/q4rC2M= Subject key identifier: 4E:8A:B3:CB:C4:89:A6:48:03:BC:4A:E4:10:DA:6D:ED:05:7F:6E:38 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3BB1E3D1053877FB576A711169AB114B6E0DF969 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/173784a5-02ac-471e-bb56-8d257dd9d810.roa Signing time: Tue 13 Jan 2026 20:06:59 +0000 ROA not before: Tue 13 Jan 2026 20:06:59 +0000 ROA not after: Mon 13 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06b:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 02:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:b1:e3:d1:05:38:77:fb:57:6a:71:11:69:ab:11:4b:6e:0d:f9:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Jan 13 20:06:59 2026 GMT Not After : Apr 13 23:59:59 2026 GMT Subject: serialNumber=68b8f8bfc35e6137e0d6bb4b25682c21f0187cf933a046b81726ee3c6ab0dd18, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9b:8d:b7:3a:c8:4d:bf:78:14:b5:87:95:33: 55:c8:dc:88:4f:47:0d:71:44:90:8b:a5:22:05:e2: 87:1e:f6:cc:e9:ba:60:69:d1:be:f8:5f:35:2d:18: 96:a8:27:99:05:ae:dc:61:fc:9b:89:be:e1:7f:a3: c7:05:1e:5d:3a:91:8f:c3:80:f3:b4:ce:a6:34:8a: 23:b7:d8:99:0a:b4:2d:d0:00:23:17:f6:bc:2a:4c: 4e:c5:fb:4b:a8:00:0f:c0:54:68:ba:ac:65:d0:c8: 6a:f3:0c:15:29:59:ed:44:67:2a:84:86:a2:df:2d: 20:1e:c3:42:2c:ef:96:71:31:34:9d:27:d0:eb:46: d9:84:3a:cb:a2:e1:b9:2f:77:0e:e6:a0:5b:b9:cf: 74:6b:e9:7e:0b:f1:0e:64:ab:30:14:9f:46:e1:f1: fa:f1:d0:0a:2f:08:4d:08:02:b6:bf:4f:b9:66:d8: 92:46:7a:81:48:42:d7:6a:00:d5:b4:63:9a:ec:ca: 09:47:fc:35:0c:06:54:1d:75:3b:ae:ab:14:87:91: 6d:39:5e:cf:f4:c9:9b:d6:00:d4:ce:14:62:18:da: 6d:34:2d:ce:25:d1:9f:2e:dc:44:b5:be:a9:c1:06: 60:48:50:2a:51:90:fa:94:64:7d:e7:b2:ae:43:97: 6c:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:8A:B3:CB:C4:89:A6:48:03:BC:4A:E4:10:DA:6D:ED:05:7F:6E:38 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/173784a5-02ac-471e-bb56-8d257dd9d810.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06b:800::/40 Signature Algorithm: sha256WithRSAEncryption 86:19:25:94:e6:5c:26:4d:8d:34:e7:b5:8d:8b:be:6f:a5:63: c4:8e:b9:84:a6:ab:33:38:e6:56:c7:fe:1f:49:4e:37:48:e0: a0:22:65:e0:87:c8:5b:82:c1:e7:a0:24:20:ab:d1:7d:ef:05: d5:22:17:b4:5a:61:da:1b:f8:bf:d0:24:36:6f:22:ed:49:9e: 71:aa:dc:40:eb:f8:9a:eb:fe:d8:b3:70:30:90:ad:4a:89:d0: e8:8c:09:30:00:05:06:ae:77:db:c9:c6:8e:f0:75:cc:95:ce: 1e:aa:00:5a:72:4a:8c:06:63:02:af:46:37:fd:4d:9b:fb:e1: d5:42:f7:6f:d9:b6:d0:46:ad:1b:79:a1:15:b7:f3:4d:c8:a9: 68:17:81:a9:d3:ad:ba:38:ad:9b:1b:0a:84:69:89:4d:db:dc: a7:a9:e2:32:4b:91:19:bc:3b:02:19:bf:1a:68:43:16:32:06: 20:71:0d:1d:11:85:d1:b7:47:b8:03:82:1c:91:56:17:b5:97: 77:ae:f8:10:7c:58:80:f6:01:2b:4c:75:39:78:19:99:be:b9: 5e:6f:6e:ce:b1:55:d6:ba:7e:e2:0c:d4:20:56:ef:7d:52:f0: ed:00:25:31:21:37:b4:c2:6c:1b:fd:00:f7:a1:fc:10:14:6b: 86:4a:63:83 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUO7Hj0QU4d/tXanERaasRS24N+WkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNjAxMTMyMDA2NTlaFw0yNjA0MTMyMzU5NTlaMHoxSTBHBgNV BAUTQDY4YjhmOGJmYzM1ZTYxMzdlMGQ2YmI0YjI1NjgyYzIxZjAxODdjZjkzM2Ew NDZiODE3MjZlZTNjNmFiMGRkMTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALabjbc6yE2/eBS1h5UzVcjciE9HDXFEkIulIgXihx72zOm6YGnRvvhfNS0Y lqgnmQWu3GH8m4m+4X+jxwUeXTqRj8OA87TOpjSKI7fYmQq0LdAAIxf2vCpMTsX7 S6gAD8BUaLqsZdDIavMMFSlZ7URnKoSGot8tIB7DQizvlnExNJ0n0OtG2YQ6y6Lh uS93DuagW7nPdGvpfgvxDmSrMBSfRuHx+vHQCi8ITQgCtr9PuWbYkkZ6gUhC12oA 1bRjmuzKCUf8NQwGVB11O66rFIeRbTlez/TJm9YA1M4UYhjabTQtziXRny7cRLW+ qcEGYEhQKlGQ+pRkfeeyrkOXbN0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROirPL xImmSAO8SuQQ2m3tBX9uODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTczNzg0YTUtMDJhYy00NzFlLWJiNTYtOGQyNTdkZDlkODEwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GsI MA0GCSqGSIb3DQEBCwUAA4IBAQCGGSWU5lwmTY0057WNi75vpWPEjrmEpqszOOZW x/4fSU43SOCgImXgh8hbgsHnoCQgq9F97wXVIhe0WmHaG/i/0CQ2byLtSZ5xqtxA 6/ia6/7Ys3AwkK1KidDojAkwAAUGrnfbycaO8HXMlc4eqgBackqMBmMCr0Y3/U2b ++HVQvdv2bbQRq0beaEVt/NNyKloF4Gp0626OK2bGwqEaYlN29ynqeIyS5EZvDsC Gb8aaEMWMgYgcQ0dEYXRt0e4A4IckVYXtZd3rvgQfFiA9gErTHU5eBmZvrleb27O sVXWun7iDNQgVu99UvDtACUxITe0wmwb/QD3ofwQFGuGSmOD -----END CERTIFICATE-----Generated at Sat Jan 17 06:44:27 2026 by rpki-client