$ rpki-client -vvf r.magellan.ipxo.com/repo/30327b9e-227a-4ebd-825b-3b98095dc927-0/0/AS399955.roa File: AS399955.roa (raw, json) Hash identifier: fmHljSlqMb1uZi2+w7pwrgj1FFf3ZtJenBIi5oPV0MI= Subject key identifier: 70:25:0E:BB:E8:DD:D7:E5:2A:A1:2F:5A:47:D7:5E:C4:CF:23:80:2E Certificate issuer: /CN=AEF766F103B2EF99DF8C71978A7FE519D730B155 Certificate serial: 5C10CC59E708D21524C5994FC9D1CDF3A04C8DEA Authority key identifier: AE:F7:66:F1:03:B2:EF:99:DF:8C:71:97:8A:7F:E5:19:D7:30:B1:55 Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AEF766F103B2EF99DF8C71978A7FE519D730B155.cer Subject info access: rsync://r.magellan.ipxo.com/repo/30327b9e-227a-4ebd-825b-3b98095dc927-0/0/AS399955.roa Signing time: Thu 30 Apr 2026 12:14:21 +0000 ROA not before: Thu 30 Apr 2026 12:09:21 +0000 ROA not after: Thu 29 Apr 2027 12:14:21 +0000 asID: 399955 IP address blocks: 169.40.129.0/24 maxlen: 24 169.40.146.0/23 maxlen: 24 169.40.148.0/23 maxlen: 24 169.40.153.0/24 maxlen: 24 169.40.156.0/23 maxlen: 24 169.40.164.0/22 maxlen: 24 169.40.168.0/22 maxlen: 24 169.40.172.0/22 maxlen: 24 169.40.176.0/22 maxlen: 24 169.40.180.0/22 maxlen: 24 169.40.188.0/22 maxlen: 24 169.40.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://r.magellan.ipxo.com/repo/30327b9e-227a-4ebd-825b-3b98095dc927-0/0/AEF766F103B2EF99DF8C71978A7FE519D730B155.crl rsync://r.magellan.ipxo.com/repo/30327b9e-227a-4ebd-825b-3b98095dc927-0/0/AEF766F103B2EF99DF8C71978A7FE519D730B155.mft rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AEF766F103B2EF99DF8C71978A7FE519D730B155.cer rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 12:12:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:10:cc:59:e7:08:d2:15:24:c5:99:4f:c9:d1:cd:f3:a0:4c:8d:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AEF766F103B2EF99DF8C71978A7FE519D730B155 Validity Not Before: Apr 30 12:09:21 2026 GMT Not After : Apr 29 12:14:21 2027 GMT Subject: CN=70250EBBE8DDD7E52AA12F5A47D75EC4CF23802E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:4d:1d:3c:5d:f4:dc:bf:af:01:c5:3f:6b:8f: 1f:7d:f5:94:57:30:2e:2c:95:07:9a:7a:4c:36:0d: e0:45:89:aa:1c:34:29:d3:30:55:46:c8:44:a5:f7: 56:22:e8:21:15:4f:ba:f6:e2:d7:af:0c:75:5b:c7: ee:51:ec:aa:ce:b0:af:10:a1:69:ec:f2:8f:15:bf: 4b:cd:00:da:ad:2f:e1:46:85:22:fb:60:b6:69:45: 32:13:fe:1c:22:37:ee:7c:cc:80:0a:86:ee:e5:f1: df:47:0c:c0:4b:66:b4:db:b5:5f:26:b8:73:97:4e: ec:ad:83:9c:46:81:94:d9:a8:9c:a9:4a:db:5b:94: 72:53:38:bf:e8:20:39:c9:6d:49:73:ed:6a:fd:6a: a1:65:74:d8:42:be:01:ec:6f:60:e9:42:a8:5f:ad: 57:6b:06:cf:de:29:47:b9:75:48:31:89:1c:d9:87: d3:f2:b2:5e:47:81:a1:13:da:0e:43:ec:df:6e:fe: 41:7f:d7:e0:fd:ff:7f:62:75:65:a4:95:d8:a2:d4: 97:2d:6d:5a:63:25:63:18:83:92:8c:32:39:98:0c: 02:f9:75:7b:c6:3c:67:57:bf:54:1d:08:55:dd:86: 12:df:b4:ca:f5:fd:ca:2f:73:cc:f6:ed:96:77:9a: 75:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:25:0E:BB:E8:DD:D7:E5:2A:A1:2F:5A:47:D7:5E:C4:CF:23:80:2E X509v3 Authority Key Identifier: keyid:AE:F7:66:F1:03:B2:EF:99:DF:8C:71:97:8A:7F:E5:19:D7:30:B1:55 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://r.magellan.ipxo.com/repo/30327b9e-227a-4ebd-825b-3b98095dc927-0/0/AEF766F103B2EF99DF8C71978A7FE519D730B155.