$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS400542.roa File: AS400542.roa (raw, json) Hash identifier: dez+KaSY+7iTjrFYxFxwO81u1NBNwEXMOKVLxgfkFoI= Subject key identifier: BA:EB:73:68:95:B6:28:2E:3B:E3:3B:74:3A:4E:7E:17:1A:82:28:F2 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 30469183B53676B4050450B2B880FF72A0F689BA Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS400542.roa Signing time: Fri 04 Jul 2025 07:51:27 +0000 ROA not before: Fri 04 Jul 2025 07:46:27 +0000 ROA not after: Fri 03 Jul 2026 07:51:27 +0000 asID: 400542 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Jul 2025 17:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:46:91:83:b5:36:76:b4:05:04:50:b2:b8:80:ff:72:a0:f6:89:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:27 2025 GMT Not After : Jul 3 07:51:27 2026 GMT Subject: CN=BAEB736895B6282E3BE33B743A4E7E171A8228F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e0:0d:b2:c9:4b:b3:d2:cd:c3:06:1a:40:1d: 10:ce:92:23:af:9f:f6:c3:b6:8b:d4:9e:1d:93:c7: 1f:35:44:03:ef:84:03:92:b1:b9:95:fb:85:c4:cc: 7c:46:1c:bb:f3:40:36:e9:16:cb:19:b0:27:7a:91: 87:3c:69:71:f0:4f:d1:f1:bf:6c:be:b2:f9:a0:8e: 17:04:51:b0:73:ac:53:b9:a6:e5:f0:15:e3:5d:c3: 1a:08:4a:d8:14:c5:f3:38:e4:15:80:38:8e:f5:69: 5a:23:be:40:11:c8:86:9c:68:10:5d:8b:ee:21:4a: 1d:34:fe:17:92:83:88:6e:93:23:18:b7:5a:89:cb: 11:37:10:2d:cb:a4:47:ca:cf:9e:e1:49:74:bd:8a: c9:05:f7:2a:54:d7:02:51:27:87:ad:c9:e9:55:db: f9:3b:b8:ed:bd:1a:0f:68:1c:e4:1b:58:d3:6a:e7: c5:5d:b1:72:78:3c:4d:8a:7d:b8:a7:bc:34:2a:f0: d2:b2:17:5d:cb:6e:bb:77:a5:95:7f:49:fe:99:44: 37:5f:17:f9:09:77:59:6c:4d:74:a1:6b:66:cc:bb: 65:8e:be:a4:9c:ec:fe:be:e0:aa:21:9b:a0:ed:68: c5:24:a9:38:1e:35:de:36:8c:49:9d:8d:1d:fe:ba: b2:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:EB:73:68:95:B6:28:2E:3B:E3:3B:74:3A:4E:7E:17:1A:82:28:F2 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS400542.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 Signature Algorithm: sha256WithRSAEncryption 10:2d:e8:aa:e1:47:54:35:c3:4b:94:9f:45:9b:15:32:e2:3b: c7:1f:9e:95:b9:a6:28:96:9d:f7:8e:7d:d7:0f:08:75:db:2a: 88:cd:21:86:90:7c:03:46:ad:d5:35:d4:7c:0b:c5:a7:5c:40: 94:19:1e:45:e9:37:78:8e:60:93:37:2c:8f:12:5d:18:92:da: 94:47:a8:46:a2:3d:d7:dc:ae:3c:3e:6d:9f:63:67:ca:2a:3e: 7f:1c:f5:f7:af:60:96:8c:50:e0:b0:dd:94:d1:3d:d8:c2:32: 77:8e:e9:c4:a6:df:33:5d:3a:db:52:11:2b:c3:c1:c4:a4:b4: 14:2e:a7:5c:93:17:25:ec:4e:cb:05:2a:c6:0f:87:fe:5b:ca: 3f:29:ab:21:e3:48:78:9d:e2:3e:d0:7b:2c:da:db:ac:da:64: 95:f6:32:b9:90:f8:b7:7f:49:b3:ff:d3:99:e0:36:f7:b8:53: 85:95:e9:f3:17:ee:66:50:44:55:48:cd:b8:cb:4d:11:08:9e: 20:e7:6a:41:2f:5d:5e:de:f7:b5:64:86:f4:70:3c:a4:dc:1b: 14:08:23:2f:8b:aa:71:e8:59:d5:5d:32:fd:fe:98:85:c9:77: b4:52:91:19:f5:8a:08:50:50:c8:50:ac:02:c0:7b:84:92:1e: 82:e4:15:eb -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUMEaRg7U2drQFBFCyuID/cqD2ibowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjdaFw0yNjA3MDMwNzUxMjdaMDMxMTAvBgNV BAMTKEJBRUI3MzY4OTVCNjI4MkUzQkUzM0I3NDNBNEU3RTE3MUE4MjI4RjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB4A2yyUuz0s3DBhpAHRDOkiOv n/bDtovUnh2Txx81RAPvhAOSsbmV+4XEzHxGHLvzQDbpFssZsCd6kYc8aXHwT9Hx v2y+svmgjhcEUbBzrFO5puXwFeNdwxoIStgUxfM45BWAOI71aVojvkARyIacaBBd i+4hSh00/heSg4hukyMYt1qJyxE3EC3LpEfKz57hSXS9iskF9ypU1wJRJ4etyelV 2/k7uO29Gg9oHOQbWNNq58VdsXJ4PE2KfbinvDQq8NKyF13Lbrt3pZV/Sf6ZRDdf F/kJd1lsTXSha2bMu2WOvqSc7P6+4Kohm6DtaMUkqTgeNd42jEmdjR3+urLNAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUuutzaJW2KC474zt0Ok5+FxqCKPIwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTNDAwNTQyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU wrALMA0GCSqGSIb3DQEBCwUAA4IBAQAQLeiq4UdUNcNLlJ9FmxUy4jvHH56VuaYo lp33jn3XDwh12yqIzSGGkHwDRq3VNdR8C8WnXECUGR5F6Td4jmCTNyyPEl0YktqU R6hGoj3X3K48Pm2fY2fKKj5/HPX3r2CWjFDgsN2U0T3YwjJ3junEpt8zXTrbUhEr w8HEpLQULqdckxcl7E7LBSrGD4f+W8o/Kash40h4neI+0Hss2tus2mSV9jK5kPi3 f0mz/9OZ4Db3uFOFlenzF+5mUERVSM24y00RCJ4g52pBL11e3ve1ZIb0cDyk3BsU CCMvi6px6FnVXTL9/piFyXe0UpEZ9YoIUFDIUKwCwHuEkh6C5BXr -----END CERTIFICATE-----Generated at Sat Jul 5 08:16:40 2025 by rpki-client