This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/737c5f41-6c2e-48d1-8283-0ed4a0a51859.roa File: 737c5f41-6c2e-48d1-8283-0ed4a0a51859.roa (raw, json) Hash identifier: Zq2sttneOCQK700qRy2q0cZTo7rGMR2UopfmHkOEJ2g= Subject key identifier: 9A:79:D6:ED:7A:7D:4C:59:3B:12:38:8C:DF:83:08:10:CC:97:FD:C6 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 11FC43A27E6128596F4296CDDAD58A76D7FD5FFC Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/737c5f41-6c2e-48d1-8283-0ed4a0a51859.roa Signing time: Tue 13 Jan 2026 19:58:32 +0000 ROA not before: Tue 13 Jan 2026 19:58:32 +0000 ROA not after: Mon 13 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06b:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 02:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:fc:43:a2:7e:61:28:59:6f:42:96:cd:da:d5:8a:76:d7:fd:5f:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Jan 13 19:58:32 2026 GMT Not After : Apr 13 23:59:59 2026 GMT Subject: serialNumber=1695675d70ea675b1f625306704512cb55ee110724b28cd8e61e2eea81986cda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:5d:0c:e7:a9:48:b2:1a:2a:41:a0:28:9c:a7: a0:ef:1d:9f:bd:b0:9e:b7:82:90:ca:79:1e:30:e2: d8:11:a7:b6:1c:9e:0a:97:20:f1:67:a8:38:5e:cd: 86:b2:3e:4a:f8:cb:96:97:40:5f:f1:33:a8:df:e4: d8:04:74:5f:26:81:6f:a2:b4:78:72:b2:07:39:91: c9:17:76:38:0e:6a:4f:34:1d:38:3c:5e:06:b0:a4: ff:9a:98:bd:6a:40:19:4c:ea:f4:ac:e3:50:6b:50: 84:4a:80:87:a6:77:a5:eb:f1:39:e3:f0:96:24:51: d1:0b:e3:ee:ee:51:d5:a4:a7:5e:de:fc:30:bb:c9: 84:81:22:59:f6:a1:64:8d:e7:bc:0e:b0:81:f8:69: aa:26:2f:30:d8:0c:88:bb:f6:4f:e7:f1:87:a8:d7: 2e:3e:33:7c:9e:0f:c3:00:c3:2d:f1:b7:b4:db:de: 9b:c6:d5:b3:78:e7:ec:68:99:a6:74:5f:73:12:25: 3a:1f:71:a7:17:e4:4a:d2:39:f8:ba:d9:76:0e:68: 5d:a9:72:4c:07:1a:57:17:2e:1e:6d:cc:80:ab:57: a0:62:83:47:94:3f:cf:ab:7f:3f:7c:5b:c8:7c:c6: 7c:c2:bf:fc:80:c4:d9:77:e0:92:eb:3d:a9:c4:46: 81:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:79:D6:ED:7A:7D:4C:59:3B:12:38:8C:DF:83:08:10:CC:97:FD:C6 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/737c5f41-6c2e-48d1-8283-0ed4a0a51859.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06b:9080::/48 Signature Algorithm: sha256WithRSAEncryption 8d:89:3a:df:0b:51:80:d9:fa:e9:45:42:46:ca:d1:44:ef:f0: 65:f8:09:b7:96:2d:60:3b:b2:cf:2f:57:56:99:e8:3b:62:8b: b9:17:f0:a7:c4:15:a8:4d:0e:90:d2:e7:04:39:09:55:bf:b2: 0b:38:3a:49:46:80:06:fe:85:55:ed:99:0b:b8:bb:96:33:38: 6f:37:fe:89:1a:3e:c3:2b:69:8a:27:54:4a:b8:c5:cc:7c:08: f1:c9:17:14:ef:99:b9:07:c6:86:d8:bf:8f:0c:ac:6e:e4:88: a2:3d:f5:66:57:7c:06:ec:64:68:b1:f5:e8:bf:3f:fe:6d:48: a6:ff:7d:78:92:30:8d:3b:79:ba:dc:19:95:ac:b5:1b:be:01: 1c:16:b4:cb:53:22:66:c3:c9:44:27:f4:3d:6e:d3:b1:ab:b3: 7b:bc:80:e3:f5:64:0e:1d:a9:07:e6:4b:6d:f7:cf:9c:33:c1: ea:a4:3b:58:7a:7f:1f:a8:5c:ab:80:27:79:0f:91:82:3f:3d: d3:f9:d8:67:bf:58:7c:5d:f2:42:0e:b8:90:b1:7f:ce:91:cd: 0d:14:2f:dd:9f:23:ec:43:e7:8b:d1:35:42:27:a0:b2:97:aa: e6:bc:a0:8b:2f:f6:be:7c:35:d8:bf:89:26:d6:87:3b:45:0f: 7f:57:51:0c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUEfxDon5hKFlvQpbN2tWKdtf9X/wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNjAxMTMxOTU4MzJaFw0yNjA0MTMyMzU5NTlaMHoxSTBHBgNV BAUTQDE2OTU2NzVkNzBlYTY3NWIxZjYyNTMwNjcwNDUxMmNiNTVlZTExMDcyNGIy OGNkOGU2MWUyZWVhODE5ODZjZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVdDOepSLIaKkGgKJynoO8dn72wnreCkMp5HjDi2BGnthyeCpcg8WeoOF7N hrI+SvjLlpdAX/EzqN/k2AR0XyaBb6K0eHKyBzmRyRd2OA5qTzQdODxeBrCk/5qY vWpAGUzq9KzjUGtQhEqAh6Z3pevxOePwliRR0Qvj7u5R1aSnXt78MLvJhIEiWfah ZI3nvA6wgfhpqiYvMNgMiLv2T+fxh6jXLj4zfJ4PwwDDLfG3tNvem8bVs3jn7GiZ pnRfcxIlOh9xpxfkStI5+LrZdg5oXalyTAcaVxcuHm3MgKtXoGKDR5Q/z6t/P3xb yHzGfMK//IDE2Xfgkus9qcRGgeECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSaedbt en1MWTsSOIzfgwgQzJf9xjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzM3YzVmNDEtNmMyZS00OGQxLTgyODMtMGVkNGEwYTUxODU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GuQ gDANBgkqhkiG9w0BAQsFAAOCAQEAjYk63wtRgNn66UVCRsrRRO/wZfgJt5YtYDuy zy9XVpnoO2KLuRfwp8QVqE0OkNLnBDkJVb+yCzg6SUaABv6FVe2ZC7i7ljM4bzf+ iRo+wytpiidUSrjFzHwI8ckXFO+ZuQfGhti/jwysbuSIoj31Zld8BuxkaLH16L8/ /m1Ipv99eJIwjTt5utwZlay1G74BHBa0y1MiZsPJRCf0PW7Tsauze7yA4/VkDh2p B+ZLbffPnDPB6qQ7WHp/H6hcq4AneQ+Rgj890/nYZ79YfF3yQg64kLF/zpHNDRQv 3Z8j7EPni9E1Qiegspeq5rygiy/2vnw12L+JJtaHO0UPf1dRDA== -----END CERTIFICATE-----Generated at Sat Jan 17 06:44:23 2026 by rpki-client