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AEF766F103B2EF99DF8C71978A7FE519D730B155.cer Subject Information Access: Signed Object - URI:rsync://r.magellan.ipxo.com/repo/30327b9e-227a-4ebd-825b-3b98095dc927-0/0/AS399955.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 169.40.129.0/24 169.40.146.0-169.40.149.255 169.40.153.0/24 169.40.156.0/23 169.40.164.0-169.40.183.255 169.40.188.0/22 169.40.240.0/20 Signature Algorithm: sha256WithRSAEncryption 47:64:40:44:80:2a:54:a5:7b:9a:17:84:01:3b:c0:4e:e6:6b: 74:47:74:c3:cc:9f:2a:b4:da:c6:0b:90:be:a8:c2:52:4d:5c: e1:ad:4b:5a:25:94:8f:13:65:46:fc:4e:1f:c5:3e:3b:14:f6: fd:71:80:69:b0:bb:af:d6:ee:52:16:b9:db:9a:4f:ac:3d:a9: 52:7b:da:2f:19:70:ac:bc:da:1e:76:8f:6e:e1:c0:91:ef:c1: 68:2b:39:06:b4:8e:6d:4c:3d:a0:13:f4:1d:eb:d4:af:50:01: 3d:ef:bc:5e:ef:62:0d:09:ca:30:a3:f5:85:c6:08:a0:31:f3: 6c:0a:04:57:c7:d7:6f:72:13:dd:4b:2b:7f:e8:6e:14:4b:f0: d0:f1:d4:ca:54:a3:7f:0d:89:49:84:66:c5:82:f7:a9:ce:46: c6:80:ad:1a:78:d9:ad:ad:9b:f1:c1:ae:75:6d:4b:0e:25:c1: ae:d2:ea:b9:94:40:a0:67:40:35:f6:b7:57:8d:3b:94:78:2c: 3f:f1:85:0c:c5:8c:50:de:d9:62:33:ff:36:f9:8b:43:ad:c4: 28:37:75:81:53:1c:72:dc:d5:ff:38:d1:9a:f2:8a:6a:3c:e0: b1:7c:d8:a7:8b:1f:ed:a1:64:e6:55:e7:b7:c9:87:61:d4:15: ff:31:90:91 -----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgIUXBDMWecI0hUkxZlPydHN86BMjeowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUVGNzY2RjEwM0IyRUY5OURGOEM3MTk3OEE3RkU1MTlE NzMwQjE1NTAeFw0yNjA0MzAxMjA5MjFaFw0yNzA0MjkxMjE0MjFaMDMxMTAvBgNV BAMTKDcwMjUwRUJCRThEREQ3RTUyQUExMkY1QTQ3RDc1RUM0Q0YyMzgwMkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrTR08XfTcv68BxT9rjx999ZRX MC4slQeaekw2DeBFiaocNCnTMFVGyESl91Yi6CEVT7r24tevDHVbx+5R7KrOsK8Q oWns8o8Vv0vNANqtL+FGhSL7YLZpRTIT/hwiN+58zIAKhu7l8d9HDMBLZrTbtV8m uHOXTuytg5xGgZTZqJypSttblHJTOL/oIDnJbUlz7Wr9aqFldNhCvgHsb2DpQqhf rVdrBs/eKUe5dUgxiRzZh9Pysl5HgaET2g5D7N9u/kF/1+D9/39idWWkldii1Jct bVpjJWMYg5KMMjmYDAL5dXvGPGdXv1QdCFXdhhLftMr1/covc8z27ZZ3mnWDAgMB AAGjggJjMIICXzAdBgNVHQ4EFgQUcCUOu+jd1+UqoS9aR9dexM8jgC4wHwYDVR0j BBgwFoAUrvdm8QOy75nfjHGXin/lGdcwsVUwDgYDVR0PAQH/BAQDAgeAMIGIBgNV HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v MzAzMjdiOWUtMjI3YS00ZWJkLTgyNWItM2I5ODA5NWRjOTI3LTAvMC9BRUY3NjZG MTAzQjJFRjk5REY4QzcxOTc4QTdGRTUxOUQ3MzBCMTU1LmNybDCBngYIKwYBBQUH AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y aXBlLm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1 OTBiOTlhZi80L0FFRjc2NkYxMDNCMkVGOTlERjhDNzE5NzhBN0ZFNTE5RDczMEIx NTUuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h Z2VsbGFuLmlweG8uY29tL3JlcG8vMzAzMjdiOWUtMjI3YS00ZWJkLTgyNWItM2I5 ODA5NWRjOTI3LTAvMC9BUzM5OTk1NS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjBTBggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAKkogTAMAwQBqSiSAwQB qSiUAwQAqSiZAwQBqSicMAwDBAKpKKQDBAOpKLADBAKpKLwDBASpKPAwDQYJKoZI hvcNAQELBQADggEBAEdkQESAKlSle5oXhAE7wE7ma3RHdMPMnyq02sYLkL6owlJN XOGtS1ollI8TZUb8Th/FPjsU9v1xgGmwu6/W7lIWuduaT6w9qVJ72i8ZcKy82h52 j27hwJHvwWgrOQa0jm1MPaAT9B3r1K9QAT3vvF7vYg0JyjCj9YXGCKAx82wKBFfH 129yE91LK3/obhRL8NDx1MpUo38NiUmEZsWC96nORsaArRp42a2tm/HBrnVtSw4l wa7S6rmUQKBnQDX2t1eNO5R4LD/xhQzFjFDe2WIz/zb5i0OtxCg3dYFTHHLc1f84 0Zryimo84LF82KeLH+2hZOZV57fJh2HUFf8xkJE= -----END CERTIFICATE-----Generated at Tue May 12 23:24:59 2026 by rpki-client