$ rpki-client -vvf rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/AS397658.roa File: AS397658.roa (raw, json) Hash identifier: CH+xMK8QoY0yfR/jMZpocM8KaldPhvMipYZVYAb0vbQ= Subject key identifier: 94:2B:89:28:FA:CD:23:3F:D0:BD:F5:45:F9:8F:77:A0:A3:B0:F3:24 Certificate issuer: /CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF Certificate serial: 043B14AE4C521BA2597776817987C214C7F6980B Authority key identifier: 51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer Subject info access: rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/AS397658.roa Signing time: Tue 28 Apr 2026 13:22:50 +0000 ROA not before: Tue 28 Apr 2026 13:17:50 +0000 ROA not after: Tue 27 Apr 2027 13:22:50 +0000 asID: 397658 IP address blocks: 2a0b:4e07:a9::/48 maxlen: 48 2a0b:4e07:aa::/48 maxlen: 48 2a0b:4e07:ab::/48 maxlen: 48 2a0b:4e07:ac::/48 maxlen: 48 2a0b:4e07:ad::/48 maxlen: 48 2a0b:4e07:ae::/48 maxlen: 48 2a0b:4e07:af::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.mft rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 13 May 2026 08:12:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:3b:14:ae:4c:52:1b:a2:59:77:76:81:79:87:c2:14:c7:f6:98:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF Validity Not Before: Apr 28 13:17:50 2026 GMT Not After : Apr 27 13:22:50 2027 GMT Subject: CN=942B8928FACD233FD0BDF545F98F77A0A3B0F324 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:85:7f:51:76:ff:8c:2f:7e:34:38:fd:db:ca: 70:77:1e:48:12:bb:95:30:bd:63:ce:87:76:b5:08: 29:5b:29:1d:28:3e:66:bb:22:18:b4:83:b8:01:df: 1a:0f:c7:10:83:1a:53:c4:2c:25:ff:35:ab:d2:5b: a2:0b:05:5d:d6:83:5f:8a:ed:2b:e8:f8:20:de:eb: 1c:de:0a:2b:0c:1d:a5:f2:c2:63:a8:16:d3:b8:5d: 0b:28:4b:29:7f:a3:e0:c1:6e:df:9f:6e:5b:0a:a6: fb:6b:46:8d:28:e8:3e:99:0e:81:6d:9e:6c:74:81: 89:6a:45:d3:86:96:2e:72:bc:86:55:90:5c:de:9e: a5:87:94:14:b0:2c:fa:f0:6e:c7:5a:e8:c7:fd:41: 0d:a8:34:e2:b2:86:50:33:52:2d:d6:e2:d0:f5:1b: c2:27:ad:5c:99:3b:6d:cb:58:a7:ba:f6:6c:68:17: 11:27:87:d8:e4:21:dc:b1:cd:6e:b5:83:cc:2a:ea: c7:f0:d4:b1:d1:57:1e:52:40:76:16:ed:5a:5f:6a: cf:6c:50:27:68:56:e6:f5:58:0d:99:62:ec:64:54: d2:65:6e:8e:63:16:47:7c:ce:bd:93:74:73:9f:cf: ce:33:7f:69:c4:37:3d:76:96:39:88:56:75:81:0b: 67:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:2B:89:28:FA:CD:23:3F:D0:BD:F5:45:F9:8F:77:A0:A3:B0:F3:24 X509v3 Authority Key Identifier: keyid:51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl Authority Information Access: CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/AS397658.