$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: 9uNldMjb29TVZ4rScuX3nqYPEeY/mlOmuOMOIucALXo= Subject key identifier: 77:EC:2E:17:8B:04:BF:72:FC:63:05:DB:82:85:88:5E:EF:F0:5C:73 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 305FCB25DB2C3C9282154F7373411E252DFAE228 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS16509.roa Signing time: Sun 18 May 2025 20:54:15 +0000 ROA not before: Sun 18 May 2025 20:49:15 +0000 ROA not after: Sun 17 May 2026 20:54:15 +0000 asID: 16509 IP address blocks: 2a07:54c1:4500::/40 maxlen: 48 2a07:54c4:175c::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Jun 2025 01:07:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:5f:cb:25:db:2c:3c:92:82:15:4f:73:73:41:1e:25:2d:fa:e2:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: May 18 20:49:15 2025 GMT Not After : May 17 20:54:15 2026 GMT Subject: CN=77EC2E178B04BF72FC6305DB8285885EEFF05C73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:fd:b1:3d:fc:f6:de:e6:5d:2e:ca:fb:f4:4a: c7:3a:f3:db:7d:88:09:22:f4:c7:27:24:d5:fe:6b: d0:f9:ab:c6:2a:83:d2:cb:81:82:b2:97:30:cc:de: b3:db:6f:68:fd:84:62:b2:e9:b2:3a:17:c2:b6:6b: b8:85:80:89:b8:87:23:88:cc:00:b3:2a:d2:73:9f: 29:2a:dd:86:54:d6:85:64:98:f5:44:e7:f7:23:23: 21:98:93:07:ee:bf:a6:73:c5:2e:0a:25:73:02:60: 20:43:19:e4:57:76:30:d9:c7:53:d3:37:a3:e1:e9: ec:ba:9a:f5:38:e5:8f:3f:13:56:fa:d6:e0:36:b7: 88:f8:68:f3:fa:77:aa:5f:bc:1b:84:20:0d:2f:69: 8e:7c:25:18:f2:42:fd:f2:9e:6e:41:74:5f:b8:2b: d7:7a:90:b2:34:43:cf:23:e9:f4:88:33:4b:65:1a: 7b:8c:22:e3:5e:72:6b:0c:1d:61:7f:f5:18:17:fe: 07:d2:78:0e:45:6b:7e:75:a5:5f:b5:9b:76:71:1e: 18:f2:4c:0f:fb:fc:b2:c6:09:5f:89:10:5a:e7:41: 5d:8c:cc:7a:bf:6f:cb:39:d0:66:ce:47:06:33:1e: 8c:d2:17:ef:5f:e5:1b:35:52:0e:29:88:10:b8:11: e5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:EC:2E:17:8B:04:BF:72:FC:63:05:DB:82:85:88:5E:EF:F0:5C:73 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4500::/40 2a07:54c4:175c::/48 Signature Algorithm: sha256WithRSAEncryption 66:7e:b6:12:5d:63:28:2c:4c:e1:0d:bc:0f:73:f9:f7:13:d8: da:3b:92:ad:80:9e:c1:8f:aa:93:e8:aa:22:41:f1:97:f3:b4: ef:52:0d:4f:80:bb:da:6d:d1:f4:ee:3d:77:26:00:f8:c1:3b: d6:7b:b7:10:47:ba:dc:d2:4d:d7:dd:09:86:fa:92:37:bf:53: 41:84:51:e2:ca:c4:c0:b1:3e:ee:c0:5a:41:1a:72:ee:56:1c: 95:71:1a:da:d8:78:2d:56:cb:9e:e8:b0:ac:39:78:83:fd:70: 5b:94:86:ac:c3:61:2f:9c:fe:d1:c6:4f:ef:5b:46:bf:56:e3: fc:2c:21:0b:42:83:00:58:a0:e3:91:6c:e8:35:76:fe:c7:cf: 97:4d:1c:b0:0d:36:e9:3a:8b:b1:c1:3a:c0:bf:b6:6b:56:4b: e1:6a:db:3e:7c:47:c6:bc:6f:a2:dc:3e:0f:91:e7:07:4f:f9: 74:29:13:df:45:60:69:f3:e1:c0:60:59:17:f6:1c:50:bd:eb: bb:b8:23:7d:7f:e5:49:ba:08:20:06:74:c1:10:5d:d2:ef:36: c4:79:85:d9:1b:28:62:e2:39:25:35:3c:af:48:11:0c:16:ec: 3c:a8:d6:09:7a:94:bc:35:e4:cf:ee:64:d0:74:5d:f2:fe:3e: ae:68:32:e1 -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgIUMF/LJdssPJKCFU9zc0EeJS364igwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA1MTgyMDQ5MTVaFw0yNjA1MTcyMDU0MTVaMDMxMTAvBgNV BAMTKDc3RUMyRTE3OEIwNEJGNzJGQzYzMDVEQjgyODU4ODVFRUZGMDVDNzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq/bE9/Pbe5l0uyvv0Ssc689t9 iAki9McnJNX+a9D5q8Yqg9LLgYKylzDM3rPbb2j9hGKy6bI6F8K2a7iFgIm4hyOI zACzKtJznykq3YZU1oVkmPVE5/cjIyGYkwfuv6ZzxS4KJXMCYCBDGeRXdjDZx1PT N6Ph6ey6mvU45Y8/E1b61uA2t4j4aPP6d6pfvBuEIA0vaY58JRjyQv3ynm5BdF+4 K9d6kLI0Q88j6fSIM0tlGnuMIuNecmsMHWF/9RgX/gfSeA5Fa351pV+1m3ZxHhjy TA/7/LLGCV+JEFrnQV2MzHq/b8s50GbORwYzHozSF+9f5Rs1Ug4piBC4EeW5AgMB AAGjggJEMIICQDAdBgNVHQ4EFgQUd+wuF4sEv3L8YwXbgoWIXu/wXHMwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBgAqB1TB RQMHACoHVMQXXDANBgkqhkiG9w0BAQsFAAOCAQEAZn62El1jKCxM4Q28D3P59xPY 2juSrYCewY+qk+iqIkHxl/O071INT4C72m3R9O49dyYA+ME71nu3EEe63NJN190J hvqSN79TQYRR4srEwLE+7sBaQRpy7lYclXEa2th4LVbLnuiwrDl4g/1wW5SGrMNh L5z+0cZP71tGv1bj/CwhC0KDAFig45Fs6DV2/sfPl00csA026TqLscE6wL+2a1ZL 4WrbPnxHxrxvotw+D5HnB0/5dCkT30VgafPhwGBZF/YcUL3ru7gjfX/lSboIIAZ0 wRBd0u82xHmF2RsoYuI5JTU8r0gRDBbsPKjWCXqUvDXkz+5k0HRd8v4+rmgy4Q== -----END CERTIFICATE-----Generated at Sun Jun 1 10:25:43 2025 by rpki-client