$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS397423.roa File: AS397423.roa (raw, json) Hash identifier: Wmq5g0QbgYPNw80Xg89XcIJEISD0oJ6OltnK19IPI40= Subject key identifier: EA:1E:31:79:FE:8F:91:5E:19:1B:FE:A2:C0:3D:74:4A:B5:4B:6C:37 Certificate issuer: /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9 Certificate serial: 3C2B3A442E9DCD28AD741E669A69E3D0D1529CBB Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS397423.roa Signing time: Sat 21 Mar 2026 04:04:09 +0000 ROA not before: Sat 21 Mar 2026 03:59:09 +0000 ROA not after: Sat 20 Mar 2027 04:04:09 +0000 asID: 397423 IP address blocks: 104.234.66.0/24 maxlen: 24 104.234.99.0/24 maxlen: 24 104.234.195.0/24 maxlen: 24 104.234.217.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 27 Mar 2026 12:03:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:2b:3a:44:2e:9d:cd:28:ad:74:1e:66:9a:69:e3:d0:d1:52:9c:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9 Validity Not Before: Mar 21 03:59:09 2026 GMT Not After : Mar 20 04:04:09 2027 GMT Subject: CN=EA1E3179FE8F915E191BFEA2C03D744AB54B6C37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:8c:ff:e3:e8:ee:a9:90:85:ab:cc:55:58:a2: 88:bd:2e:9e:97:a9:e4:08:3c:4a:b6:28:3c:be:e2: e9:44:35:fe:d4:d2:5a:9b:41:c5:90:23:84:a1:7b: 30:0a:7e:c0:4a:bb:38:0d:7a:36:fb:d9:05:fb:c9: 9d:38:48:4c:da:63:de:c7:7c:8d:fc:61:04:71:a5: 61:ee:2c:58:fa:e0:71:27:f9:f4:ed:2f:88:a0:25: d9:7d:fa:c4:36:27:ac:eb:12:fb:42:08:07:6e:e2: f5:e2:d7:03:0e:51:2b:15:e4:f8:fe:d3:a3:54:97: df:9e:09:64:65:6e:d0:53:e6:c2:3e:74:f3:0f:bc: 22:20:1a:88:12:1a:3b:b3:49:89:22:a3:1a:4f:83: 39:41:1d:57:b2:d8:14:f6:2e:fd:c6:96:33:26:40: 86:cf:50:ca:36:de:e4:7d:24:aa:2f:ae:94:9d:6b: ac:7c:54:c4:6d:50:41:aa:95:f6:66:e3:29:31:a0: 0c:ee:dd:ad:9e:83:3e:c7:59:84:4a:4e:9f:d3:e6: 34:80:41:fb:3a:63:7c:76:a6:fd:4d:20:8e:2f:48: e1:41:9c:ee:45:d7:ba:9b:6f:5f:e3:01:9c:20:e7: 02:17:e8:2a:31:8e:b8:59:b2:b2:c0:1a:f8:a5:85: 71:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:1E:31:79:FE:8F:91:5E:19:1B:FE:A2:C0:3D:74:4A:B5:4B:6C:37 X509v3 Authority Key Identifier: keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS397423.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.234.66.0/24 104.234.99.0/24 104.234.195.0/24 104.234.217.0/24 Signature Algorithm: sha256WithRSAEncryption 77:82:1f:0d:f2:e7:4c:bc:61:0c:4a:1f:09:c2:e0:93:44:14: 2d:a3:de:77:a4:0a:49:8a:b8:63:70:b3:92:21:c1:32:6a:03: f6:31:3f:9a:81:14:a1:61:61:58:6c:8e:33:1c:30:bd:0e:2f: 62:10:e6:04:3d:15:b7:43:e1:53:19:b2:3f:11:05:63:39:5a: f2:f4:87:94:6f:a0:00:65:6a:ac:6d:46:5b:db:8e:b1:4b:e4: 96:3b:57:c8:57:37:2c:09:12:55:6d:19:c3:7b:4d:18:15:0a: d7:4c:03:6d:c9:07:73:f2:87:00:46:22:02:89:d7:84:8e:26: 55:73:00:d0:07:22:21:81:9c:d6:08:1c:a1:ca:06:c9:c1:a2: ca:3c:a7:cc:85:86:a9:8f:b3:dd:a9:46:26:73:ea:e2:d6:24: 0a:bb:52:50:69:62:ba:4a:1b:4f:2a:b4:a5:45:68:9a:d8:07: c6:62:ea:70:cd:44:09:e2:de:81:c4:cc:93:9d:8e:ab:d5:a2: bb:e5:8f:0b:0d:53:03:43:e1:08:57:32:e6:d6:a3:60:03:aa: a4:cd:0d:d8:9b:5c:e3:7e:95:0b:ac:0a:1d:77:98:77:db:ae: c3:5d:e6:f2:7d:d1:97:e2:38:2d:20:4c:1c:a0:d7:ad:1d:bf: 24:75:ba:4d -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgIUPCs6RC6dzSitdB5mmmnj0NFSnLswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjYwMzIxMDM1OTA5WhcNMjcwMzIwMDQwNDA5 WjAzMTEwLwYDVQQDEyhFQTFFMzE3OUZFOEY5MTVFMTkxQkZFQTJDMDNENzQ0QUI1 NEI2QzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYz/4+juqZCF q8xVWKKIvS6el6nkCDxKtig8vuLpRDX+1NJam0HFkCOEoXswCn7ASrs4DXo2+9kF +8mdOEhM2mPex3yN/GEEcaVh7ixY+uBxJ/n07S+IoCXZffrENies6xL7QggHbuL1 4tcDDlErFeT4/tOjVJffnglkZW7QU+bCPnTzD7wiIBqIEho7s0mJIqMaT4M5QR1X stgU9i79xpYzJkCGz1DKNt7kfSSqL66UnWusfFTEbVBBqpX2ZuMpMaAM7t2tnoM+ x1mESk6f0+Y0gEH7OmN8dqb9TSCOL0jhQZzuRde6m29f4wGcIOcCF+gqMY64WbKy wBr4pYVxTwIDAQABo4ICkTCCAo0wHQYDVR0OBBYEFOoeMXn+j5FeGRv+osA9dEq1 S2w3MB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj YjJiYWMvMC9BUzM5NzQyMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAGjqQgMEAGjqYwMEAGjqwwMEAGjq 2TANBgkqhkiG9w0BAQsFAAOCAQEAd4IfDfLnTLxhDEofCcLgk0QULaPed6QKSYq4 Y3CzkiHBMmoD9jE/moEUoWFhWGyOMxwwvQ4vYhDmBD0Vt0PhUxmyPxEFYzla8vSH lG+gAGVqrG1GW9uOsUvkljtXyFc3LAkSVW0Zw3tNGBUK10wDbckHc/KHAEYiAonX hI4mVXMA0AciIYGc1ggcocoGycGiyjynzIWGqY+z3alGJnPq4tYkCrtSUGliukob Tyq0pUVomtgHxmLqcM1ECeLegcTMk52Oq9Wiu+WPCw1TA0PhCFcy5tajYAOqpM0N 2Jtc436VC6wKHXeYd9uuw13m8n3Rl+I4LSBMHKDXrR2/JHW6TQ== -----END CERTIFICATE-----Generated at Thu Mar 26 19:37:34 2026 by rpki-client