$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa File: AS40676.roa (raw, json) Hash identifier: jLXkhk/JT86DXDol7VdqWUdlRcbhJvwgp5L7dlmDLAk= Subject key identifier: 1A:1A:A2:2F:4A:EC:23:8E:58:B5:C1:AD:91:3D:0F:18:64:85:5B:45 Certificate issuer: /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9 Certificate serial: 3F28C9CDD9E8E628FB1FF42D4E7834BE6F1C8647 Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa Signing time: Mon 02 Jun 2025 14:42:06 +0000 ROA not before: Mon 02 Jun 2025 14:37:06 +0000 ROA not after: Mon 01 Jun 2026 14:42:06 +0000 asID: 40676 IP address blocks: 104.234.134.0/24 maxlen: 24 104.234.172.0/24 maxlen: 24 104.234.177.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 08 Jun 2025 12:25:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:28:c9:cd:d9:e8:e6:28:fb:1f:f4:2d:4e:78:34:be:6f:1c:86:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9 Validity Not Before: Jun 2 14:37:06 2025 GMT Not After : Jun 1 14:42:06 2026 GMT Subject: CN=1A1AA22F4AEC238E58B5C1AD913D0F1864855B45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:80:5e:81:80:6f:80:16:63:0f:ae:c5:4a:5f: 0d:8c:24:44:6f:0d:ce:41:be:12:50:61:b5:88:d8: 66:b3:4a:97:06:bb:14:bd:3c:ff:b4:63:0f:c2:94: 04:e3:b3:86:af:bf:7f:2b:2a:d8:a8:ea:5c:35:44: 0f:e1:66:d6:04:1c:29:9c:00:6c:de:12:b9:58:aa: 4e:0d:32:01:65:d0:eb:fb:aa:98:9c:88:99:2e:83: 7e:3b:50:44:95:69:99:2e:36:cf:0f:5d:27:52:a6: c1:86:54:3a:7e:18:c4:a3:7a:73:42:cd:bb:3d:dd: f3:b8:05:83:5a:64:84:37:d6:0f:12:bb:db:7e:9b: 08:c5:50:5e:8f:a3:1e:cc:77:9b:f9:1d:ac:95:75: 6e:d5:ea:00:67:d4:fb:39:f1:66:af:ea:9f:22:a0: 34:d9:92:99:b2:d0:7d:40:86:31:9d:5a:77:b2:bc: ca:d4:bc:d0:ca:99:94:92:fe:db:51:5e:e1:65:32: 47:e4:d7:4c:27:4a:d1:a1:1d:38:32:b1:c3:8b:ed: fa:fd:be:97:4e:ae:63:7c:ff:7a:44:78:1a:4c:47: b8:a0:0f:cc:30:7b:7c:13:83:c6:3e:2e:22:90:52: 7c:7d:4a:f5:cd:06:14:55:05:0c:05:b7:a3:37:60: 88:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:1A:A2:2F:4A:EC:23:8E:58:B5:C1:AD:91:3D:0F:18:64:85:5B:45 X509v3 Authority Key Identifier: keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.234.134.0/24 104.234.172.0/24 104.234.177.0/24 Signature Algorithm: sha256WithRSAEncryption 61:1a:1f:28:0d:4e:ae:90:02:d8:49:b8:0a:29:90:7d:33:1c: 50:36:27:c5:98:ab:5f:2e:8b:61:55:4c:13:20:fc:d0:41:32: 36:62:16:a6:f6:35:39:4e:31:7b:5a:e3:13:50:59:ff:c5:22: 07:d9:d4:fe:5b:ea:c0:93:c0:f7:53:68:78:da:8b:5f:3e:f9: c1:d0:59:3e:1a:c8:73:b7:bf:b6:c6:86:f0:d1:fc:f2:09:78: 5f:05:e8:0f:ee:11:48:ec:58:b9:bc:9a:9d:78:c6:0f:d4:77: ee:8a:16:34:95:18:31:cc:e9:0f:55:80:14:86:ee:9b:89:d1: 4b:1b:fa:de:1e:b6:ae:3b:a4:92:b4:18:0e:28:6a:84:6a:aa: db:43:ac:a5:98:40:62:46:9b:04:40:bf:0e:78:e6:91:02:3b: 47:83:0c:59:e8:cf:d5:81:d7:5a:38:cb:53:e0:51:4f:e1:2c: ab:38:73:21:9f:5e:ce:2d:ba:b6:a8:28:31:a0:f1:69:4a:db: f7:09:a6:ea:ac:5e:99:64:36:59:22:04:d8:13:f4:94:79:5e: 9d:f4:80:34:31:b3:a9:91:b8:ad:7d:49:fa:a8:19:e3:3f:eb: 67:fe:f6:1a:b6:81:95:f1:a7:95:40:2c:a4:0c:10:63:04:8a: cf:c8:b5:6a -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIUPyjJzdno5ij7H/QtTng0vm8chkcwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjUwNjAyMTQzNzA2WhcNMjYwNjAxMTQ0MjA2 WjAzMTEwLwYDVQQDEygxQTFBQTIyRjRBRUMyMzhFNThCNUMxQUQ5MTNEMEYxODY0 ODU1QjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4BegYBvgBZj D67FSl8NjCREbw3OQb4SUGG1iNhms0qXBrsUvTz/tGMPwpQE47OGr79/KyrYqOpc NUQP4WbWBBwpnABs3hK5WKpODTIBZdDr+6qYnIiZLoN+O1BElWmZLjbPD10nUqbB hlQ6fhjEo3pzQs27Pd3zuAWDWmSEN9YPErvbfpsIxVBej6MezHeb+R2slXVu1eoA Z9T7OfFmr+qfIqA02ZKZstB9QIYxnVp3srzK1LzQypmUkv7bUV7hZTJH5NdMJ0rR oR04MrHDi+36/b6XTq5jfP96RHgaTEe4oA/MMHt8E4PGPi4ikFJ8fUr1zQYUVQUM BbejN2CIQwIDAQABo4ICijCCAoYwHQYDVR0OBBYEFBoaoi9K7COOWLXBrZE9Dxhk hVtFMB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j ZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jwa2ktcnBz LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj YjJiYWMvMC9BUzQwNjc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAaOqGAwQAaOqsAwQAaOqxMA0GCSqG SIb3DQEBCwUAA4IBAQBhGh8oDU6ukALYSbgKKZB9MxxQNifFmKtfLothVUwTIPzQ QTI2Yham9jU5TjF7WuMTUFn/xSIH2dT+W+rAk8D3U2h42otfPvnB0Fk+Gshzt7+2 xobw0fzyCXhfBegP7hFI7Fi5vJqdeMYP1HfuihY0lRgxzOkPVYAUhu6bidFLG/re HrauO6SStBgOKGqEaqrbQ6ylmEBiRpsEQL8OeOaRAjtHgwxZ6M/VgddaOMtT4FFP 4SyrOHMhn17OLbq2qCgxoPFpStv3CabqrF6ZZDZZIgTYE/SUeV6d9IA0MbOpkbit fUn6qBnjP+tn/vYatoGV8aeVQCykDBBjBIrPyLVq -----END CERTIFICATE-----Generated at Sun Jun 8 02:22:05 2025 by rpki-client