$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410184f753dc64119d/5/AS214025.roa File: AS214025.roa (raw, json) Hash identifier: 6PK+fflwuPTkZ8Y4tIj6WDCODAixzMrJiiAytSUCHMI= Subject key identifier: EC:44:53:82:05:07:98:C1:1A:0D:11:52:F2:83:D5:B0:F1:2E:0F:37 Certificate issuer: /CN=8981204b93413540f7d5b86f0f9e74f1daade31df0db0f388e Certificate serial: 6908AFADE4724C48584AA9180E2BB69F91DEB702 Authority key identifier: 27:8A:E8:CA:B8:DB:6B:DD:82:D7:5E:DD:6D:85:0D:19:20:0D:1F:93 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4/8981204b93413540f7d5b86f0f9e74f1daade31df0db0f388e.cer Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f753dc64119d/5/AS214025.roa Signing time: Thu 23 Oct 2025 04:10:21 +0000 ROA not before: Thu 23 Oct 2025 04:05:21 +0000 ROA not after: Thu 22 Oct 2026 04:10:21 +0000 asID: 214025 IP address blocks: 40.27.88.0/24 maxlen: 24 40.27.226.0/24 maxlen: 24 40.223.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f753dc64119d/5/278AE8CAB8DB6BDD82D75EDD6D850D19200D1F93.crl rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f753dc64119d/5/278AE8CAB8DB6BDD82D75EDD6D850D19200D1F93.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4/8981204b93413540f7d5b86f0f9e74f1daade31df0db0f388e.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/a73420cb-b3cc-4b03-bda7-1be204933ae5.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/a73420cb-b3cc-4b03-bda7-1be204933ae5.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 07:57:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:08:af:ad:e4:72:4c:48:58:4a:a9:18:0e:2b:b6:9f:91:de:b7:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8981204b93413540f7d5b86f0f9e74f1daade31df0db0f388e Validity Not Before: Oct 23 04:05:21 2025 GMT Not After : Oct 22 04:10:21 2026 GMT Subject: CN=EC445382050798C11A0D1152F283D5B0F12E0F37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f4:39:f9:aa:34:3d:a0:96:5b:2d:7b:08:5c: 3c:e3:25:6b:7a:58:11:1f:16:7c:3d:19:9d:ab:52: ae:c6:c9:fd:96:23:ed:dd:d4:58:89:9d:4b:52:44: f3:7b:a2:aa:6f:98:2d:f6:6d:7b:ed:54:63:c1:e2: 61:47:7d:bc:69:d2:2b:80:5a:62:94:c6:03:3e:70: 45:c9:20:38:a9:6d:49:3a:c1:b6:1d:2c:68:b9:77: 77:57:19:a0:77:07:94:a5:3e:01:8a:86:91:05:15: e3:f9:d1:19:29:ea:b7:08:9e:f1:93:62:a2:78:e8: 76:46:18:d0:57:18:d8:92:e4:53:92:90:ea:12:b9: 78:14:40:b3:25:36:c2:05:92:44:89:41:97:25:52: 75:2d:79:5e:0e:7d:5a:c4:a2:73:4c:71:ce:03:59: 14:7c:49:67:9b:9f:e3:a0:c8:7b:79:2d:fd:be:f4: 15:88:0c:1f:b0:8a:4b:78:c0:33:db:34:e5:53:a9: 2a:b7:25:aa:ff:e6:5e:39:64:c8:6f:72:7e:05:7a: 46:26:6e:0f:ac:ed:67:64:04:11:cf:2d:2a:03:5a: 54:af:24:a7:29:b8:4c:33:88:04:a8:45:4f:b6:5f: 53:03:fb:6c:dd:3a:13:80:2a:03:e1:cd:3d:bb:b7: 8a:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:44:53:82:05:07:98:C1:1A:0D:11:52:F2:83:D5:B0:F1:2E:0F:37 X509v3 Authority Key Identifier: keyid:27:8A:E8:CA:B8:DB:6B:DD:82:D7:5E:DD:6D:85:0D:19:20:0D:1F:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f753dc64119d/5/278AE8CAB8DB6BDD82D75EDD6D850D19200D1F93.