$ rpki-client -vvf rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/AS214999.roa File: AS214999.roa (raw, json) Hash identifier: /jf0CRe10Vzn/2QwoY/OpJMlO2WVRs5KvUHCEYUpwso= Subject key identifier: 1A:EA:EF:2B:39:E5:8E:BD:43:35:FA:B3:8E:A1:13:54:27:8B:AA:4A Certificate issuer: /CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF Certificate serial: 680E54978EA497C69F7EA254AE18836CC14987A7 Authority key identifier: 51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer Subject info access: rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/AS214999.roa Signing time: Tue 28 Apr 2026 13:22:49 +0000 ROA not before: Tue 28 Apr 2026 13:17:49 +0000 ROA not after: Tue 27 Apr 2027 13:22:49 +0000 asID: 214999 IP address blocks: 2a0b:4e07:91c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.mft rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 08:12:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:0e:54:97:8e:a4:97:c6:9f:7e:a2:54:ae:18:83:6c:c1:49:87:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF Validity Not Before: Apr 28 13:17:49 2026 GMT Not After : Apr 27 13:22:49 2027 GMT Subject: CN=1AEAEF2B39E58EBD4335FAB38EA11354278BAA4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:09:6b:5a:7e:8d:7a:5f:70:1b:a0:5d:7a:ec: 81:66:38:05:35:5a:97:eb:82:1e:f8:39:be:d4:9c: 9d:80:0b:9a:2e:fd:03:26:34:f4:29:eb:49:5e:8d: dc:f4:b0:f9:85:e8:33:f0:05:ce:7d:87:0a:80:46: 97:29:ff:00:bf:09:c8:ea:4e:39:2a:d3:4d:23:bb: f2:68:37:39:75:62:bc:e7:76:59:8d:e2:d5:83:82: a5:fe:16:27:43:fd:aa:37:94:72:32:32:00:fc:9b: f1:b4:b1:75:27:87:e5:20:9b:25:2e:e4:dc:7e:0d: d1:d7:b8:c4:54:fc:fa:81:f5:b0:14:ec:99:14:dc: b4:4c:fb:18:58:e6:12:ef:af:bf:2d:fd:49:10:7f: 58:19:9e:44:bc:3a:94:d3:cb:46:a4:8e:f7:23:e2: e9:ad:51:ab:7b:25:d2:d4:13:c1:da:ec:b3:f6:ba: c6:fd:ed:aa:8e:cc:bd:71:95:f7:b8:72:a8:fc:cc: da:8c:b4:08:39:c3:3d:00:43:81:75:cd:92:6e:ba: 08:ac:cb:e1:dd:ff:1a:29:2e:3e:88:26:38:a7:38: ec:79:a4:8b:a8:66:eb:75:a7:fa:81:af:dd:3e:35: 69:b0:d3:dd:e6:a6:dc:4d:5f:38:07:92:12:2d:11: 84:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:EA:EF:2B:39:E5:8E:BD:43:35:FA:B3:8E:A1:13:54:27:8B:AA:4A X509v3 Authority Key Identifier: keyid:51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/AS214999.