$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209735.roa File: AS209735.roa (raw, json) Hash identifier: mfD8QK2CvS0aCWZpVT6XkOSYcPSPDm5rjv9w4JWz2Ok= Subject key identifier: A8:06:B1:1D:49:CA:BB:12:3F:D1:C4:27:B1:F0:CB:FB:B5:2B:A5:8C Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 081CD8B5E8489A41BDBC09700D195B5FC1E45793 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209735.roa Signing time: Fri 04 Jul 2025 07:51:28 +0000 ROA not before: Fri 04 Jul 2025 07:46:28 +0000 ROA not after: Fri 03 Jul 2026 07:51:28 +0000 asID: 209735 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:1c:d8:b5:e8:48:9a:41:bd:bc:09:70:0d:19:5b:5f:c1:e4:57:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:28 2025 GMT Not After : Jul 3 07:51:28 2026 GMT Subject: CN=A806B11D49CABB123FD1C427B1F0CBFBB52BA58C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:26:a2:da:68:50:85:a1:00:3c:bd:7e:da:cb: 6e:80:27:ac:9c:4f:0e:22:57:e8:64:9a:1e:7f:b4: 7f:21:e6:3d:70:30:f5:3d:dd:0a:dc:aa:96:7e:c2: 36:1a:32:1d:c6:e5:66:10:18:a0:a1:7a:22:05:0a: 24:fc:f3:99:18:17:24:34:28:09:7c:58:7a:16:af: fe:9a:ac:56:07:72:e7:27:df:1f:17:e5:00:86:f9: 5f:15:c7:d4:06:dd:97:26:65:aa:9a:b8:9c:7a:7b: d7:bf:db:88:c0:50:0f:c2:1a:fe:41:e4:15:fb:20: 6e:1c:75:f5:ff:0d:ae:ef:11:6e:9c:25:f6:24:0c: 02:2a:0e:30:90:2d:09:8b:b0:79:f1:0c:bb:dd:48: 5f:77:bf:6e:b5:b3:a7:fa:90:08:8b:5b:d9:2e:e4: 64:dc:a1:4f:49:8b:b3:d1:39:05:9c:9b:43:c4:24: cb:d9:17:6d:b8:44:b3:61:90:e9:61:f9:4b:b1:a5: f2:34:39:db:4b:e8:7c:42:19:cb:11:aa:28:ec:7a: 8e:93:ad:eb:4a:61:10:3e:72:69:fd:dd:01:85:f3: bb:7c:95:6a:7e:6e:ce:9c:7c:08:91:80:07:09:03: 78:d2:9e:14:a8:3f:8b:43:d0:27:3f:7b:ab:9d:78: e2:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:06:B1:1D:49:CA:BB:12:3F:D1:C4:27:B1:F0:CB:FB:B5:2B:A5:8C X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS209735.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 73:67:1f:2b:62:34:d6:4e:15:4c:4e:f2:73:26:ba:f8:71:a4: 2d:86:37:e4:91:28:ba:4d:04:27:02:c2:0b:ea:7e:fd:a9:f0: 29:76:24:fd:c0:9c:9d:7f:6c:b1:e7:9f:5f:bf:92:9b:f5:33: 4c:35:82:c9:41:2a:95:c1:3c:bf:1c:b7:8f:d4:e2:9d:10:bc: 31:d9:37:69:5f:94:17:e0:8a:c7:cf:60:45:83:8e:45:4d:a2: 10:06:c1:e0:e8:e6:fb:41:5b:82:f9:95:bb:80:34:71:88:41: ca:89:d4:16:40:ac:e9:ac:24:1b:6a:f6:5c:d5:3e:33:3f:67: 77:59:fb:f3:a7:e0:5b:63:e3:92:a1:b9:ef:e6:25:c6:8f:4d: 28:14:5a:c3:89:0d:29:1d:5e:f4:89:0f:68:2d:c1:0d:3a:88: 90:2d:26:0f:65:73:14:6d:f4:93:02:2b:99:e4:a9:ef:4e:4b: 35:86:fd:7d:c7:53:27:4b:76:7a:eb:c2:43:04:4a:4e:42:5f: f4:29:ff:26:f6:60:4c:c0:ea:a6:e4:c8:f5:26:07:1d:f9:72: 33:b1:bf:99:d6:b7:b9:58:ce:a2:d3:34:58:64:2d:00:39:e2: 58:24:fa:98:3a:70:4d:49:51:09:c9:a3:b2:96:f1:29:de:b8: 7d:01:c4:ee -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUCBzYtehImkG9vAlwDRlbX8HkV5MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjhaFw0yNjA3MDMwNzUxMjhaMDMxMTAvBgNV BAMTKEE4MDZCMTFENDlDQUJCMTIzRkQxQzQyN0IxRjBDQkZCQjUyQkE1OEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUJqLaaFCFoQA8vX7ay26AJ6yc Tw4iV+hkmh5/tH8h5j1wMPU93QrcqpZ+wjYaMh3G5WYQGKCheiIFCiT885kYFyQ0 KAl8WHoWr/6arFYHcucn3x8X5QCG+V8Vx9QG3ZcmZaqauJx6e9e/24jAUA/CGv5B 5BX7IG4cdfX/Da7vEW6cJfYkDAIqDjCQLQmLsHnxDLvdSF93v261s6f6kAiLW9ku 5GTcoU9Ji7PROQWcm0PEJMvZF224RLNhkOlh+UuxpfI0OdtL6HxCGcsRqijseo6T retKYRA+cmn93QGF87t8lWp+bs6cfAiRgAcJA3jSnhSoP4tD0Cc/e6udeOKDAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUqAaxHUnKuxI/0cQnsfDL+7UrpYwwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjA5NzM1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBzZx8rYjTWThVMTvJzJrr4caQthjfkkSi6 TQQnAsIL6n79qfApdiT9wJydf2yx559fv5Kb9TNMNYLJQSqVwTy/HLeP1OKdELwx 2TdpX5QX4IrHz2BFg45FTaIQBsHg6Ob7QVuC+ZW7gDRxiEHKidQWQKzprCQbavZc 1T4zP2d3Wfvzp+BbY+OSobnv5iXGj00oFFrDiQ0pHV70iQ9oLcENOoiQLSYPZXMU bfSTAiuZ5KnvTks1hv19x1MnS3Z668JDBEpOQl/0Kf8m9mBMwOqm5Mj1Jgcd+XIz sb+Z1re5WM6i0zRYZC0AOeJYJPqYOnBNSVEJyaOylvEp3rh9AcTu -----END CERTIFICATE-----Generated at Sat Jul 5 08:27:59 2025 by rpki-client