$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/34332e3232392e3235342e302f32332d3234203d3e203233363739.roa File: 34332e3232392e3235342e302f32332d3234203d3e203233363739.roa (raw, json) Hash identifier: J7Ac2aKGRvw02TmKSNhRYcUnNbrgDIcNCzvAH7OHgPQ= Subject key identifier: F6:AB:04:84:D0:F5:01:1F:54:98:9B:F0:24:11:86:1B:24:11:6B:8A Certificate issuer: /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Certificate serial: 70C5443B0E9E8ABE0C97D112F17230D7F972C1F1 Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject info access: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/34332e3232392e3235342e302f32332d3234203d3e203233363739.roa Signing time: Fri 23 Aug 2024 06:00:03 +0000 ROA not before: Fri 23 Aug 2024 05:55:03 +0000 ROA not after: Fri 22 Aug 2025 06:00:03 +0000 asID: 23679 IP address blocks: 43.229.254.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 16:59:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:c5:44:3b:0e:9e:8a:be:0c:97:d1:12:f1:72:30:d7:f9:72:c1:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Validity Not Before: Aug 23 05:55:03 2024 GMT Not After : Aug 22 06:00:03 2025 GMT Subject: CN=F6AB0484D0F5011F54989BF02411861B24116B8A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:3b:a8:39:1d:02:15:6b:6e:b9:79:d7:e2:f1: 98:cf:ab:03:6d:5a:de:41:4f:68:99:09:03:aa:d0: 33:c7:9e:3a:36:5a:ef:22:93:e1:8f:47:1d:7a:6f: ce:12:a3:bb:c0:9a:a7:1d:53:60:29:f1:0e:50:cf: 92:7d:e2:3f:b9:c6:03:a4:23:50:52:d6:44:b2:02: 1f:66:14:42:d6:68:74:e3:8c:1b:e8:7d:59:3e:12: 67:97:53:8c:94:e4:36:a1:ab:73:71:79:77:2d:21: c0:8c:06:01:5a:46:3d:6d:bf:22:79:66:03:f8:e0: f3:b3:4b:4b:9b:69:98:63:57:ef:c7:2e:1b:46:44: fd:bf:18:48:9d:f8:9b:d5:09:1c:31:b5:2f:1c:5d: 0b:7c:63:c9:ec:e6:6d:1c:11:78:b5:f0:7a:72:74: 83:24:14:65:43:2d:26:f1:ca:aa:84:9c:83:09:5c: d4:ab:75:5e:6f:2d:38:9c:e7:7f:29:3d:f3:e3:7b: f7:67:d1:e9:3c:05:63:f2:b2:00:e3:b1:9b:b6:21: 96:0b:83:4d:61:1a:3c:75:2d:b0:ab:fa:52:f6:11: bf:06:a7:81:ed:b6:5a:79:01:02:bf:b3:18:2e:8d: 17:ff:3e:93:83:4f:4f:6e:6c:a5:92:4a:a7:57:e1: 77:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:AB:04:84:D0:F5:01:1F:54:98:9B:F0:24:11:86:1B:24:11:6B:8A X509v3 Authority Key Identifier: keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/34332e3232392e3235342e302f32332d3234203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.229.254.0/23 Signature Algorithm: sha256WithRSAEncryption 67:99:18:db:b0:c6:e0:76:c2:3f:39:d0:17:3a:0e:e9:da:6c: 46:ea:24:9f:73:15:99:6e:0a:a4:46:36:88:b5:ad:f5:7b:5f: 8e:78:56:cd:d6:fa:86:d6:ea:5f:fa:9f:3b:3d:a7:d9:28:be: c5:16:a1:85:49:d7:0b:f1:d8:08:c9:9a:f2:16:7e:b5:fa:d0: eb:ee:e0:9d:48:72:04:c4:05:b2:47:58:f7:38:90:a2:99:e4: 47:05:a6:5d:ca:49:53:0a:d0:1b:f1:b9:b8:d7:f8:d6:5a:b4: 55:c9:ee:ec:a7:f4:ea:5e:48:60:59:95:95:98:d3:fe:b3:46: 87:1c:b5:24:12:88:46:ad:44:08:0f:fe:b9:c6:a1:da:f7:83: ba:5e:b9:79:f2:d2:3d:9c:f5:34:1d:71:08:27:26:3c:13:c4: 73:f4:c0:90:97:09:ea:b9:c8:29:30:67:0f:fa:ab:25:cb:2e: d8:a4:5c:53:c3:7c:39:81:2d:b8:18:95:3f:b2:ac:d7:76:09: b9:81:c1:56:ca:78:a9:d1:54:e1:ba:5b:15:58:76:00:bf:36: 36:83:bd:62:1c:53:1d:74:81:ff:15:87:25:7f:08:8a:98:01: 01:fb:88:ef:bc:b7:ec:c3:0d:6a:35:f6:d3:5c:28:0b:0d:72: 36:f8:bb:df -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUcMVEOw6eir4Ml9ES8XIw1/lywfEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0 RkE2Njk4NDAeFw0yNDA4MjMwNTU1MDNaFw0yNTA4MjIwNjAwMDNaMDMxMTAvBgNV BAMTKEY2QUIwNDg0RDBGNTAxMUY1NDk4OUJGMDI0MTE4NjFCMjQxMTZCOEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMO6g5HQIVa265edfi8ZjPqwNt Wt5BT2iZCQOq0DPHnjo2Wu8ik+GPRx16b84So7vAmqcdU2Ap8Q5Qz5J94j+5xgOk I1BS1kSyAh9mFELWaHTjjBvofVk+EmeXU4yU5Dahq3NxeXctIcCMBgFaRj1tvyJ5 ZgP44POzS0ubaZhjV+/HLhtGRP2/GEid+JvVCRwxtS8cXQt8Y8ns5m0cEXi18Hpy dIMkFGVDLSbxyqqEnIMJXNSrdV5vLTic538pPfPje/dn0ek8BWPysgDjsZu2IZYL g01hGjx1LbCr+lL2Eb8Gp4Httlp5AQK/sxgujRf/PpODT09ubKWSSqdX4XfPAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU9qsEhND1AR9UmJvwJBGGGyQRa4owHwYDVR0j BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2 Njk4NC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzM0MzMyZTMyMzIzOTJlMzIzNTM0MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzIzMzM2MzczOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEASvl/jANBgkqhkiG 9w0BAQsFAAOCAQEAZ5kY27DG4HbCPznQFzoO6dpsRuokn3MVmW4KpEY2iLWt9Xtf jnhWzdb6htbqX/qfOz2n2Si+xRahhUnXC/HYCMma8hZ+tfrQ6+7gnUhyBMQFskdY 9ziQopnkRwWmXcpJUwrQG/G5uNf41lq0Vcnu7Kf06l5IYFmVlZjT/rNGhxy1JBKI Rq1ECA/+ucah2veDul65efLSPZz1NB1xCCcmPBPEc/TAkJcJ6rnIKTBnD/qrJcsu 2KRcU8N8OYEtuBiVP7Ks13YJuYHBVsp4qdFU4bpbFVh2AL82NoO9YhxTHXSB/xWH JX8IipgBAfuI77y37MMNajX201woCw1yNvi73w== -----END CERTIFICATE-----Generated at Thu Jul 24 04:59:29 2025 by rpki-client