$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS14618.roa File: AS14618.roa (raw, json) Hash identifier: k+YRXx0GAA+7dyUfRlkZZZiZI4lQvNiv/N0tPV+sC8U= Subject key identifier: 3A:CC:D8:A2:3E:F9:34:5D:73:A0:E3:17:D3:A4:B8:5D:6E:74:1E:F0 Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Certificate serial: 7C826E0AE23557BEC650AF575E590CA332827C4E Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS14618.roa Signing time: Sun 18 May 2025 20:53:48 +0000 ROA not before: Sun 18 May 2025 20:48:48 +0000 ROA not after: Sun 17 May 2026 20:53:48 +0000 asID: 14618 IP address blocks: 2a07:54c1:4500::/40 maxlen: 48 2a07:54c4:175c::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 15 Jun 2025 09:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:82:6e:0a:e2:35:57:be:c6:50:af:57:5e:59:0c:a3:32:82:7c:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E Validity Not Before: May 18 20:48:48 2025 GMT Not After : May 17 20:53:48 2026 GMT Subject: CN=3ACCD8A23EF9345D73A0E317D3A4B85D6E741EF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8b:fb:cb:6d:96:2c:b5:73:b9:85:c7:06:be: 10:07:1b:6c:64:c9:23:0e:e6:aa:56:3c:b0:df:b7: 61:0a:85:7c:2f:8f:d7:99:d0:22:64:39:c0:92:6a: 51:20:20:b4:bb:d9:c4:17:54:23:df:b0:b0:d4:53: 1f:94:11:90:1c:25:c3:4f:b1:85:a0:93:9c:f7:e9: f2:be:23:52:6b:f1:43:6c:fa:b4:c7:e7:21:96:71: 6b:f5:24:16:ae:d8:c6:cd:4a:7d:b8:4a:32:98:ec: c4:df:61:7d:44:bd:20:7d:25:12:9a:dc:ca:3b:bd: ef:d0:e4:21:4a:01:f6:f6:29:b0:04:2e:05:2b:d6: 4f:87:8e:a1:44:81:a8:39:e9:fa:49:3e:84:d3:97: 6e:6e:78:7c:75:14:36:fc:96:77:37:09:27:d9:b5: f4:89:4d:8d:65:af:0f:75:bf:3a:38:4f:dd:d7:d2: 54:92:2f:f5:ca:a2:52:0a:69:87:2c:0b:e0:ea:1f: 2b:a5:52:4b:dc:44:92:83:22:99:36:d1:67:67:37: d9:dd:ff:82:62:a1:75:98:96:8d:f3:fa:ca:c2:5a: b8:41:cf:73:2c:46:d8:24:b2:bc:8a:cc:3c:f3:a5: 0a:bb:aa:84:a1:e6:1b:71:2e:04:81:81:21:ad:b2: bd:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:CC:D8:A2:3E:F9:34:5D:73:A0:E3:17:D3:A4:B8:5D:6E:74:1E:F0 X509v3 Authority Key Identifier: keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS14618.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4500::/40 2a07:54c4:175c::/48 Signature Algorithm: sha256WithRSAEncryption 8c:e6:00:5a:60:eb:0d:9e:1a:df:26:48:81:49:2e:93:e4:39: 42:49:29:f2:a0:2b:af:b2:9f:42:d9:22:07:95:94:03:37:f3: 47:b0:5b:ba:32:f7:8a:5f:0a:13:48:13:68:18:03:8c:cb:fa: c7:c8:e8:03:dc:8b:06:22:47:6b:ca:1a:ca:f8:aa:27:c8:fe: 01:ac:f8:77:ef:7e:52:e2:eb:9a:3d:df:f3:8f:f1:39:e1:64: 01:ff:92:90:26:3d:5b:0d:0e:29:3c:22:74:fd:27:73:b9:ac: ed:61:4f:ca:1a:58:06:32:d5:3e:7d:9a:24:fe:d8:0b:e2:71: 93:1b:20:c5:66:34:65:25:23:75:6a:3f:b8:50:af:b0:88:6f: a6:a6:29:63:00:45:a7:97:56:a2:17:a1:84:fc:69:83:92:8e: dd:77:8a:9f:fc:07:09:31:12:99:61:d9:ea:35:75:a4:17:05: 34:d4:a5:ef:0c:eb:7c:2f:fe:15:96:5e:92:1d:00:e0:0a:e3: 8a:d9:c1:6f:7b:3a:1c:eb:4b:33:aa:1d:c8:1e:94:73:57:15: a9:6e:f2:bb:ad:85:bf:b1:31:20:55:c5:76:0e:93:65:09:47: da:ff:c0:17:6d:7d:e8:ed:7e:80:ef:30:1d:ed:0f:0a:14:f2: 96:a6:84:d7 -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgIUfIJuCuI1V77GUK9XXlkMozKCfE4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw RTFFMkY4RTAeFw0yNTA1MTgyMDQ4NDhaFw0yNjA1MTcyMDUzNDhaMDMxMTAvBgNV BAMTKDNBQ0NEOEEyM0VGOTM0NUQ3M0EwRTMxN0QzQTRCODVENkU3NDFFRjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2i/vLbZYstXO5hccGvhAHG2xk ySMO5qpWPLDft2EKhXwvj9eZ0CJkOcCSalEgILS72cQXVCPfsLDUUx+UEZAcJcNP sYWgk5z36fK+I1Jr8UNs+rTH5yGWcWv1JBau2MbNSn24SjKY7MTfYX1EvSB9JRKa 3Mo7ve/Q5CFKAfb2KbAELgUr1k+HjqFEgag56fpJPoTTl25ueHx1FDb8lnc3CSfZ tfSJTY1lrw91vzo4T93X0lSSL/XKolIKaYcsC+DqHyulUkvcRJKDIpk20WdnN9nd /4JioXWYlo3z+srCWrhBz3MsRtgksryKzDzzpQq7qoSh5htxLgSBgSGtsr3FAgMB AAGjggJEMIICQDAdBgNVHQ4EFgQUOszYoj75NF1zoOMX06S4XW50HvAwHwYDVR0j BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBgAqB1TB RQMHACoHVMQXXDANBgkqhkiG9w0BAQsFAAOCAQEAjOYAWmDrDZ4a3yZIgUkuk+Q5 Qkkp8qArr7KfQtkiB5WUAzfzR7BbujL3il8KE0gTaBgDjMv6x8joA9yLBiJHa8oa yviqJ8j+Aaz4d+9+UuLrmj3f84/xOeFkAf+SkCY9Ww0OKTwidP0nc7ms7WFPyhpY BjLVPn2aJP7YC+JxkxsgxWY0ZSUjdWo/uFCvsIhvpqYpYwBFp5dWohehhPxpg5KO 3XeKn/wHCTESmWHZ6jV1pBcFNNSl7wzrfC/+FZZekh0A4ArjitnBb3s6HOtLM6od yB6Uc1cVqW7yu62Fv7ExIFXFdg6TZQlH2v/AF2196O1+gO8wHe0PChTylqaE1w== -----END CERTIFICATE-----Generated at Sat Jun 14 23:39:26 2025 by rpki-client