$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: 9hCfbLHR8RDJoNvvwYqI499NvvPRqYUMVtP3pcTROsU= Subject key identifier: 5B:0A:B2:0E:7A:2C:24:DE:9D:6F:42:E0:EC:F7:FF:A2:1E:2C:0A:01 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 2B2AEEA46B24BBD38616645A4FB1714AEB219C3B Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS16509.roa Signing time: Fri 04 Jul 2025 07:51:25 +0000 ROA not before: Fri 04 Jul 2025 07:46:25 +0000 ROA not after: Fri 03 Jul 2026 07:51:25 +0000 asID: 16509 IP address blocks: 2a07:54c1:4500::/40 maxlen: 48 2a07:54c4:175c::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 04 Aug 2025 23:12:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:2a:ee:a4:6b:24:bb:d3:86:16:64:5a:4f:b1:71:4a:eb:21:9c:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:25 2025 GMT Not After : Jul 3 07:51:25 2026 GMT Subject: CN=5B0AB20E7A2C24DE9D6F42E0ECF7FFA21E2C0A01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c7:79:66:1f:c8:73:b0:a8:36:d5:c7:c2:b8: dd:c4:ed:23:b3:36:a2:6c:55:f2:32:5c:16:15:c1: e0:09:a1:10:a6:82:c3:91:4e:75:6d:e4:7e:0b:56: d5:cc:85:96:56:34:e4:4a:d7:bb:d4:d4:bc:ac:d1: af:c2:9b:86:eb:5f:1f:32:1b:6c:8a:91:84:b1:bd: b9:fa:8c:4a:5b:dd:c3:d2:83:9f:80:20:2d:65:75: 73:cf:73:13:7f:e0:a5:ae:e2:bb:88:8b:15:7a:fb: 9f:87:05:de:1a:67:a2:c4:3c:ec:72:e8:fd:7e:18: d8:39:e4:6e:12:81:27:c5:34:e0:f6:d6:b4:59:50: 8c:8b:3f:68:9d:c2:63:f8:8f:6c:81:4e:c8:45:86: f2:e1:73:6c:9d:ed:62:49:c1:08:6b:79:30:1d:1d: 5e:25:2c:d5:b1:67:88:39:ab:98:60:c0:01:fa:36: 36:30:d4:03:e9:83:3a:64:89:4b:ea:1a:3c:3c:f5: 55:51:e6:76:c5:80:49:7e:8e:d8:ea:e5:7b:05:6f: 2d:9c:fc:ee:c9:ba:e3:82:81:c0:47:6b:21:20:ff: 40:59:8b:46:4f:cd:96:41:7d:ab:63:b8:0d:b0:2d: ed:89:a8:48:c1:a2:41:76:8e:61:27:f3:4c:7c:82: 4f:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:0A:B2:0E:7A:2C:24:DE:9D:6F:42:E0:EC:F7:FF:A2:1E:2C:0A:01 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4500::/40 2a07:54c4:175c::/48 Signature Algorithm: sha256WithRSAEncryption 60:28:b2:ed:40:8a:7e:2a:89:ad:b7:c3:a0:fa:dc:ff:a6:05: 1a:b1:a3:1c:ea:86:e8:db:9c:9c:3f:c0:f1:d1:6e:f5:03:fa: 43:5c:c1:4a:f2:f5:30:52:c6:0e:0a:4d:b4:c2:63:0e:ac:3c: 4c:ee:79:dd:32:57:60:d9:1f:37:b1:bc:b9:88:65:7c:2b:d8: 7c:dd:b5:9f:b7:c0:36:53:24:43:9f:8c:c5:bc:41:f9:4b:35: 45:db:92:9a:9a:12:67:01:36:fc:ba:46:5f:4d:57:b9:1d:ec: e9:48:4a:5e:24:14:da:49:ed:62:7a:87:92:f8:79:8d:b3:4d: 43:bc:58:93:f4:c9:e7:07:da:1b:e7:7c:db:ff:1e:ff:af:18: b0:fd:c4:0b:f5:ba:44:bb:39:21:dd:07:06:79:3d:4f:7f:35: 15:5f:15:2e:c5:a8:0e:1e:7b:9f:bf:b2:57:b2:5c:ef:cf:c3: cb:0a:37:78:a4:1e:f6:72:c9:a6:a4:eb:13:48:29:0b:27:97: e2:ab:87:6c:7e:e7:9c:3c:4b:34:14:2b:9c:1e:5e:fd:d0:7f: 5f:92:ec:1b:4d:1f:41:ec:2c:5c:ef:40:92:dd:18:38:71:24: 4f:bd:ee:ba:e6:e2:9d:0b:5e:83:ff:aa:7a:a3:32:74:d1:57: 99:96:00:b9 -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgIUKyrupGsku9OGFmRaT7FxSushnDswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjVaFw0yNjA3MDMwNzUxMjVaMDMxMTAvBgNV BAMTKDVCMEFCMjBFN0EyQzI0REU5RDZGNDJFMEVDRjdGRkEyMUUyQzBBMDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9x3lmH8hzsKg21cfCuN3E7SOz NqJsVfIyXBYVweAJoRCmgsORTnVt5H4LVtXMhZZWNORK17vU1Lys0a/Cm4brXx8y G2yKkYSxvbn6jEpb3cPSg5+AIC1ldXPPcxN/4KWu4ruIixV6+5+HBd4aZ6LEPOxy 6P1+GNg55G4SgSfFNOD21rRZUIyLP2idwmP4j2yBTshFhvLhc2yd7WJJwQhreTAd HV4lLNWxZ4g5q5hgwAH6NjYw1APpgzpkiUvqGjw89VVR5nbFgEl+jtjq5XsFby2c /O7JuuOCgcBHayEg/0BZi0ZPzZZBfatjuA2wLe2JqEjBokF2jmEn80x8gk+5AgMB AAGjggJEMIICQDAdBgNVHQ4EFgQUWwqyDnosJN6db0Lg7Pf/oh4sCgEwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBgAqB1TB RQMHACoHVMQXXDANBgkqhkiG9w0BAQsFAAOCAQEAYCiy7UCKfiqJrbfDoPrc/6YF GrGjHOqG6NucnD/A8dFu9QP6Q1zBSvL1MFLGDgpNtMJjDqw8TO553TJXYNkfN7G8 uYhlfCvYfN21n7fANlMkQ5+MxbxB+Us1RduSmpoSZwE2/LpGX01XuR3s6UhKXiQU 2kntYnqHkvh5jbNNQ7xYk/TJ5wfaG+d82/8e/68YsP3EC/W6RLs5Id0HBnk9T381 FV8VLsWoDh57n7+yV7Jc78/Dywo3eKQe9nLJpqTrE0gpCyeX4quHbH7nnDxLNBQr nB5e/dB/X5LsG00fQewsXO9Akt0YOHEkT73uuubinQteg/+qeqMydNFXmZYAuQ== -----END CERTIFICATE-----Generated at Mon Aug 4 14:22:39 2025 by rpki-client