$ rpki-client -vvf repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/34332e3235322e3233382e302f32342d3234203d3e203535373031.roa File: 34332e3235322e3233382e302f32342d3234203d3e203535373031.roa (raw, json) Hash identifier: T9eUL7UJmPWb6o9EvSNNM0T8Qh2joeYfCtGj3ui6JP0= Subject key identifier: FB:AB:D8:37:8E:CD:53:C5:10:DA:F1:D9:29:9C:9E:21:EA:DE:F7:E2 Certificate issuer: /CN=8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A Certificate serial: 7D97298ED9C851F6ADDC81BA6CCCB7CF5F7566C9 Authority key identifier: 8F:84:D6:FE:EA:F8:C5:D3:C5:D1:3F:10:1B:C7:0B:75:8B:F5:0F:6A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/34332e3235322e3233382e302f32342d3234203d3e203535373031.roa Signing time: Mon 31 Jul 2023 00:13:40 +0000 ROA not before: Mon 31 Jul 2023 00:08:40 +0000 ROA not after: Mon 29 Jul 2024 00:13:40 +0000 asID: 55701 IP address blocks: 43.252.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.crl rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Mar 2024 16:36:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:97:29:8e:d9:c8:51:f6:ad:dc:81:ba:6c:cc:b7:cf:5f:75:66:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A Validity Not Before: Jul 31 00:08:40 2023 GMT Not After : Jul 29 00:13:40 2024 GMT Subject: CN=FBABD8378ECD53C510DAF1D9299C9E21EADEF7E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:f1:9a:a5:3d:5d:fa:ed:6b:5a:b6:73:2d:1d: 82:33:a6:f5:ec:8d:ab:76:11:2b:e7:a0:74:48:ef: b2:51:07:12:eb:ae:4a:4c:c6:ab:7f:3b:93:6b:de: c6:ab:4a:56:6b:c4:67:40:2d:9c:03:ab:fa:c1:31: e2:47:bc:b0:ab:d7:db:f1:79:97:87:93:2f:16:52: 64:12:45:53:7b:ee:31:74:5f:31:45:5b:b8:92:c0: 44:c6:90:25:a9:bb:cc:ad:37:a2:96:20:d5:5b:74: c0:13:59:84:6f:bb:72:9e:1c:4a:01:a6:85:85:5e: 7f:e5:7e:28:6d:7f:81:ec:0f:88:53:cf:f6:50:3f: c1:9a:af:66:e0:86:fe:9a:53:4d:b1:68:91:b8:5f: 02:20:4f:37:0d:25:a5:28:12:1d:83:d9:65:23:f8: a4:ef:07:72:ed:40:e1:20:f3:45:46:a9:6e:69:45: 84:da:cd:c0:f8:0f:05:0a:2e:81:ec:f6:27:87:2f: 4c:a8:3a:95:d2:e3:37:65:6f:70:f5:72:d1:4d:db: 5a:8c:1c:89:9b:8a:c3:0b:3b:37:86:7f:32:fd:0c: 85:ec:cc:d7:6b:59:d6:05:78:3d:b7:ec:50:02:bc: 5b:19:d1:26:c6:46:1a:56:5d:f5:6a:03:a7:1a:53: 5b:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:AB:D8:37:8E:CD:53:C5:10:DA:F1:D9:29:9C:9E:21:EA:DE:F7:E2 X509v3 Authority Key Identifier: keyid:8F:84:D6:FE:EA:F8:C5:D3:C5:D1:3F:10:1B:C7:0B:75:8B:F5:0F:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/34332e3235322e3233382e302f32342d3234203d3e203535373031.