$ rpki-client -vvf repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/34332e3235322e3130342e302f32342d3234203d3e20313432333237.roa File: 34332e3235322e3130342e302f32342d3234203d3e20313432333237.roa (raw, json) Hash identifier: /2oKm5GJ55qpDTs1GFqIU+Nb8Ghj047mpY1YHMqcmyU= Subject key identifier: 23:A1:50:A2:BC:AE:C5:6D:F5:A3:A0:66:A2:6E:56:9F:67:18:DB:A4 Certificate issuer: /CN=D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD Certificate serial: 40A6F1BE8473E368C6203F3954949B0105C67058 Authority key identifier: D2:5A:04:A0:E4:E5:2F:F4:22:D9:D8:FB:85:7D:23:DC:61:42:E5:FD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/34332e3235322e3130342e302f32342d3234203d3e20313432333237.roa Signing time: Mon 04 Dec 2023 06:58:41 +0000 ROA not before: Mon 04 Dec 2023 06:53:41 +0000 ROA not after: Mon 02 Dec 2024 06:58:41 +0000 asID: 142327 IP address blocks: 43.252.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.crl rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 03:25:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:a6:f1:be:84:73:e3:68:c6:20:3f:39:54:94:9b:01:05:c6:70:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD Validity Not Before: Dec 4 06:53:41 2023 GMT Not After : Dec 2 06:58:41 2024 GMT Subject: CN=23A150A2BCAEC56DF5A3A066A26E569F6718DBA4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:dd:9b:df:ac:8f:0f:e1:c7:97:36:8f:72:58: 6a:8b:f9:38:5d:e2:1e:46:61:47:a7:5a:aa:7c:05: fc:4c:4e:9a:59:bb:eb:cc:5f:5d:ce:5d:3f:96:de: d0:0f:15:7c:31:0d:44:0a:0c:b5:e4:8d:30:c6:db: d5:55:1b:4b:60:50:64:2d:73:91:5f:ef:1d:41:43: 67:26:37:da:b7:e1:df:07:85:71:10:6c:c7:46:3f: d7:82:ce:9c:ad:68:53:2d:39:24:3d:86:1b:68:ad: 4d:04:c0:e6:0b:81:86:a5:04:2f:c0:5a:35:d6:bc: 0d:a6:6d:8d:9d:ed:e0:aa:e3:ad:07:f6:76:3f:a6: e2:27:33:8e:20:e9:21:95:a3:b0:e8:cc:a3:14:f4: 80:53:98:bf:96:c9:ba:18:28:75:22:61:8d:b6:c8: cc:10:52:0a:1d:51:c5:7a:a1:52:47:52:53:ca:af: 1d:54:86:4b:f9:a7:7a:b4:ec:eb:7e:eb:51:3e:01: 07:37:b2:68:4c:7f:d4:67:3e:e8:23:b4:f4:b6:52: 95:5c:ee:f4:fc:e6:67:24:3f:63:f1:ab:b0:f0:28: c8:13:35:cc:6d:27:71:4a:05:68:7d:c6:a6:3f:d3: ea:26:c3:2a:fc:72:0b:8b:9f:be:fd:4f:2f:58:cf: fe:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:A1:50:A2:BC:AE:C5:6D:F5:A3:A0:66:A2:6E:56:9F:67:18:DB:A4 X509v3 Authority Key Identifier: keyid:D2:5A:04:A0:E4:E5:2F:F4:22:D9:D8:FB:85:7D:23:DC:61:42:E5:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/34332e3235322e3130342e302f32342d3234203d3e20313432333237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.104.0/24 Signature Algorithm: sha256WithRSAEncryption 