$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS203867.roa File: AS203867.roa (raw, json) Hash identifier: yEp/3mNL3+7ztVUtFYGnMhX2ZXukiO7kiAWUdD+WXt8= Subject key identifier: C4:FB:E1:C0:3E:A7:CA:5B:94:E7:15:58:44:F1:70:A7:9D:5F:29:45 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 73B2FD97A0FB25CA3DA9ACA0CF68CC7F4967F845 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS203867.roa Signing time: Fri 04 Jul 2025 07:51:26 +0000 ROA not before: Fri 04 Jul 2025 07:46:26 +0000 ROA not after: Fri 03 Jul 2026 07:51:26 +0000 asID: 203867 IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48 2a07:54c4:1758::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 01:03:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:b2:fd:97:a0:fb:25:ca:3d:a9:ac:a0:cf:68:cc:7f:49:67:f8:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:26 2025 GMT Not After : Jul 3 07:51:26 2026 GMT Subject: CN=C4FBE1C03EA7CA5B94E7155844F170A79D5F2945 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:de:67:c8:64:6a:f7:43:89:73:ce:a3:d1:ca: cd:5d:65:b2:12:13:e6:e1:1e:67:12:75:97:2f:23: 5f:b6:b6:ef:f0:7d:d9:c6:10:34:da:82:e4:ce:64: 9f:b1:b0:61:37:a5:2a:19:60:e9:41:dc:27:37:6c: a2:35:5d:33:34:41:bc:92:88:d1:1c:ac:77:62:b4: b2:79:5c:9b:ce:67:b5:2e:ed:58:a7:e5:8b:50:28: 37:47:1e:d6:a1:9f:fd:fc:da:9a:7d:e7:30:39:2a: e6:f8:37:95:a9:5e:e2:51:92:81:63:46:1c:a6:fb: b6:7d:16:f8:9c:fb:cd:26:04:1e:32:ed:0a:91:14: 11:6b:8c:58:15:b0:40:28:62:f4:3b:fb:da:57:01: b0:61:c2:93:7e:44:a6:76:55:34:90:a4:8b:88:ea: e5:e0:64:9d:98:3d:59:2e:8e:c8:9c:9b:e8:e5:b2: f5:f7:1e:2f:20:a8:5f:d9:ae:60:0a:03:98:96:9d: 3e:fd:90:37:18:ee:36:0f:8c:8d:a5:88:4a:77:2a: d6:16:f7:20:80:68:e8:c7:01:72:e6:48:22:4b:10: a5:3d:8c:73:5a:56:92:d4:4f:a0:4a:98:27:4d:44: 95:cc:9d:5a:d1:2e:75:9f:f8:52:21:df:d0:b2:54: 5a:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:FB:E1:C0:3E:A7:CA:5B:94:E7:15:58:44:F1:70:A7:9D:5F:29:45 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS203867.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c2:b00b::/48 2a07:54c4:1758::/48 Signature Algorithm: sha256WithRSAEncryption 43:d3:50:04:ce:61:7f:3d:26:d6:a6:40:75:fd:64:4f:c4:49: 30:9b:8e:b5:60:19:af:0d:b7:20:d3:1d:23:b9:5d:13:22:ab: dc:ba:91:ac:20:70:ef:7c:dd:28:11:65:09:61:5e:e8:38:69: 50:c8:6f:b6:5b:fb:37:4d:d1:4c:69:39:34:ab:b1:34:1d:cf: e3:65:ef:ea:7b:69:aa:d6:61:28:bf:38:8e:05:32:41:32:35: fa:09:9a:30:3c:1c:b3:3d:ba:d6:7d:22:50:e9:0e:9c:a6:39: 42:f8:eb:53:fa:d9:74:a2:c1:83:6d:a9:84:63:9e:d2:6f:9a: 10:1a:e1:82:00:97:1a:6d:95:0a:22:62:30:f1:fb:21:8f:ec: 6b:aa:e0:b9:bb:13:ee:e6:90:a5:50:19:3f:c6:62:40:dd:b6: c5:26:fe:36:ee:34:e0:2b:f9:0b:e7:f5:38:d1:42:7e:aa:dd: 1e:cf:0f:ed:41:9e:7a:15:98:71:e4:09:8d:02:d0:c0:a6:78: ec:6e:ec:d4:0c:86:68:51:41:b0:a4:08:c4:88:4a:36:f7:30: c8:7f:79:4b:74:9e:4f:57:f7:72:74:2b:30:cb:3b:69:4e:e4: b4:4f:f8:1a:8d:9d:61:7d:6a:76:40:2e:9c:9e:f6:8b:55:37: 77:5f:30:d6 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUc7L9l6D7Jco9qaygz2jMf0ln+EUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjZaFw0yNjA3MDMwNzUxMjZaMDMxMTAvBgNV BAMTKEM0RkJFMUMwM0VBN0NBNUI5NEU3MTU1ODQ0RjE3MEE3OUQ1RjI5NDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS3mfIZGr3Q4lzzqPRys1dZbIS E+bhHmcSdZcvI1+2tu/wfdnGEDTaguTOZJ+xsGE3pSoZYOlB3Cc3bKI1XTM0QbyS iNEcrHditLJ5XJvOZ7Uu7Vin5YtQKDdHHtahn/382pp95zA5Kub4N5WpXuJRkoFj Rhym+7Z9Fvic+80mBB4y7QqRFBFrjFgVsEAoYvQ7+9pXAbBhwpN+RKZ2VTSQpIuI 6uXgZJ2YPVkujsicm+jlsvX3Hi8gqF/ZrmAKA5iWnT79kDcY7jYPjI2liEp3KtYW 9yCAaOjHAXLmSCJLEKU9jHNaVpLUT6BKmCdNRJXMnVrRLnWf+FIh39CyVFpNAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUxPvhwD6nyluU5xVYRPFwp51fKUUwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTMjAzODY3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgdU wrALAwcAKgdUxBdYMA0GCSqGSIb3DQEBCwUAA4IBAQBD01AEzmF/PSbWpkB1/WRP xEkwm461YBmvDbcg0x0juV0TIqvcupGsIHDvfN0oEWUJYV7oOGlQyG+2W/s3TdFM aTk0q7E0Hc/jZe/qe2mq1mEovziOBTJBMjX6CZowPByzPbrWfSJQ6Q6cpjlC+OtT +tl0osGDbamEY57Sb5oQGuGCAJcabZUKImIw8fshj+xrquC5uxPu5pClUBk/xmJA 3bbFJv427jTgK/kL5/U40UJ+qt0ezw/tQZ56FZhx5AmNAtDApnjsbuzUDIZoUUGw pAjEiEo29zDIf3lLdJ5PV/dydCswyztpTuS0T/gajZ1hfWp2QC6cnvaLVTd3XzDW -----END CERTIFICATE-----Generated at Wed Nov 5 13:21:31 2025 by rpki-client