$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS951.roa File: AS951.roa (raw, json) Hash identifier: Xhmd+aLpNFKCrMvN4DO6rn8HiqVwq45cgNg2p+XplRg= Subject key identifier: 9A:AA:56:DC:F7:05:0A:2D:33:82:6F:83:4A:D7:4F:1D:44:E7:83:06 Certificate issuer: /CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Certificate serial: 5F16242EC6F15213B50EF8694BC2100CE2BA94F3 Authority key identifier: 6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS951.roa Signing time: Fri 04 Jul 2025 07:51:24 +0000 ROA not before: Fri 04 Jul 2025 07:46:24 +0000 ROA not after: Fri 03 Jul 2026 07:51:24 +0000 asID: 951 IP address blocks: 2a07:54c4:1751::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 06 Nov 2025 01:03:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:16:24:2e:c6:f1:52:13:b5:0e:f8:69:4b:c2:10:0c:e2:ba:94:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FF76AC421894FD5CCD6332FA2A9CF330312CEA8 Validity Not Before: Jul 4 07:46:24 2025 GMT Not After : Jul 3 07:51:24 2026 GMT Subject: CN=9AAA56DCF7050A2D33826F834AD74F1D44E78306 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:44:36:f1:e0:80:11:11:62:43:ca:e1:35:5a: 38:e9:e1:7b:82:91:7d:24:af:13:68:af:eb:97:67: 3a:28:24:be:eb:b1:f7:d9:d7:b5:00:ed:ea:8a:91: 09:7a:59:d7:e1:f2:be:59:99:67:46:5d:a1:3d:98: d1:82:34:cb:5c:91:81:d5:af:7f:e7:5a:af:ed:c6: 5d:03:aa:8a:48:84:cb:7a:4d:ea:32:8e:65:1a:cf: 6e:4e:a0:07:ad:06:d0:58:e7:c5:f6:af:d5:38:45: a2:a7:f7:84:81:b3:c3:cf:72:ef:50:34:a7:cd:45: 88:98:1c:c2:11:52:c0:d1:88:2d:c8:aa:13:17:84: db:55:3d:db:bb:a4:8c:8d:b7:e4:f0:d0:d8:52:a3: 78:bf:25:d8:e9:bb:38:11:bf:a6:4f:c0:70:32:74: f3:07:68:16:85:98:a6:28:02:18:f4:36:b1:5e:58: 76:76:57:08:c0:81:bb:41:a1:7d:54:74:15:88:ad: c7:35:d0:c6:83:42:0c:96:7d:ad:79:1a:19:53:fd: e3:99:b0:5e:f4:01:6d:4b:bb:2e:09:0f:ba:72:84: bb:29:b6:43:55:d9:af:54:15:5d:3d:c9:c8:4d:39: 99:a8:c1:86:70:7f:9b:12:7b:c6:2d:d1:7a:da:a8: 2e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:AA:56:DC:F7:05:0A:2D:33:82:6F:83:4A:D7:4F:1D:44:E7:83:06 X509v3 Authority Key Identifier: keyid:6F:F7:6A:C4:21:89:4F:D5:CC:D6:33:2F:A2:A9:CF:33:03:12:CE:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6FF76AC421894FD5CCD6332FA2A9CF330312CEA8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/4/AS951.