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/2a1354c7-abca-41b6-8b21-4e35a8d9c2b4/8981204b93413540f7d5b86f0f9e74f1daade31df0db0f388e.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410184f753dc64119d/5/AS214025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 40.27.88.0/24 40.27.226.0/24 40.223.5.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:c0:b4:14:74:ed:dc:78:2a:91:2a:78:51:4b:f5:4c:8b:07: f0:08:77:39:80:b0:9f:aa:81:ca:64:73:d4:ee:a2:f1:d6:0d: 88:3b:b1:a4:a1:67:f8:d2:43:32:47:ee:93:bd:47:65:e7:4c: b6:97:ea:54:79:0a:ac:d5:5a:aa:f8:1a:98:cd:02:b7:20:73: 24:2c:f6:1a:31:f5:80:ce:7b:4f:5a:20:50:d4:8f:9a:6b:3e: 90:81:6f:55:43:06:8b:40:32:d4:c1:87:60:d9:a3:f3:53:d3: c3:41:f4:95:4a:8e:be:73:59:31:bf:30:3e:da:83:76:48:f8: be:49:00:12:c9:93:39:3e:43:16:52:b8:9e:c0:96:c1:64:03: 12:e1:a9:e3:e9:ac:60:f7:4f:39:23:29:58:11:f4:2f:73:22: d0:e8:9a:ea:47:53:6e:65:84:e9:b7:88:98:0e:58:15:05:88: 92:2a:9b:26:69:5c:12:41:ae:4e:ca:e9:5b:9f:1b:c8:50:5f: b3:39:89:fa:65:53:43:5d:c2:23:7c:07:74:04:68:ee:97:4d: 99:5f:d0:2c:84:b7:5d:5c:2d:e8:28:c8:98:ad:79:80:5b:5a: 95:25:4a:ca:10:81:19:34:8e:5e:03:23:21:60:f8:12:d7:e1: b7:f4:13:52 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgIUaQivreRyTEhYSqkYDiu2n5HetwIwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyODk4MTIwNGI5MzQxMzU0MGY3ZDViODZmMGY5ZTc0ZjFk YWFkZTMxZGYwZGIwZjM4OGUwHhcNMjUxMDIzMDQwNTIxWhcNMjYxMDIyMDQxMDIx WjAzMTEwLwYDVQQDEyhFQzQ0NTM4MjA1MDc5OEMxMUEwRDExNTJGMjgzRDVCMEYx MkUwRjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/Q5+ao0PaCW Wy17CFw84yVrelgRHxZ8PRmdq1Kuxsn9liPt3dRYiZ1LUkTze6Kqb5gt9m177VRj weJhR328adIrgFpilMYDPnBFySA4qW1JOsG2HSxouXd3VxmgdweUpT4BioaRBRXj +dEZKeq3CJ7xk2KieOh2RhjQVxjYkuRTkpDqErl4FECzJTbCBZJEiUGXJVJ1LXle Dn1axKJzTHHOA1kUfElnm5/joMh7eS39vvQViAwfsIpLeMAz2zTlU6kqtyWq/+Ze OWTIb3J+BXpGJm4PrO1nZAQRzy0qA1pUrySnKbhMM4gEqEVPtl9TA/ts3ToTgCoD 4c09u7eKSQIDAQABo4ICizCCAocwHQYDVR0OBBYEFOxEU4IFB5jBGg0RUvKD1bDx Lg83MB8GA1UdIwQYMBaAFCeK6Mq422vdgtde3W2FDRkgDR+TMA4GA1UdDwEB/wQE AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l dC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTg0Zjc1M2RjNjQxMTlkLzUv Mjc4QUU4Q0FCOERCNkJERDgyRDc1RURENkQ4NTBEMTkyMDBEMUY5My5jcmwwgfMG CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut YjA4Yy0yMTcxZGEyMTU3ZDMvYTczNDIwY2ItYjNjYy00YjAzLWJkYTctMWJlMjA0 OTMzYWU1LzJhMTM1NGM3LWFiY2EtNDFiNi04YjIxLTRlMzVhOGQ5YzJiNC84OTgx MjA0YjkzNDEzNTQwZjdkNWI4NmYwZjllNzRmMWRhYWRlMzFkZjBkYjBmMzg4ZS5j ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODRmNzUzZGM2 NDExOWQvNS9BUzIxNDAyNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEACgbWAMEACgb4gMEACjfBTANBgkq hkiG9w0BAQsFAAOCAQEADMC0FHTt3HgqkSp4UUv1TIsH8Ah3OYCwn6qBymRz1O6i 8dYNiDuxpKFn+NJDMkfuk71HZedMtpfqVHkKrNVaqvgamM0CtyBzJCz2GjH1gM57 T1ogUNSPmms+kIFvVUMGi0Ay1MGHYNmj81PTw0H0lUqOvnNZMb8wPtqDdkj4vkkA EsmTOT5DFlK4nsCWwWQDEuGp4+msYPdPOSMpWBH0L3Mi0Oia6kdTbmWE6beImA5Y FQWIkiqbJmlcEkGuTsrpW58byFBfszmJ+mVTQ13CI3wHdARo7pdNmV/QLIS3XVwt 6CjImK15gFtalSVKyhCBGTSOXgMjIWD4Etfht/QTUg== -----END CERTIFICATE-----Generated at Wed Nov 5 08:44:43 2025 by rpki-client