$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/AS20001.roa File: AS20001.roa (raw, json) Hash identifier: ZFqhzBuEpFt4+3+hvsgexxgP/I9I2GJ+bPz4TVnQmgI= Subject key identifier: 3F:E1:BD:29:7F:DA:02:D3:13:52:4E:48:7B:E2:2E:02:59:3A:6F:12 Certificate issuer: /CN=44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed Certificate serial: 5023F5DB3FF4B77C9F3007A01A52882B015D6AA7 Authority key identifier: 5B:40:D3:73:D6:71:7C:70:4C:48:3C:A0:65:8C:FB:52:57:C4:E9:3C Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed.cer Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/AS20001.roa Signing time: Mon 23 Jun 2025 11:39:28 +0000 ROA not before: Mon 23 Jun 2025 11:34:28 +0000 ROA not after: Mon 22 Jun 2026 11:39:28 +0000 asID: 20001 IP address blocks: 23.94.90.0/24 maxlen: 24 23.94.106.0/24 maxlen: 24 23.94.109.0/24 maxlen: 24 23.94.135.0/24 maxlen: 24 74.50.16.0/20 maxlen: 24 198.23.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/5B40D373D6717C704C483CA0658CFB5257C4E93C.crl rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/5B40D373D6717C704C483CA0658CFB5257C4E93C.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/2bd0fac6-1a46-40b5-be66-9e0f7b54df77.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/2bd0fac6-1a46-40b5-be66-9e0f7b54df77.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 30 Jun 2025 07:10:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:23:f5:db:3f:f4:b7:7c:9f:30:07:a0:1a:52:88:2b:01:5d:6a:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed Validity Not Before: Jun 23 11:34:28 2025 GMT Not After : Jun 22 11:39:28 2026 GMT Subject: CN=3FE1BD297FDA02D313524E487BE22E02593A6F12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:6a:c8:b4:27:fb:e3:15:07:be:bb:a3:82:83: e7:87:1f:08:7c:23:90:9a:26:fb:2f:55:ab:98:73: 2f:7d:08:ec:66:bf:1e:d8:f7:35:3f:81:6c:77:d8: 3c:fd:7f:6a:f8:11:a3:55:6a:4c:16:15:be:dc:cb: ea:ca:ab:ac:1b:3c:36:a6:99:9d:1e:43:c8:a3:04: aa:d1:46:51:74:3d:44:36:86:ed:88:e5:3a:d8:53: 6e:f0:86:99:1b:b0:93:4f:60:ae:91:6e:b9:0d:aa: fc:cb:31:b3:7e:5b:f6:11:af:fc:28:e6:37:54:b2: 03:f5:0f:49:89:62:3d:c2:75:f8:06:99:8e:cc:76: 88:ae:90:67:c5:1a:c7:d0:08:a7:53:dc:f7:ef:86: ec:b7:16:34:c2:09:77:bf:b2:0e:fc:38:51:b1:35: 84:66:15:03:f9:2d:7a:c9:9a:83:24:cf:7c:1d:3c: 7c:be:f8:02:a1:35:56:91:21:ae:fe:53:6f:6c:49: 7f:04:86:5a:05:0e:b5:84:a9:c1:3c:23:ab:6c:da: c9:a2:4e:ce:05:27:b0:de:2f:a7:36:9b:a8:21:22: dd:63:8b:eb:f7:ee:b0:64:43:24:7f:dc:d4:f9:ff: 06:07:a6:e2:43:a0:ac:32:1e:80:c5:1f:9f:bb:eb: bb:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:E1:BD:29:7F:DA:02:D3:13:52:4E:48:7B:E2:2E:02:59:3A:6F:12 X509v3 Authority Key Identifier: keyid:5B:40:D3:73:D6:71:7C:70:4C:48:3C:A0:65:8C:FB:52:57:C4:E9:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/5B40D373D6717C704C483CA0658CFB5257C4E93C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/AS20001.