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:4e07:a9::-2a0b:4e07:af:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 74:1a:d1:a4:a1:bf:27:8d:af:9b:f8:42:68:b5:45:9c:4e:df: 09:01:88:55:53:dc:7a:a5:c5:4a:c7:d4:4c:94:e1:e2:83:ad: 3c:d7:ae:ce:e6:8b:d0:ed:b5:5d:41:08:51:bc:eb:36:03:90: 5f:5e:b4:0a:49:71:0b:be:49:98:17:b1:c4:29:59:e4:06:39: 57:92:bc:46:10:a5:1b:a8:ab:7b:d4:87:d7:d2:46:1e:6b:4a: d6:30:43:05:3f:15:8d:54:ec:6a:ac:9e:e0:a0:3a:f5:7c:59: 78:9f:c6:ed:8a:7e:49:1d:58:03:b2:70:6d:ac:1c:ba:c0:fd: e0:5f:d6:2e:b6:81:3b:c9:b4:71:0a:a3:f0:96:2c:12:f4:1c: cf:7b:0e:52:f8:3e:45:b6:79:ab:f8:e1:b4:97:eb:8c:71:43: 2e:89:6c:cf:92:5c:eb:dd:eb:b1:d1:89:06:9d:5d:6a:8a:57: 2f:b1:1d:2f:2a:34:c5:91:1c:f8:a5:96:6f:77:ff:2b:c1:96: e9:71:a6:a1:ea:2f:0a:72:2f:0c:a2:e7:7a:62:20:05:19:aa: 98:4e:63:d8:73:61:8a:18:49:65:23:9a:42:fc:2a:8e:31:59: 5d:78:54:c4:1b:b1:45:b5:49:70:98:1e:3a:88:8d:c7:99:58: fc:9a:86:aa -----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgIUBDsUrkxSG6JZd3aBeYfCFMf2mAswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTEyNEMzMUZDRkE0RTgyQzREMEY2RTA5QTMwQTA0QTU1 Qzk3NzhCRjAeFw0yNjA0MjgxMzE3NTBaFw0yNzA0MjcxMzIyNTBaMDMxMTAvBgNV BAMTKDk0MkI4OTI4RkFDRDIzM0ZEMEJERjU0NUY5OEY3N0EwQTNCMEYzMjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJhX9Rdv+ML340OP3bynB3HkgS u5UwvWPOh3a1CClbKR0oPma7Ihi0g7gB3xoPxxCDGlPELCX/NavSW6ILBV3Wg1+K 7Svo+CDe6xzeCisMHaXywmOoFtO4XQsoSyl/o+DBbt+fblsKpvtrRo0o6D6ZDoFt nmx0gYlqRdOGli5yvIZVkFzenqWHlBSwLPrwbsda6Mf9QQ2oNOKyhlAzUi3W4tD1 G8InrVyZO23LWKe69mxoFxEnh9jkIdyxzW61g8wq6sfw1LHRVx5SQHYW7Vpfas9s UCdoVub1WA2ZYuxkVNJlbo5jFkd8zr2TdHOfz84zf2nENz12ljmIVnWBC2fpAgMB AAGjggI4MIICNDAdBgNVHQ4EFgQUlCuJKPrNIz/QvfVF+Y93oKOw8yQwHwYDVR0j BBgwFoAUUSTDH8+k6CxND24JowoEpVyXeL8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv cnkvODFhNDQ1NjY0NThlNDU3OGI2N2VlZDMwNTNmODIwZjUvMS81MTI0QzMxRkNG QTRFODJDNEQwRjZFMDlBMzBBMDRBNTVDOTc3OEJGLmNybDCBngYIKwYBBQUHAQEE gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4 MTViYi8wLzUxMjRDMzFGQ0ZBNEU4MkM0RDBGNkUwOUEzMEEwNEE1NUM5Nzc4QkYu Y2VyMHAGCCsGAQUFBwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly9ycGtpLXJw cy5hcmluLm5ldC9yZXBvc2l0b3J5LzgxYTQ0NTY2NDU4ZTQ1NzhiNjdlZWQzMDUz ZjgyMGY1LzEvQVMzOTc2NTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw LQYIKwYBBQUHAQcBAf8EHjAcMBoEAgACMBQwEgMHACoLTgcAqQMHBCoLTgcAoDAN BgkqhkiG9w0BAQsFAAOCAQEAdBrRpKG/J42vm/hCaLVFnE7fCQGIVVPceqXFSsfU TJTh4oOtPNeuzuaL0O21XUEIUbzrNgOQX160CklxC75JmBexxClZ5AY5V5K8RhCl G6ire9SH19JGHmtK1jBDBT8VjVTsaqye4KA69XxZeJ/G7Yp+SR1YA7JwbawcusD9 4F/WLraBO8m0cQqj8JYsEvQcz3sOUvg+RbZ5q/jhtJfrjHFDLolsz5Jc693rsdGJ Bp1daopXL7EdLyo0xZEc+KWWb3f/K8GW6XGmoeovCnIvDKLnemIgBRmqmE5j2HNh ihhJZSOaQvwqjjFZXXhUxBuxRbVJcJgeOoiNx5lY/JqGqg== -----END CERTIFICATE-----Generated at Tue May 12 21:53:56 2026 by rpki-client