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:4e07:91c::/48 Signature Algorithm: sha256WithRSAEncryption 6a:aa:da:d1:85:92:93:8f:c0:c2:89:6d:02:35:93:d4:31:ee: 33:18:4f:95:fc:0b:a3:ac:57:a0:13:43:97:26:0a:d3:ad:62: ef:c2:f4:fd:f5:47:80:74:a3:66:61:01:f7:0a:4d:82:4f:f2: 98:24:4d:bf:05:c0:1a:19:00:c7:af:fb:27:7d:48:a5:99:05: af:8c:07:98:78:83:18:a4:69:23:d9:04:07:78:82:69:8f:8b: cd:8b:28:e5:41:35:40:cd:8b:c8:22:42:d6:b8:de:50:85:28: 66:7b:8b:87:b3:29:a3:7a:70:31:02:8b:70:53:13:04:47:2d: fd:77:81:8e:cc:b3:30:b3:c4:52:06:0b:05:b9:8d:c3:75:97: d4:07:c7:09:9b:f3:ea:d2:94:15:d0:f2:f3:cb:33:64:a2:41: 66:64:0f:3b:b9:0b:84:64:05:d2:55:75:6f:ee:07:7a:73:fc: 8f:97:02:b0:a1:10:41:58:ad:1d:a7:d7:61:90:1b:fa:48:ec: e3:c7:e8:25:f8:ef:e2:00:ea:68:62:d9:02:26:49:32:d6:bd: cd:79:72:29:fe:a4:ba:61:67:fe:ec:f6:71:83:30:f8:31:c4: d4:30:f2:d2:2f:5f:b6:91:8b:95:92:83:20:3d:9f:96:6d:be: f9:72:ef:6d -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgIUaA5Ul46kl8affqJUrhiDbMFJh6cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTEyNEMzMUZDRkE0RTgyQzREMEY2RTA5QTMwQTA0QTU1 Qzk3NzhCRjAeFw0yNjA0MjgxMzE3NDlaFw0yNzA0MjcxMzIyNDlaMDMxMTAvBgNV BAMTKDFBRUFFRjJCMzlFNThFQkQ0MzM1RkFCMzhFQTExMzU0Mjc4QkFBNEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMCWtafo16X3AboF167IFmOAU1 Wpfrgh74Ob7UnJ2AC5ou/QMmNPQp60lejdz0sPmF6DPwBc59hwqARpcp/wC/Ccjq Tjkq000ju/JoNzl1YrzndlmN4tWDgqX+FidD/ao3lHIyMgD8m/G0sXUnh+UgmyUu 5Nx+DdHXuMRU/PqB9bAU7JkU3LRM+xhY5hLvr78t/UkQf1gZnkS8OpTTy0akjvcj 4umtUat7JdLUE8Ha7LP2usb97aqOzL1xlfe4cqj8zNqMtAg5wz0AQ4F1zZJuugis y+Hd/xopLj6IJjinOOx5pIuoZut1p/qBr90+NWmw093mptxNXzgHkhItEYTfAgMB AAGjggItMIICKTAdBgNVHQ4EFgQUGurvKznljr1DNfqzjqETVCeLqkowHwYDVR0j BBgwFoAUUSTDH8+k6CxND24JowoEpVyXeL8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv cnkvODFhNDQ1NjY0NThlNDU3OGI2N2VlZDMwNTNmODIwZjUvMS81MTI0QzMxRkNG QTRFODJDNEQwRjZFMDlBMzBBMDRBNTVDOTc3OEJGLmNybDCBngYIKwYBBQUHAQEE gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4 MTViYi8wLzUxMjRDMzFGQ0ZBNEU4MkM0RDBGNkUwOUEzMEEwNEE1NUM5Nzc4QkYu Y2VyMHAGCCsGAQUFBwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly9ycGtpLXJw cy5hcmluLm5ldC9yZXBvc2l0b3J5LzgxYTQ0NTY2NDU4ZTQ1NzhiNjdlZWQzMDUz ZjgyMGY1LzEvQVMyMTQ5OTkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqC04HCRwwDQYJKoZIhvcNAQEL BQADggEBAGqq2tGFkpOPwMKJbQI1k9Qx7jMYT5X8C6OsV6ATQ5cmCtOtYu/C9P31 R4B0o2ZhAfcKTYJP8pgkTb8FwBoZAMev+yd9SKWZBa+MB5h4gxikaSPZBAd4gmmP i82LKOVBNUDNi8giQta43lCFKGZ7i4ezKaN6cDECi3BTEwRHLf13gY7MszCzxFIG CwW5jcN1l9QHxwmb8+rSlBXQ8vPLM2SiQWZkDzu5C4RkBdJVdW/uB3pz/I+XArCh EEFYrR2n12GQG/pI7OPH6CX47+IA6mhi2QImSTLWvc15cin+pLphZ/7s9nGDMPgx xNQw8tIvX7aRi5WSgyA9n5Ztvvly720= -----END CERTIFICATE-----Generated at Tue May 12 23:24:14 2026 by rpki-client