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:54c4:1751::/48 Signature Algorithm: sha256WithRSAEncryption 08:60:94:32:c3:ff:7a:2d:ae:5a:27:2c:4b:83:87:90:ee:1d: 97:4f:e0:ea:47:a3:de:f5:f9:ce:16:8e:91:d3:8d:d5:5e:8d: 77:15:ef:09:f1:7f:80:4a:0e:ac:ab:18:e6:1b:6d:08:6a:03: a8:28:aa:4e:9e:37:44:74:27:9c:63:f0:86:dc:c7:c5:35:62: f4:48:af:ea:67:4c:cb:45:14:a9:a5:84:73:3e:28:24:3d:a4: 5d:be:61:d7:49:a7:4b:af:5e:66:cb:6c:9b:b5:81:a7:3e:e5: 34:d1:6b:48:88:ee:e1:e5:45:00:a7:86:58:43:9d:87:e0:59: 54:e3:66:32:fe:e4:8a:dc:25:03:22:27:e8:bf:ec:23:99:48: 3a:ff:ff:af:fc:7f:4c:c7:9b:20:82:e8:ea:2f:e8:87:08:a8: 56:8f:a5:55:5a:ca:5c:99:14:09:47:28:17:61:4f:0c:16:02: bf:1a:ed:31:5a:55:1b:b1:74:0f:c8:6a:ea:d6:6a:1e:79:39: 68:14:45:6e:e8:56:42:e0:28:bc:1c:cb:4f:51:e5:5c:be:11: 21:17:1d:9c:cc:ee:6a:2f:e1:22:66:e6:4b:2a:c9:f4:58:f6: 37:ce:18:72:79:60:f6:8a:31:ea:dd:ef:e4:98:a5:fc:87:98: 46:0e:db:e2 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIUXxYkLsbxUhO1DvhpS8IQDOK6lPMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMw MzEyQ0VBODAeFw0yNTA3MDQwNzQ2MjRaFw0yNjA3MDMwNzUxMjRaMDMxMTAvBgNV BAMTKDlBQUE1NkRDRjcwNTBBMkQzMzgyNkY4MzRBRDc0RjFENDRFNzgzMDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDARDbx4IAREWJDyuE1Wjjp4XuC kX0krxNor+uXZzooJL7rsffZ17UA7eqKkQl6Wdfh8r5ZmWdGXaE9mNGCNMtckYHV r3/nWq/txl0DqopIhMt6TeoyjmUaz25OoAetBtBY58X2r9U4RaKn94SBs8PPcu9Q NKfNRYiYHMIRUsDRiC3IqhMXhNtVPdu7pIyNt+Tw0NhSo3i/JdjpuzgRv6ZPwHAy dPMHaBaFmKYoAhj0NrFeWHZ2VwjAgbtBoX1UdBWIrcc10MaDQgyWfa15GhlT/eOZ sF70AW1Luy4JD7pyhLsptkNV2a9UFV09ychNOZmowYZwf5sSe8Yt0XraqC51AgMB AAGjggI6MIICNjAdBgNVHQ4EFgQUmqpW3PcFCi0zgm+DStdPHUTngwYwHwYDVR0j BBgwFoAUb/dqxCGJT9XM1jMvoqnPMwMSzqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh ZTNmLzQvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEyQ0VBOC5j cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1 YzkxYmUzZjlkLzcvNkZGNzZBQzQyMTg5NEZENUNDRDYzMzJGQTJBOUNGMzMwMzEy Q0VBOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi80L0FTOTUxLnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdUxBdR MA0GCSqGSIb3DQEBCwUAA4IBAQAIYJQyw/96La5aJyxLg4eQ7h2XT+DqR6Pe9fnO Fo6R043VXo13Fe8J8X+ASg6sqxjmG20IagOoKKpOnjdEdCecY/CG3MfFNWL0SK/q Z0zLRRSppYRzPigkPaRdvmHXSadLr15my2ybtYGnPuU00WtIiO7h5UUAp4ZYQ52H 4FlU42Yy/uSK3CUDIifov+wjmUg6//+v/H9Mx5sggujqL+iHCKhWj6VVWspcmRQJ RygXYU8MFgK/Gu0xWlUbsXQPyGrq1moeeTloFEVu6FZC4Ci8HMtPUeVcvhEhFx2c zO5qL+EiZuZLKsn0WPY3zhhyeWD2ijHq3e/kmKX8h5hGDtvi -----END CERTIFICATE-----Generated at Wed Nov 5 14:52:14 2025 by rpki-client