$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: AkC0loZc+wUveszW4ysbADezPtjc0Uw6344g0psb7gg= Subject key identifier: 46:F2:90:12:1E:5D:83:F8:47:B6:4E:BF:8A:1C:E9:73:BE:BC:5D:0C Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 49699E8C25E2EECFA9ED95905FBF35DE6D42BEDC Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS16509.roa Signing time: Fri 05 Jun 2026 08:45:52 +0000 ROA not before: Fri 05 Jun 2026 08:40:52 +0000 ROA not after: Fri 04 Jun 2027 08:45:52 +0000 asID: 16509 IP address blocks: 2a07:54c1:4500::/40 maxlen: 48 2a07:54c4:175c::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Jun 2026 01:00:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:69:9e:8c:25:e2:ee:cf:a9:ed:95:90:5f:bf:35:de:6d:42:be:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jun 5 08:40:52 2026 GMT Not After : Jun 4 08:45:52 2027 GMT Subject: CN=46F290121E5D83F847B64EBF8A1CE973BEBC5D0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a3:40:aa:b8:7c:6d:3f:fd:ae:f4:6a:df:15: 72:8d:a9:46:b1:28:5b:a5:6c:00:66:f8:ce:2f:96: 4e:ee:d4:83:1d:ff:39:77:d8:60:4a:04:2e:4a:85: 61:4e:2d:2b:e4:14:12:5e:5e:63:50:e7:cc:83:e0: c6:cf:29:05:93:00:e1:1b:74:6b:e8:bd:4d:69:21: 36:1d:64:12:c3:0e:06:85:e3:cb:d4:09:0a:78:e0: cd:11:f1:08:f9:df:8c:1f:d3:0f:af:6c:fb:81:77: c0:12:38:8a:d2:89:7a:41:32:92:5f:57:47:f7:fc: 65:e7:17:ac:b2:87:2b:28:d5:64:d3:c6:87:3c:8f: 26:37:d1:1a:e5:80:6c:0d:fa:d5:10:90:12:25:b2: fa:d2:b3:31:f8:5b:7f:68:c5:85:4d:eb:47:3e:e1: 9d:5d:ab:1e:02:33:39:c0:36:9a:7b:e2:c0:31:44: ca:81:d6:e9:56:5e:25:9d:3b:16:a4:3d:d3:ca:ef: c7:08:54:fe:9c:df:44:79:be:85:b3:ec:76:04:da: f3:a3:20:08:63:32:e6:07:b6:e3:58:1b:bc:22:70: 15:55:2d:82:b9:d7:4b:d7:f0:55:19:2f:7a:8e:ec: 65:73:47:3d:f7:b5:c9:46:5d:c9:5c:a6:78:c6:cf: a0:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:F2:90:12:1E:5D:83:F8:47:B6:4E:BF:8A:1C:E9:73:BE:BC:5D:0C X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c1:4500::/40 2a07:54c4:175c::/48 Signature Algorithm: sha256WithRSAEncryption 16:00:7a:9d:cf:5a:87:b6:6c:b5:93:86:0f:df:f3:b7:90:65: ed:2d:65:02:62:ad:25:38:97:71:d5:71:a4:dd:6d:a7:1b:e6: b2:5a:cd:9c:89:e1:64:13:51:a7:99:db:65:6f:53:c6:3b:77: 5e:a3:36:a2:a3:71:46:d2:a7:0a:10:52:f1:51:f1:ea:82:78: f7:5a:d1:85:37:06:f6:c9:78:05:34:84:51:92:16:d2:bf:42: b7:dc:85:c5:54:d0:5f:ec:da:85:3d:59:ac:33:58:c2:9c:d6: cb:25:79:97:1b:00:c8:3c:84:c4:22:2d:30:8d:6e:b3:85:b6: 9d:4c:65:59:80:e9:f2:16:e2:67:22:86:1f:f3:af:f4:12:13: 11:1b:75:ad:08:ef:05:5e:3b:43:67:4b:61:84:7c:1b:07:c5: 67:ed:99:a3:17:1f:be:dc:0d:8e:bf:72:50:64:43:03:9c:51: ff:cb:7f:6c:66:b5:d2:bf:87:e7:f0:70:3e:1b:12:b9:02:b2: 93:40:00:e8:ec:fc:fa:85:61:07:87:94:f6:78:c5:2b:f7:e7: 80:20:7d:63:fb:a9:10:07:08:73:98:68:05:33:12:6a:9a:56: 7f:74:5c:65:c2:48:f2:bb:ec:83:5a:63:d0:61:c7:31:be:c1: ca:1f:04:58 -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgIUSWmejCXi7s+p7ZWQX7813m1CvtwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNjA2MDUwODQwNTJaFw0yNzA2MDQwODQ1NTJaMDMxMTAvBgNV BAMTKDQ2RjI5MDEyMUU1RDgzRjg0N0I2NEVCRjhBMUNFOTczQkVCQzVEMEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7o0CquHxtP/2u9GrfFXKNqUax KFulbABm+M4vlk7u1IMd/zl32GBKBC5KhWFOLSvkFBJeXmNQ58yD4MbPKQWTAOEb dGvovU1pITYdZBLDDgaF48vUCQp44M0R8Qj534wf0w+vbPuBd8ASOIrSiXpBMpJf V0f3/GXnF6yyhyso1WTTxoc8jyY30RrlgGwN+tUQkBIlsvrSszH4W39oxYVN60c+ 4Z1dqx4CMznANpp74sAxRMqB1ulWXiWdOxakPdPK78cIVP6c30R5voWz7HYE2vOj IAhjMuYHtuNYG7wicBVVLYK510vX8FUZL3qO7GVzRz33tclGXclcpnjGz6CBAgMB AAGjggJEMIICQDAdBgNVHQ4EFgQURvKQEh5dg/hHtk6/ihzpc768XQwwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBgAqB1TB RQMHACoHVMQXXDANBgkqhkiG9w0BAQsFAAOCAQEAFgB6nc9ah7ZstZOGD9/zt5Bl 7S1lAmKtJTiXcdVxpN1tpxvmslrNnInhZBNRp5nbZW9Txjt3XqM2oqNxRtKnChBS 8VHx6oJ491rRhTcG9sl4BTSEUZIW0r9Ct9yFxVTQX+zahT1ZrDNYwpzWyyV5lxsA yDyExCItMI1us4W2nUxlWYDp8hbiZyKGH/Ov9BITERt1rQjvBV47Q2dLYYR8GwfF Z+2ZoxcfvtwNjr9yUGRDA5xR/8t/bGa10r+H5/BwPhsSuQKyk0AA6Oz8+oVhB4eU 9njFK/fngCB9Y/upEAcIc5hoBTMSappWf3RcZcJI8rvsg1pj0GHHMb7Byh8EWA== -----END CERTIFICATE-----Generated at Sat Jun 13 10:43:52 2026 by rpki-client