$ rpki-client -vvf repo-rpki.idnic.net/repo/5972f9a2-b0ff-4298-8da6-e2e38348a07b/0/3130332e3231322e3233382e302f32342d3234203d3e203338373536.roa File: 3130332e3231322e3233382e302f32342d3234203d3e203338373536.roa (raw, json) Hash identifier: kqCM+ybOTVdLlYvgsNblKrLNV0K1FxGd+0UGkN9tyc0= Subject key identifier: D8:BA:C9:16:6B:27:CC:4D:AF:21:67:45:F6:06:CB:89:9C:E7:69:8A Certificate issuer: /CN=40F85FB380A012F2BB6D055D914C008674125D67 Certificate serial: 03867A8AB9F1BB4509BF8A3209484B0211BDFE62 Authority key identifier: 40:F8:5F:B3:80:A0:12:F2:BB:6D:05:5D:91:4C:00:86:74:12:5D:67 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40F85FB380A012F2BB6D055D914C008674125D67.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5972f9a2-b0ff-4298-8da6-e2e38348a07b/0/3130332e3231322e3233382e302f32342d3234203d3e203338373536.roa Signing time: Fri 15 Sep 2023 04:00:00 +0000 ROA not before: Fri 15 Sep 2023 03:55:00 +0000 ROA not after: Fri 13 Sep 2024 04:00:00 +0000 asID: 38756 IP address blocks: 103.212.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5972f9a2-b0ff-4298-8da6-e2e38348a07b/0/40F85FB380A012F2BB6D055D914C008674125D67.crl rsync://repo-rpki.idnic.net/repo/5972f9a2-b0ff-4298-8da6-e2e38348a07b/0/40F85FB380A012F2BB6D055D914C008674125D67.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40F85FB380A012F2BB6D055D914C008674125D67.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 13:28:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:86:7a:8a:b9:f1:bb:45:09:bf:8a:32:09:48:4b:02:11:bd:fe:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40F85FB380A012F2BB6D055D914C008674125D67 Validity Not Before: Sep 15 03:55:00 2023 GMT Not After : Sep 13 04:00:00 2024 GMT Subject: CN=D8BAC9166B27CC4DAF216745F606CB899CE7698A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:27:63:a0:17:61:38:ae:15:ad:ed:a2:7a:39: 78:43:a0:ab:a3:ff:46:ba:db:d6:e9:4e:e4:d7:2e: 80:d8:1d:3b:ba:b7:9d:b1:e9:2b:cb:e5:25:05:ed: 41:e3:e8:20:22:e8:c3:e4:02:88:1d:da:b1:18:71: 7e:3a:be:e7:77:10:4a:1b:12:71:1f:f3:62:c0:4f: eb:22:cd:a0:d7:03:44:28:a7:c0:97:2e:ee:63:1a: d4:79:63:63:89:85:61:de:1e:49:d0:76:f2:e6:9d: a7:79:8f:36:ac:92:b7:05:ca:18:f5:20:f4:10:9c: e4:c5:e6:2b:60:bf:bd:2f:04:84:ee:29:cd:f0:25: 9f:c9:21:07:1e:49:e3:a0:d7:db:cc:78:c4:f6:3b: c0:22:f6:5c:86:a1:5d:ff:2f:d1:40:0f:7a:4b:91: 42:f7:7b:34:c6:47:1f:e8:81:77:2e:d4:d6:3a:d7: 95:c6:36:28:b3:60:61:08:87:ea:74:18:a4:d1:fe: 4f:00:27:92:e4:e7:34:f2:66:d5:15:93:c6:9d:31: 5a:de:a1:44:8c:30:35:3d:58:02:7f:2d:3f:99:03: e3:76:28:55:b1:71:9d:fe:58:e0:22:fe:dc:73:8c: f7:06:b5:25:ae:cc:08:41:6e:55:13:96:7a:11:a9: 99:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:BA:C9:16:6B:27:CC:4D:AF:21:67:45:F6:06:CB:89:9C:E7:69:8A X509v3 Authority Key Identifier: keyid:40:F8:5F:B3:80:A0:12:F2:BB:6D:05:5D:91:4C:00:86:74:12:5D:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5972f9a2-b0ff-4298-8da6-e2e38348a07b/0/40F85FB380A012F2BB6D055D914C008674125D67.