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.238.0/24 Signature Algorithm: sha256WithRSAEncryption b5:a3:fc:51:db:02:81:1e:51:59:11:9d:7c:06:e1:b2:97:a1: 33:bc:18:51:81:89:4b:a8:6e:d5:74:2f:ea:2d:c9:94:ba:73: e5:d9:63:13:71:23:42:cb:3b:b3:8b:16:50:cb:1c:43:fb:41: 3f:b0:c1:7c:10:84:88:a7:e8:f5:c0:07:32:e7:53:e1:a7:2a: 41:4a:eb:00:6f:61:2b:e9:83:53:05:93:f0:79:4e:b2:92:75: 4c:23:5c:f9:7b:be:3d:69:ad:36:4a:36:7c:6b:ac:08:18:d9: 43:c5:2c:81:76:db:0f:87:71:dc:47:8f:2f:fd:ad:9b:77:2a: b0:4d:a4:11:e5:cd:06:8e:31:20:07:15:28:ff:7f:b9:e9:12: a1:86:9a:c4:67:9a:76:56:c2:6a:b0:1f:a5:24:95:3e:07:dd: e0:e6:6d:73:15:2f:b6:6a:69:07:4d:0d:09:c2:e6:6e:e7:8d: 24:75:e5:8b:e2:bf:0f:06:b2:48:70:8b:11:ab:21:dd:e5:13: 44:a8:99:40:fe:ef:c2:8b:92:e4:9c:7d:b9:52:eb:32:1b:45: 3e:67:3d:74:2c:04:73:a8:a5:8e:7f:43:f5:71:0c:a5:02:5a: 17:84:fa:bb:f0:22:dd:ba:b3:f5:fc:8a:a3:fc:2c:1e:27:51: dd:d4:f9:72 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUfZcpjtnIUfat3IG6bMy3z191ZskwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEY4NEQ2RkVFQUY4QzVEM0M1RDEzRjEwMUJDNzBCNzU4 QkY1MEY2QTAeFw0yMzA3MzEwMDA4NDBaFw0yNDA3MjkwMDEzNDBaMDMxMTAvBgNV BAMTKEZCQUJEODM3OEVDRDUzQzUxMERBRjFEOTI5OUM5RTIxRUFERUY3RTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj8ZqlPV367WtatnMtHYIzpvXs jat2ESvnoHRI77JRBxLrrkpMxqt/O5Nr3sarSlZrxGdALZwDq/rBMeJHvLCr19vx eZeHky8WUmQSRVN77jF0XzFFW7iSwETGkCWpu8ytN6KWINVbdMATWYRvu3KeHEoB poWFXn/lfihtf4HsD4hTz/ZQP8Gar2bghv6aU02xaJG4XwIgTzcNJaUoEh2D2WUj +KTvB3LtQOEg80VGqW5pRYTazcD4DwUKLoHs9ieHL0yoOpXS4zdlb3D1ctFN21qM HImbisMLOzeGfzL9DIXszNdrWdYFeD237FACvFsZ0SbGRhpWXfVqA6caU1t5AgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU+6vYN47NU8UQ2vHZKZyeIere9+IwHwYDVR0j BBgwFoAUj4TW/ur4xdPF0T8QG8cLdYv1D2owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y N2Q5Zjg1MS03ZTczLTQzODQtOTUwZS04YmU4ZTE1ZmQzZWUvMC84Rjg0RDZGRUVB RjhDNUQzQzVEMTNGMTAxQkM3MEI3NThCRjUwRjZBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEY4NEQ2RkVFQUY4QzVEM0M1RDEzRjEwMUJDNzBCNzU4QkY1 MEY2QS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI3ZDlmODUxLTdlNzMtNDM4NC05 NTBlLThiZThlMTVmZDNlZS8wLzM0MzMyZTMyMzUzMjJlMzIzMzM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzUzNTM3MzAzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv87jANBgkqhkiG 9w0BAQsFAAOCAQEAtaP8UdsCgR5RWRGdfAbhspehM7wYUYGJS6hu1XQv6i3JlLpz 5dljE3EjQss7s4sWUMscQ/tBP7DBfBCEiKfo9cAHMudT4acqQUrrAG9hK+mDUwWT 8HlOspJ1TCNc+Xu+PWmtNko2fGusCBjZQ8UsgXbbD4dx3EePL/2tm3cqsE2kEeXN Bo4xIAcVKP9/uekSoYaaxGeadlbCarAfpSSVPgfd4OZtcxUvtmppB00NCcLmbueN JHXli+K/DwaySHCLEash3eUTRKiZQP7vwouS5Jx9uVLrMhtFPmc9dCwEc6iljn9D 9XEMpQJaF4T6u/Ai3bqz9fyKo/wsHidR3dT5cg== -----END CERTIFICATE-----Generated at Tue Mar 26 23:46:05 2024 by rpki-client on console-fra.rpki-client.org