$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: Rqwr7IVAU2fZhd7bF05lk20cCEIGmANBWTm+xFvkUog= Subject key identifier: 70:4A:F8:F9:CD:93:C1:A0:31:E6:0B:FB:46:8F:7D:11:29:E0:88:56 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 37045FC5BA7DE083B8F86DDD240BFF8471775158 Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa Signing time: Sun 20 Apr 2025 01:32:31 +0000 ROA not before: Sun 20 Apr 2025 01:27:31 +0000 ROA not after: Sun 19 Apr 2026 01:32:31 +0000 asID: 0 IP address blocks: 2a07:54c7:6000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 27 Apr 2025 00:51:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:04:5f:c5:ba:7d:e0:83:b8:f8:6d:dd:24:0b:ff:84:71:77:51:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: Apr 20 01:27:31 2025 GMT Not After : Apr 19 01:32:31 2026 GMT Subject: CN=704AF8F9CD93C1A031E60BFB468F7D1129E08856 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:3e:32:bb:0d:67:e5:97:6c:13:d3:2b:95:26: 80:10:ab:ef:bd:aa:ea:62:cc:fe:b2:c8:59:99:f8: ef:b7:7a:b7:db:29:9f:25:1e:75:e3:87:ce:39:75: 01:16:9c:ef:98:e2:71:dd:ed:02:9c:70:32:c3:ab: 06:67:57:cc:0d:f9:7e:56:26:f7:aa:1a:0c:c9:31: 72:8f:4e:b3:27:bd:79:4a:81:31:c6:6d:c3:2c:6b: d1:db:f4:fe:c2:d0:df:e9:df:f9:16:da:b9:cd:63: ed:c1:7b:6e:3e:b4:3c:d4:cd:6f:ee:4f:8e:83:c8: a9:0b:5d:3a:b7:a4:28:b6:4c:3a:87:10:9e:71:90: dc:20:51:ad:22:2f:f4:17:06:d1:4f:56:d2:e2:e9: 86:68:d1:95:a6:71:80:ea:e3:1f:29:d7:2f:62:67: 0d:4c:27:a2:1c:71:cc:e0:14:96:52:28:99:82:c3: 8a:56:8b:61:2e:f5:2d:97:71:1e:a8:a9:e6:3c:c6: f7:5d:4c:f0:f7:e2:40:04:83:39:c0:86:bb:1b:3b: 19:f9:11:51:de:f6:6d:ea:73:9b:6d:d9:d8:c9:59: 92:e0:c4:ca:dc:4e:73:97:ec:d4:21:50:d7:02:2b: 55:8c:d7:2e:3d:52:24:66:44:75:95:cc:5d:7e:20: e7:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:4A:F8:F9:CD:93:C1:A0:31:E6:0B:FB:46:8F:7D:11:29:E0:88:56 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c7:6000::/36 Signature Algorithm: sha256WithRSAEncryption 47:b0:26:cb:5a:e6:ff:5e:b7:65:47:1d:e8:60:20:e1:c1:1b: 84:19:84:be:33:b0:b1:98:00:f4:63:df:04:82:d6:69:a9:35: 0c:70:64:26:f2:eb:a7:69:dd:a8:e1:b9:ae:e4:d0:bb:df:8f: 25:fc:b8:4d:a5:dc:40:de:e7:9d:8c:9c:84:e9:c6:72:32:14: df:ba:28:fa:88:d7:65:d9:22:7c:ae:c1:46:40:94:b7:0e:6d: 8f:15:79:9e:3a:89:e6:a1:8c:7c:45:70:7c:ca:16:25:24:22: 28:b8:5e:a6:40:3f:5c:0a:64:a3:e9:fe:44:75:7d:ca:c8:da: a7:d5:b2:e4:70:16:7c:e8:9f:86:b0:3f:9e:3b:92:3e:b9:76: 94:cf:84:fa:df:ab:66:fd:71:0a:71:8f:c8:e2:c2:08:17:24: 5f:79:87:38:82:f7:36:f8:45:71:8f:78:4f:40:7a:e0:1b:97: 21:b3:5e:8b:50:54:c3:9e:f2:71:42:24:7b:32:16:a0:82:dd: fd:77:9a:e1:64:7b:0b:68:5e:93:c1:a0:d7:4d:36:08:f5:46: 3b:5d:ec:42:2c:1e:bb:b3:94:30:1f:d3:e0:cb:e2:55:b1:0d: a3:40:d3:17:6e:13:dc:3f:ff:ba:67:32:f8:48:c1:db:42:19: 90:47:0e:61 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUNwRfxbp94IO4+G3dJAv/hHF3UVgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA0MjAwMTI3MzFaFw0yNjA0MTkwMTMyMzFaMDMxMTAvBgNV BAMTKDcwNEFGOEY5Q0Q5M0MxQTAzMUU2MEJGQjQ2OEY3RDExMjlFMDg4NTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvPjK7DWfll2wT0yuVJoAQq++9 qupizP6yyFmZ+O+3erfbKZ8lHnXjh845dQEWnO+Y4nHd7QKccDLDqwZnV8wN+X5W JveqGgzJMXKPTrMnvXlKgTHGbcMsa9Hb9P7C0N/p3/kW2rnNY+3Be24+tDzUzW/u T46DyKkLXTq3pCi2TDqHEJ5xkNwgUa0iL/QXBtFPVtLi6YZo0ZWmcYDq4x8p1y9i Zw1MJ6IccczgFJZSKJmCw4pWi2Eu9S2XcR6oqeY8xvddTPD34kAEgznAhrsbOxn5 EVHe9m3qc5tt2djJWZLgxMrcTnOX7NQhUNcCK1WM1y49UiRmRHWVzF1+IOfRAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUcEr4+c2TwaAx5gv7Ro99ESngiFYwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoHVMdgMA0G CSqGSIb3DQEBCwUAA4IBAQBHsCbLWub/XrdlRx3oYCDhwRuEGYS+M7CxmAD0Y98E gtZpqTUMcGQm8uunad2o4bmu5NC7348l/LhNpdxA3uedjJyE6cZyMhTfuij6iNdl 2SJ8rsFGQJS3Dm2PFXmeOonmoYx8RXB8yhYlJCIouF6mQD9cCmSj6f5EdX3KyNqn 1bLkcBZ86J+GsD+eO5I+uXaUz4T636tm/XEKcY/I4sIIFyRfeYc4gvc2+EVxj3hP QHrgG5chs16LUFTDnvJxQiR7Mhaggt39d5rhZHsLaF6TwaDXTTYI9UY7XexCLB67 s5QwH9Pgy+JVsQ2jQNMXbhPcP/+6ZzL4SMHbQhmQRw5h -----END CERTIFICATE-----Generated at Sat Apr 26 12:46:24 2025 by rpki-client