$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS198016.roa File: AS198016.roa (raw, json) Hash identifier: r8XfwUBUzYxpYXGneH4V0Lq1fgDoQGUObX0SLWyJiK8= Subject key identifier: 1A:98:29:E6:C5:E4:4F:BA:8C:3E:88:16:A3:6A:1F:76:D3:50:25:D3 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 039F38751979FA8957137B33E067F6A6329513BC Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS198016.roa Signing time: Fri 04 Jul 2025 07:51:26 +0000 ROA not before: Fri 04 Jul 2025 07:46:26 +0000 ROA not after: Fri 03 Jul 2026 07:51:26 +0000 asID: 198016 IP address blocks: 2a07:54c7:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 23:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:9f:38:75:19:79:fa:89:57:13:7b:33:e0:67:f6:a6:32:95:13:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:26 2025 GMT Not After : Jul 3 07:51:26 2026 GMT Subject: CN=1A9829E6C5E44FBA8C3E8816A36A1F76D35025D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:84:37:bc:2a:ed:a3:18:12:df:56:26:0f:70: 7f:44:7f:4a:80:b4:24:41:6e:93:8b:87:5d:c4:a2: b7:8c:d3:a8:42:a2:00:ef:61:7c:4f:29:ce:25:05: b3:f9:44:07:93:6d:fc:dd:87:c1:01:b2:dc:f3:1b: a2:b6:d3:bd:d3:17:0f:5b:3c:6b:b0:79:2d:b7:bc: cf:f7:46:6c:c5:ac:19:32:52:de:5f:9a:98:1d:18: 40:16:1f:68:e2:52:2a:b4:d0:ca:d5:73:e5:26:d6: b4:62:0e:e1:d8:8a:16:0d:c4:17:a0:ef:d9:97:56: 87:10:6d:26:e6:98:f6:b2:73:fc:77:a9:45:4d:2d: 60:17:bc:c1:50:8e:d2:3c:91:2f:a7:03:7d:c4:e8: 29:a3:0c:96:3d:70:eb:62:f0:d1:7a:76:d9:34:9e: 8a:77:f6:15:33:5b:41:9e:ed:23:c3:7b:26:a9:e0: 9f:52:7e:f5:44:2f:df:c2:87:61:3c:06:ad:da:ff: ed:66:94:1f:32:64:f3:61:c4:e6:ac:2a:29:70:fe: 40:25:44:d4:c6:16:d3:c2:b7:8f:49:87:0f:3e:ba: cd:f5:4f:32:f8:0d:9d:c6:6d:99:d8:44:52:62:99: e7:d7:ee:e4:46:02:43:34:c1:7c:0b:0a:dc:aa:02: f8:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:98:29:E6:C5:E4:4F:BA:8C:3E:88:16:A3:6A:1F:76:D3:50:25:D3 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS198016.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c7:2000::/36 Signature Algorithm: sha256WithRSAEncryption 3a:dd:ca:b6:3b:ea:72:6c:89:94:2b:67:e3:5e:26:e4:93:2f: 0c:89:70:cb:8d:1b:ce:75:3a:18:82:20:5c:9f:70:0b:5b:f1: 27:cb:e9:9f:0c:bd:96:b0:7a:f1:15:d4:14:f7:c6:71:67:24: 37:06:bf:11:51:06:a6:bc:42:6b:b5:5a:f5:c1:40:9b:db:e5: e5:98:1e:1b:67:8a:fc:57:a0:f4:ac:a9:75:f4:8e:b7:48:96: 1e:d0:39:9b:98:cd:19:e7:9d:84:f6:48:56:34:5d:a5:f5:4f: fe:69:77:c2:a9:d6:45:84:e2:17:ab:a0:ad:13:bb:c5:da:74: d6:be:de:05:cf:b9:01:73:79:51:79:3f:7a:99:c8:10:cc:fd: 5c:28:c5:ab:32:c3:00:06:86:7a:72:d5:24:54:20:11:ec:ec: af:9c:fd:cd:80:0e:a3:81:ca:df:0f:d7:f9:0b:13:a4:a8:bb: 7e:19:8f:c3:bd:60:dd:aa:bf:a6:31:bb:a7:43:2e:31:44:a3: 4f:11:4c:c8:fe:36:b8:88:ef:90:79:53:e3:29:ec:61:cc:3c: 52:8a:85:44:0b:86:99:d5:1f:66:a9:c9:95:06:a7:49:e1:42: da:b1:51:e9:52:26:59:cd:29:d5:87:f0:0f:cd:6f:c2:22:aa: e6:c0:c1:c7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUA584dRl5+olXE3sz4Gf2pjKVE7wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjZaFw0yNjA3MDMwNzUxMjZaMDMxMTAvBgNV BAMTKDFBOTgyOUU2QzVFNDRGQkE4QzNFODgxNkEzNkExRjc2RDM1MDI1RDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZhDe8Ku2jGBLfViYPcH9Ef0qA tCRBbpOLh13EoreM06hCogDvYXxPKc4lBbP5RAeTbfzdh8EBstzzG6K2073TFw9b PGuweS23vM/3RmzFrBkyUt5fmpgdGEAWH2jiUiq00MrVc+Um1rRiDuHYihYNxBeg 79mXVocQbSbmmPayc/x3qUVNLWAXvMFQjtI8kS+nA33E6CmjDJY9cOti8NF6dtk0 nop39hUzW0Ge7SPDeyap4J9SfvVEL9/Ch2E8Bq3a/+1mlB8yZPNhxOasKilw/kAl RNTGFtPCt49Jhw8+us31TzL4DZ3GbZnYRFJimefX7uRGAkM0wXwLCtyqAvinAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGpgp5sXkT7qMPogWo2ofdtNQJdMwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMTk4MDE2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgdU xyAwDQYJKoZIhvcNAQELBQADggEBADrdyrY76nJsiZQrZ+NeJuSTLwyJcMuNG851 OhiCIFyfcAtb8SfL6Z8MvZawevEV1BT3xnFnJDcGvxFRBqa8Qmu1WvXBQJvb5eWY HhtnivxXoPSsqXX0jrdIlh7QOZuYzRnnnYT2SFY0XaX1T/5pd8Kp1kWE4heroK0T u8XadNa+3gXPuQFzeVF5P3qZyBDM/VwoxasywwAGhnpy1SRUIBHs7K+c/c2ADqOB yt8P1/kLE6Sou34Zj8O9YN2qv6Yxu6dDLjFEo08RTMj+NriI75B5U+Mp7GHMPFKK hUQLhpnVH2apyZUGp0nhQtqxUelSJlnNKdWH8A/Nb8IiqubAwcc= -----END CERTIFICATE-----Generated at Wed Nov 5 08:39:58 2025 by rpki-client