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40F85FB380A012F2BB6D055D914C008674125D67.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5972f9a2-b0ff-4298-8da6-e2e38348a07b/0/3130332e3231322e3233382e302f32342d3234203d3e203338373536.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.212.238.0/24 Signature Algorithm: sha256WithRSAEncryption 60:30:c5:1d:f4:e1:71:9c:b6:e3:03:d2:aa:08:2d:c2:f1:c5: e0:ea:31:25:04:26:bb:64:91:b7:eb:62:61:24:f3:bf:10:d5: ee:8d:13:68:ea:75:d5:b5:df:d0:9c:0a:0e:ca:f9:52:ee:48: cd:f3:5b:d7:d3:98:74:73:fc:0c:3f:85:84:18:8a:f9:ff:10: e0:c2:cf:44:ba:92:4b:48:c1:8a:44:b8:bc:cf:72:d4:a7:50: 7c:8e:17:95:c9:b7:18:b2:6a:ab:3f:55:d3:f9:5a:db:be:3a: e4:b8:bc:00:09:d7:3e:cf:0d:0a:9e:26:e0:eb:da:a6:94:5d: 6c:93:13:70:f4:dc:b3:df:54:e0:ee:b8:4c:ee:7f:23:fb:e3: 67:ec:f6:0f:1d:12:e3:4f:ee:8b:42:93:57:f8:28:0c:c0:b7: 26:fb:9d:1d:8c:c3:f7:ba:3d:1a:e3:b3:10:d6:81:f6:22:3a: ec:63:eb:1b:32:d9:6a:1f:f8:44:71:45:a1:b4:73:44:12:16: 15:64:bc:cf:32:72:96:34:86:5d:ca:73:af:09:64:63:dd:45: 5c:c5:70:65:4f:31:a7:5e:10:4b:82:ff:bf:ad:e7:76:53:ae: b6:6e:42:4f:57:91:c9:3a:27:2e:ed:ba:a2:d8:8c:57:34:20: fb:0a:ab:af -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUA4Z6irnxu0UJv4oyCUhLAhG9/mIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBGODVGQjM4MEEwMTJGMkJCNkQwNTVEOTE0QzAwODY3 NDEyNUQ2NzAeFw0yMzA5MTUwMzU1MDBaFw0yNDA5MTMwNDAwMDBaMDMxMTAvBgNV BAMTKEQ4QkFDOTE2NkIyN0NDNERBRjIxNjc0NUY2MDZDQjg5OUNFNzY5OEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgJ2OgF2E4rhWt7aJ6OXhDoKuj /0a629bpTuTXLoDYHTu6t52x6SvL5SUF7UHj6CAi6MPkAogd2rEYcX46vud3EEob EnEf82LAT+sizaDXA0Qop8CXLu5jGtR5Y2OJhWHeHknQdvLmnad5jzaskrcFyhj1 IPQQnOTF5itgv70vBITuKc3wJZ/JIQceSeOg19vMeMT2O8Ai9lyGoV3/L9FAD3pL kUL3ezTGRx/ogXcu1NY615XGNiizYGEIh+p0GKTR/k8AJ5Lk5zTyZtUVk8adMVre oUSMMDU9WAJ/LT+ZA+N2KFWxcZ3+WOAi/txzjPcGtSWuzAhBblUTlnoRqZljAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU2LrJFmsnzE2vIWdF9gbLiZznaYowHwYDVR0j BBgwFoAUQPhfs4CgEvK7bQVdkUwAhnQSXWcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 OTcyZjlhMi1iMGZmLTQyOTgtOGRhNi1lMmUzODM0OGEwN2IvMC80MEY4NUZCMzgw QTAxMkYyQkI2RDA1NUQ5MTRDMDA4Njc0MTI1RDY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBGODVGQjM4MEEwMTJGMkJCNkQwNTVEOTE0QzAwODY3NDEy NUQ2Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU5NzJmOWEyLWIwZmYtNDI5OC04 ZGE2LWUyZTM4MzQ4YTA3Yi8wLzMxMzAzMzJlMzIzMTMyMmUzMjMzMzgyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzczNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9TuMA0GCSqG SIb3DQEBCwUAA4IBAQBgMMUd9OFxnLbjA9KqCC3C8cXg6jElBCa7ZJG362JhJPO/ ENXujRNo6nXVtd/QnAoOyvlS7kjN81vX05h0c/wMP4WEGIr5/xDgws9EupJLSMGK RLi8z3LUp1B8jheVybcYsmqrP1XT+VrbvjrkuLwACdc+zw0Knibg69qmlF1skxNw 9Nyz31Tg7rhM7n8j++Nn7PYPHRLjT+6LQpNX+CgMwLcm+50djMP3uj0a47MQ1oH2 IjrsY+sbMtlqH/hEcUWhtHNEEhYVZLzPMnKWNIZdynOvCWRj3UVcxXBlTzGnXhBL gv+/red2U662bkJPV5HJOicu7bqi2IxXNCD7Cquv -----END CERTIFICATE-----Generated at Wed May 1 05:56:38 2024 by rpki-client on console-fra.rpki-client.org