78:af:ad:77:c3:5c:7a:dd:ee:84:39:7d:90:a2:10:81:9c:77: ab:60:d2:59:3a:a1:82:ae:b8:0b:d2:4c:a5:55:8d:29:55:46: f9:63:18:dc:a6:02:e3:30:ec:f5:37:da:c1:6e:a9:b4:92:c3: 50:00:8e:da:a8:7c:68:64:f7:1b:7e:1c:61:e2:92:7c:a6:7c: 0f:77:91:65:7b:65:ca:30:a2:b2:db:c9:87:cf:ce:41:ca:e7: 83:a7:14:36:01:b3:23:e8:b0:44:0d:40:29:b6:78:e5:18:c1: d6:4c:b6:ec:e0:23:0b:03:71:cf:58:b2:58:af:de:ac:ac:5c: 04:f4:eb:3d:6d:8a:58:c2:9f:1a:97:87:ae:fe:ac:20:c8:d0: 4a:bd:c1:bf:d2:4d:c1:f7:d7:bb:5a:47:9d:ac:68:1c:82:b8: 73:22:9e:52:8f:f1:fd:e7:43:27:02:89:f6:1b:a0:df:e8:11: b0:73:86:8b:4b:4a:5c:4a:ae:46:8e:46:df:2c:41:58:7a:6f: fd:5b:91:41:f0:78:ee:ad:b7:4d:5a:70:64:73:77:1e:da:aa: 4d:39:77:35:01:e3:ee:c5:75:8a:d7:00:e8:95:67:98:f3:b6: 0e:a6:37:46:3a:09:81:76:64:f1:65:be:43:00:dc:7e:1e:93: 00:fd:25:e5 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUQKbxvoRz42jGID85VJSbAQXGcFgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDI1QTA0QTBFNEU1MkZGNDIyRDlEOEZCODU3RDIzREM2 MTQyRTVGRDAeFw0yMzEyMDQwNjUzNDFaFw0yNDEyMDIwNjU4NDFaMDMxMTAvBgNV BAMTKDIzQTE1MEEyQkNBRUM1NkRGNUEzQTA2NkEyNkU1NjlGNjcxOERCQTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq3ZvfrI8P4ceXNo9yWGqL+Thd 4h5GYUenWqp8BfxMTppZu+vMX13OXT+W3tAPFXwxDUQKDLXkjTDG29VVG0tgUGQt c5Ff7x1BQ2cmN9q34d8HhXEQbMdGP9eCzpytaFMtOSQ9hhtorU0EwOYLgYalBC/A WjXWvA2mbY2d7eCq460H9nY/puInM44g6SGVo7DozKMU9IBTmL+WyboYKHUiYY22 yMwQUgodUcV6oVJHUlPKrx1Uhkv5p3q07Ot+61E+AQc3smhMf9RnPugjtPS2UpVc 7vT85mckP2Pxq7DwKMgTNcxtJ3FKBWh9xqY/0+omwyr8cguLn779Ty9Yz/7nAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUI6FQoryuxW31o6Bmom5Wn2cY26QwHwYDVR0j BBgwFoAU0loEoOTlL/Qi2dj7hX0j3GFC5f0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ZDk1YzE5Yy0zMjYyLTQ4YzctYWYwMi0zN2E4MzVkMGE3NzkvMC9EMjVBMDRBMEU0 RTUyRkY0MjJEOUQ4RkI4NTdEMjNEQzYxNDJFNUZELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDI1QTA0QTBFNEU1MkZGNDIyRDlEOEZCODU3RDIzREM2MTQy RTVGRC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJkOTVjMTljLTMyNjItNDhjNy1h ZjAyLTM3YTgzNWQwYTc3OS8wLzM0MzMyZTMyMzUzMjJlMzEzMDM0MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNDMyMzMzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK/xoMA0GCSqG SIb3DQEBCwUAA4IBAQB4r613w1x63e6EOX2QohCBnHerYNJZOqGCrrgL0kylVY0p VUb5YxjcpgLjMOz1N9rBbqm0ksNQAI7aqHxoZPcbfhxh4pJ8pnwPd5Fle2XKMKKy 28mHz85ByueDpxQ2AbMj6LBEDUAptnjlGMHWTLbs4CMLA3HPWLJYr96srFwE9Os9 bYpYwp8al4eu/qwgyNBKvcG/0k3B99e7WkedrGgcgrhzIp5Sj/H950MnAon2G6Df 6BGwc4aLS0pcSq5GjkbfLEFYem/9W5FB8HjurbdNWnBkc3ce2qpNOXc1AePuxXWK 1wDolWeY87YOpjdGOgmBdmTxZb5DANx+HpMA/SXl -----END CERTIFICATE-----Generated at Fri May 3 21:31:15 2024 by rpki-client on console-ams.rpki-client.org