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.94.90.0/24 23.94.106.0/24 23.94.109.0/24 23.94.135.0/24 74.50.16.0/20 198.23.222.0/24 Signature Algorithm: sha256WithRSAEncryption 26:5b:2b:92:32:5c:a2:1b:23:ce:91:60:38:69:76:0d:ce:93: 92:90:78:98:95:06:33:5a:01:2f:da:5c:eb:18:0a:c0:15:1b: 41:a9:cb:20:af:39:49:66:65:3d:46:61:83:47:b4:d9:b1:5f: 1f:49:56:df:00:50:f5:20:84:db:8d:10:85:9d:ce:de:59:a3: 66:c0:6a:ea:88:b5:fb:dd:df:a2:45:eb:0b:64:2a:b2:34:fd: dc:fa:4d:c2:2a:30:9d:74:8a:43:ea:80:c4:f0:c1:1c:3e:7f: 42:57:9b:72:fd:38:57:ee:3c:25:3f:0d:be:fb:75:5a:4f:c4: 9a:3e:1b:bc:ec:41:b1:5a:3a:f2:8a:97:03:1f:90:6c:24:c1: 00:ae:e0:d3:05:1e:74:97:0f:cc:de:bf:cc:f4:a7:95:28:2d: 29:2a:b5:7c:99:fd:4d:2b:12:94:c6:5f:0d:6f:b3:2b:1a:02: a8:80:06:86:bd:21:75:27:09:e0:df:3f:9e:ad:68:16:9b:98: 51:90:bd:5f:34:a7:5e:75:ab:31:a6:44:67:b6:8f:32:cc:e3: 9b:4f:24:67:b4:3a:40:eb:18:f7:fa:c7:84:65:4e:44:47:5e: 59:d9:79:ab:c3:db:38:d5:59:91:31:69:f7:84:5c:2c:3c:ca: 91:83:43:15 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUCP12z/0t3yfMAegGlKIKwFdaqcwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNDRkYTVkMTAzMjc3YzkzN2M1M2RjZTMwNWJkOWQ3OWMy YmE3OTQyNTM1N2JiNTZlZWQwHhcNMjUwNjIzMTEzNDI4WhcNMjYwNjIyMTEzOTI4 WjAzMTEwLwYDVQQDEygzRkUxQkQyOTdGREEwMkQzMTM1MjRFNDg3QkUyMkUwMjU5 M0E2RjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2rItCf74xUH vrujgoPnhx8IfCOQmib7L1WrmHMvfQjsZr8e2Pc1P4Fsd9g8/X9q+BGjVWpMFhW+ 3MvqyqusGzw2ppmdHkPIowSq0UZRdD1ENobtiOU62FNu8IaZG7CTT2CukW65Dar8 yzGzflv2Ea/8KOY3VLID9Q9JiWI9wnX4BpmOzHaIrpBnxRrH0AinU9z374bstxY0 wgl3v7IO/DhRsTWEZhUD+S16yZqDJM98HTx8vvgCoTVWkSGu/lNvbEl/BIZaBQ61 hKnBPCOrbNrJok7OBSew3i+nNpuoISLdY4vr9+6wZEMkf9zU+f8GB6biQ6CsMh6A xR+fu+u79wIDAQABo4ICnDCCApgwHQYDVR0OBBYEFD/hvSl/2gLTE1JOSHviLgJZ Om8SMB8GA1UdIwQYMBaAFFtA03PWcXxwTEg8oGWM+1JXxOk8MA4GA1UdDwEB/wQE AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l dC9yZXBvc2l0b3J5LzhhODQ4YWRmODE0M2JmNjIwMTgyMTEzZWVhNDkwZDMzLzEv NUI0MEQzNzNENjcxN0M3MDRDNDgzQ0EwNjU4Q0ZCNTI1N0M0RTkzQy5jcmwwgfMG CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut YjA4Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3Yy00MzM5LWEyZjMtNjI5OWEz YjAyZTI5LzJiZDBmYWM2LTFhNDYtNDBiNS1iZTY2LTllMGY3YjU0ZGY3Ny80NGRh NWQxMDMyNzdjOTM3YzUzZGNlMzA1YmQ5ZDc5YzJiYTc5NDI1MzU3YmI1NmVlZC5j ZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jwa2ktcnBz LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4MTQzYmY2MjAxODIxMTNlZWE0 OTBkMzMvMS9BUzIwMDAxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G CCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAF15aAwQAF15qAwQAF15tAwQAF16H AwQESjIQAwQAxhfeMA0GCSqGSIb3DQEBCwUAA4IBAQAmWyuSMlyiGyPOkWA4aXYN zpOSkHiYlQYzWgEv2lzrGArAFRtBqcsgrzlJZmU9RmGDR7TZsV8fSVbfAFD1IITb jRCFnc7eWaNmwGrqiLX73d+iResLZCqyNP3c+k3CKjCddIpD6oDE8MEcPn9CV5ty /ThX7jwlPw2++3VaT8SaPhu87EGxWjryipcDH5BsJMEAruDTBR50lw/M3r/M9KeV KC0pKrV8mf1NKxKUxl8Nb7MrGgKogAaGvSF1Jwng3z+erWgWm5hRkL1fNKdedasx pkRnto8yzOObTyRntDpA6xj3+seEZU5ER15Z2Xmrw9s41VmRMWn3hFwsPMqRg0MV -----END CERTIFICATE-----Generated at Sun Jun 29 09:57:06 2025 by rpki-client