This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93fd362d-5e7e-4f59-bdb8-e21b80ea7d5a.roa File: 93fd362d-5e7e-4f59-bdb8-e21b80ea7d5a.roa (raw, json) Hash identifier: h4u8gtWJSNpF7iR30UFYzGJV4x3n0kjX5wDybZsCbP0= Subject key identifier: 41:7B:69:A2:66:8E:E5:56:FD:9E:7A:BC:4D:1C:EA:A5:76:6C:EF:25 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1DC4ED0B8B5B0D271C467D07A413C1E14364B4AD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93fd362d-5e7e-4f59-bdb8-e21b80ea7d5a.roa Signing time: Tue 13 Jan 2026 20:06:56 +0000 ROA not before: Tue 13 Jan 2026 20:06:56 +0000 ROA not after: Mon 13 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06b:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 02:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:c4:ed:0b:8b:5b:0d:27:1c:46:7d:07:a4:13:c1:e1:43:64:b4:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Jan 13 20:06:56 2026 GMT Not After : Apr 13 23:59:59 2026 GMT Subject: serialNumber=1a00063f72ec23ab657e01641cb662a10ec020487135182b1502efc9964112bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ab:1f:1d:00:28:8a:3b:60:e7:4a:fb:c3:44: d3:f8:28:ad:0f:6c:d1:45:5c:e9:08:37:d4:26:f1: ed:a8:ec:09:da:a0:ce:24:37:4d:0b:93:42:0a:4b: eb:66:d7:9c:e5:0d:6c:d8:c9:9d:37:b4:3a:b6:e8: a8:93:0e:d7:4c:12:b6:47:bb:a7:15:e1:2b:6e:b6: 4a:87:c2:c1:6c:40:23:71:2b:a9:15:13:3b:86:da: 7a:00:16:a8:82:bc:f3:f4:5b:90:7b:7b:96:c0:1c: 40:33:67:a8:cb:e2:97:ab:50:d0:01:c7:14:c7:28: 0b:23:1d:f5:e8:90:33:eb:4e:7d:a4:0b:21:ca:c8: e1:e5:cd:0a:7b:df:51:68:20:62:5b:19:0e:04:24: 91:e8:f4:7d:47:dd:86:8e:00:8b:cd:47:08:c8:f4: 5b:08:d4:77:d3:37:1a:75:db:78:4e:50:5b:71:62: f6:9a:79:96:b3:1c:0e:db:eb:ee:99:c3:20:3f:00: 81:8e:f7:ad:96:24:e2:5e:78:4d:e8:45:43:cd:f5: 80:bd:cc:94:8a:5b:6c:5c:f7:93:94:42:c4:7b:94: 38:9a:2f:97:f7:03:88:b2:b6:ef:82:53:24:a0:51: 43:6c:7b:35:d7:99:fd:88:a8:99:07:be:f1:89:09: 37:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:7B:69:A2:66:8E:E5:56:FD:9E:7A:BC:4D:1C:EA:A5:76:6C:EF:25 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93fd362d-5e7e-4f59-bdb8-e21b80ea7d5a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06b:1000::/40 Signature Algorithm: sha256WithRSAEncryption bd:c2:56:05:a5:00:5f:4f:25:f5:3c:ca:d9:08:c7:2b:8c:e0: 69:59:ca:c2:fb:5e:eb:61:26:50:46:b4:f3:6f:1d:0e:88:3b: f4:bf:e5:44:47:67:77:d4:82:12:73:db:8d:15:89:98:73:a2: 74:f3:32:cb:de:79:21:93:35:bb:bb:d8:25:d2:9c:1d:5b:9a: d5:79:f1:94:e0:c6:ab:1d:b3:64:ea:50:ff:6e:76:a3:62:f6: 71:df:7b:79:41:65:73:6a:97:cf:96:4e:0a:c8:fd:8a:b7:76: 0f:98:0d:5a:f3:23:9f:dc:ec:bb:8d:d3:3d:54:cf:67:de:dc: f4:38:e4:10:aa:c0:9e:41:76:7d:42:90:e8:36:09:be:ce:59: 4e:49:41:73:e7:3a:5a:56:a2:b0:8f:af:02:cf:db:c8:f8:57: a8:6a:dd:f2:0e:7c:19:fe:df:1d:0e:e9:d0:20:f3:a6:ff:52: d3:4e:71:81:10:72:ad:40:b8:5a:6d:66:1f:16:11:d1:93:4b: 89:42:bc:1c:0e:37:0c:e9:cc:b4:ba:e5:34:68:e4:2b:74:6e: bf:5d:fe:5c:28:d8:20:3f:f6:2e:21:e0:7a:5f:9b:a8:16:d9: 73:83:46:47:ad:e0:a3:12:e8:ef:66:f2:ae:8d:06:67:65:62: d5:fb:0d:3c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHcTtC4tbDSccRn0HpBPB4UNktK0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNjAxMTMyMDA2NTZaFw0yNjA0MTMyMzU5NTlaMHoxSTBHBgNV BAUTQDFhMDAwNjNmNzJlYzIzYWI2NTdlMDE2NDFjYjY2MmExMGVjMDIwNDg3MTM1 MTgyYjE1MDJlZmM5OTY0MTEyYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6rHx0AKIo7YOdK+8NE0/gorQ9s0UVc6Qg31Cbx7ajsCdqgziQ3TQuTQgpL 62bXnOUNbNjJnTe0OrboqJMO10wStke7pxXhK262SofCwWxAI3ErqRUTO4baegAW qIK88/RbkHt7lsAcQDNnqMvil6tQ0AHHFMcoCyMd9eiQM+tOfaQLIcrI4eXNCnvf UWggYlsZDgQkkej0fUfdho4Ai81HCMj0WwjUd9M3GnXbeE5QW3Fi9pp5lrMcDtvr 7pnDID8AgY73rZYk4l54TehFQ831gL3MlIpbbFz3k5RCxHuUOJovl/cDiLK274JT JKBRQ2x7NdeZ/YiomQe+8YkJN5ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBe2mi Zo7lVv2eerxNHOqldmzvJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTNmZDM2MmQtNWU3ZS00ZjU5LWJkYjgtZTIxYjgwZWE3ZDVhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GsQ MA0GCSqGSIb3DQEBCwUAA4IBAQC9wlYFpQBfTyX1PMrZCMcrjOBpWcrC+17rYSZQ RrTzbx0OiDv0v+VER2d31IISc9uNFYmYc6J08zLL3nkhkzW7u9gl0pwdW5rVefGU 4MarHbNk6lD/bnajYvZx33t5QWVzapfPlk4KyP2Kt3YPmA1a8yOf3Oy7jdM9VM9n 3tz0OOQQqsCeQXZ9QpDoNgm+zllOSUFz5zpaVqKwj68Cz9vI+Feoat3yDnwZ/t8d DunQIPOm/1LTTnGBEHKtQLhabWYfFhHRk0uJQrwcDjcM6cy0uuU0aOQrdG6/Xf5c KNggP/YuIeB6X5uoFtlzg0ZHreCjEujvZvKujQZnZWLV+w08 -----END CERTIFICATE-----Generated at Sat Jan 17 10:00:41 2026 by rpki-client