$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS202828.roa File: AS202828.roa (raw, json) Hash identifier: 0lIBHOC8+H2iKP/VT9luvmJQoINX23w3/k2KVJsycRU= Subject key identifier: 16:F5:57:CB:89:C8:FA:06:CA:E1:9C:6E:AB:32:5E:FB:EE:3F:00:25 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 54F0EDAB1375D181472D90AE92CE54D48230D83B Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS202828.roa Signing time: Fri 04 Jul 2025 07:51:23 +0000 ROA not before: Fri 04 Jul 2025 07:46:23 +0000 ROA not after: Fri 03 Jul 2026 07:51:23 +0000 asID: 202828 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:f0:ed:ab:13:75:d1:81:47:2d:90:ae:92:ce:54:d4:82:30:d8:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:23 2025 GMT Not After : Jul 3 07:51:23 2026 GMT Subject: CN=16F557CB89C8FA06CAE19C6EAB325EFBEE3F0025 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:2f:29:a9:04:2f:ef:e2:cb:02:0b:9a:b2:c5: 11:3f:3a:e9:8e:fe:08:1d:0e:30:12:c1:0d:5a:0a: 67:ae:62:e5:b4:16:38:b1:ea:97:ab:35:f4:cc:f4: 95:1f:67:98:ce:59:08:01:62:e2:cd:6d:a1:8a:05: b0:f4:b0:97:52:42:0a:f4:86:cc:99:73:d9:8e:19: 07:ee:f5:a9:10:2b:0f:31:0e:46:5c:1f:c3:04:7c: 62:ce:c5:a2:36:61:31:aa:ed:20:fc:25:88:46:50: ae:bb:a7:dc:84:84:a9:aa:f5:4b:3d:30:25:2b:84: 10:c1:a1:4a:92:96:3f:85:db:46:47:3b:1c:32:54: 04:17:86:7a:ce:53:ce:2c:83:9f:b9:71:33:b7:6e: de:0c:b1:be:37:00:86:ce:f2:cd:7f:fe:1f:fc:f2: 47:dc:ae:a8:04:77:d1:10:f6:12:fd:5d:0e:07:ea: 99:06:8d:0f:72:2a:c5:96:81:15:0e:ba:e2:1a:ce: ee:b3:ea:5e:fd:1a:a0:2c:37:0c:98:96:12:b0:18: 97:0a:d1:67:e3:a4:99:fe:7a:12:ab:d3:06:0a:e7: ca:2c:5d:43:02:41:82:14:81:f7:0c:68:68:60:8e: be:32:20:12:f2:ec:07:cc:94:34:f3:98:e8:db:c5: 94:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:F5:57:CB:89:C8:FA:06:CA:E1:9C:6E:AB:32:5E:FB:EE:3F:00:25 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS202828.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 5b:a5:7a:4e:10:c3:05:6b:2b:56:32:dd:a8:71:e1:82:a2:ac: d6:4a:a9:77:cd:3a:35:46:94:17:0b:c7:ed:c8:c0:80:2a:3d: 04:d9:88:0f:dc:67:12:41:28:70:63:6c:df:a6:9d:17:b8:bf: 3a:ea:d8:9a:8b:e1:12:95:8c:1a:f7:d7:24:0b:e5:d2:fa:8f: 10:9a:67:6b:6c:ff:8d:92:45:af:fd:9e:4d:7f:36:d7:86:3c: a7:2d:4a:f6:0f:d1:1f:a9:bc:6d:57:f3:0e:47:64:3e:7c:75: 0f:e3:7a:a8:df:b1:ea:c8:6f:b9:6c:26:01:07:c0:85:e2:89: 60:88:e2:7e:70:2d:11:e1:2c:2b:e9:00:3d:11:05:ca:4b:4c: c6:0d:6c:49:c2:04:72:76:72:23:ec:61:2e:73:c6:29:37:50: 4b:7b:44:93:ee:bd:c5:67:9e:85:6c:b1:af:9d:91:ae:af:5f: a6:fc:e2:46:45:cf:f7:60:e8:85:95:de:b4:10:c1:8b:6c:5a: e4:ee:d7:b3:c2:ef:08:f3:24:8e:e5:eb:c4:83:9b:2c:f9:df: 9f:8f:df:61:88:83:bc:11:1e:b8:34:0d:20:b1:27:c2:e3:d9: 75:c2:1a:c3:5d:5f:ad:fb:1d:8e:fa:34:a3:56:d3:18:e3:74: ed:f2:76:05 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUVPDtqxN10YFHLZCuks5U1IIw2DswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjNaFw0yNjA3MDMwNzUxMjNaMDMxMTAvBgNV BAMTKDE2RjU1N0NCODlDOEZBMDZDQUUxOUM2RUFCMzI1RUZCRUUzRjAwMjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGLympBC/v4ssCC5qyxRE/OumO /ggdDjASwQ1aCmeuYuW0Fjix6perNfTM9JUfZ5jOWQgBYuLNbaGKBbD0sJdSQgr0 hsyZc9mOGQfu9akQKw8xDkZcH8MEfGLOxaI2YTGq7SD8JYhGUK67p9yEhKmq9Us9 MCUrhBDBoUqSlj+F20ZHOxwyVAQXhnrOU84sg5+5cTO3bt4Msb43AIbO8s1//h/8 8kfcrqgEd9EQ9hL9XQ4H6pkGjQ9yKsWWgRUOuuIazu6z6l79GqAsNwyYlhKwGJcK 0WfjpJn+ehKr0wYK58osXUMCQYIUgfcMaGhgjr4yIBLy7AfMlDTzmOjbxZQHAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUFvVXy4nI+gbK4ZxuqzJe++4/ACUwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjAyODI4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBbpXpOEMMFaytWMt2oceGCoqzWSql3zTo1 RpQXC8ftyMCAKj0E2YgP3GcSQShwY2zfpp0XuL866tiai+ESlYwa99ckC+XS+o8Q mmdrbP+NkkWv/Z5NfzbXhjynLUr2D9EfqbxtV/MOR2Q+fHUP43qo37HqyG+5bCYB B8CF4olgiOJ+cC0R4Swr6QA9EQXKS0zGDWxJwgRydnIj7GEuc8YpN1BLe0ST7r3F Z56FbLGvnZGur1+m/OJGRc/3YOiFld60EMGLbFrk7tezwu8I8ySO5evEg5ss+d+f j99hiIO8ER64NA0gsSfC49l1whrDXV+t+x2O+jSjVtMY43Tt8nYF -----END CERTIFICATE-----Generated at Sat Jul 5 08:19:01 2025 by rpki-client