$ rpki-client -vvf repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e31372e302f32342d3234203d3e20313431363037.roa File: 3230322e3135342e31372e302f32342d3234203d3e20313431363037.roa (raw, json) Hash identifier: 7PSxDmOvJj1dcIg2PwOsDyUKEV9NxW/H+hRR/oYRb9c= Subject key identifier: 88:AD:3A:8A:6E:40:41:21:8E:18:6A:83:23:16:6D:A2:8B:07:87:EA Certificate issuer: /CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6 Certificate serial: 331DC9E2FF7E220310CA1CEFFEF36D583A283151 Authority key identifier: 10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e31372e302f32342d3234203d3e20313431363037.roa Signing time: Wed 11 Oct 2023 10:00:01 +0000 ROA not before: Wed 11 Oct 2023 09:55:01 +0000 ROA not after: Wed 09 Oct 2024 10:00:01 +0000 asID: 141607 IP address blocks: 202.154.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.crl rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 10:34:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:1d:c9:e2:ff:7e:22:03:10:ca:1c:ef:fe:f3:6d:58:3a:28:31:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6 Validity Not Before: Oct 11 09:55:01 2023 GMT Not After : Oct 9 10:00:01 2024 GMT Subject: CN=88AD3A8A6E4041218E186A8323166DA28B0787EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b6:25:b7:b8:f8:5c:2b:da:bd:68:4f:5d:b9: 73:61:64:26:60:8d:bd:f5:87:dd:9f:e8:94:b8:3b: de:6a:0a:f7:73:ad:69:ce:8c:b4:ff:f8:d7:1d:fc: 59:43:5c:46:a0:83:1b:7e:52:95:a9:6b:66:48:dc: 99:ec:b6:4f:9c:e4:d1:c7:04:93:49:db:f9:a5:b5: 13:22:a1:70:4b:46:39:dd:12:c7:3a:15:30:82:89: 52:d2:19:78:1b:40:58:7c:d9:58:76:bc:6a:b4:20: 8d:a9:23:25:8a:cc:db:5a:0b:88:28:75:a1:be:72: af:57:29:c5:ac:c4:05:db:bc:0d:33:02:95:8c:e2: c0:87:ec:e3:1a:8e:ee:2e:a4:7c:6d:eb:a3:3d:8e: c8:4e:b2:d9:d9:cc:0e:e1:46:5e:f1:94:d9:ea:38: 22:ad:5e:27:ed:85:3b:d9:83:63:43:35:3f:3d:02: 55:61:1b:a0:29:0c:86:a3:32:9e:be:86:b7:4f:f7: 20:6a:47:de:38:a9:f2:e3:58:e9:86:e2:12:f8:c6: 13:b5:2e:67:06:af:f0:c0:b0:dc:9d:60:e0:80:eb: 04:76:0b:39:0b:32:26:70:ee:b6:bd:8d:91:e2:2c: 66:d2:90:d3:98:2b:6b:ec:97:5a:07:b5:f2:88:e2: 59:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:AD:3A:8A:6E:40:41:21:8E:18:6A:83:23:16:6D:A2:8B:07:87:EA X509v3 Authority Key Identifier: keyid:10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e31372e302f32342d3234203d3e20313431363037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.154.17.0/24 Signature Algorithm: sha256WithRSAEncryption a4:32:fb:52:42:04:a1:e9:2c:e2:1b:8d:18:12:05:ec:8b:08: 79:87:d4:56:53:de:28:a9:50:c0:83:1c:77:53:5d:84:09:97: c7:81:9f:ff:56:d9:7d:e8:b2:57:44:8b:d3:c3:71:2d:af:9f: e3:a0:79:a0:04:45:8a:1b:f4:60:db:b6:29:5d:64:e5:1a:e1: a2:cb:4f:f8:ab:d4:5e:29:19:fe:fc:d9:a3:76:c1:c2:b7:ab: 6d:61:1b:89:d6:1a:43:c3:e7:7c:7b:20:74:42:71:45:45:08: 81:75:07:7f:31:2d:14:a3:9c:da:ca:b0:d5:69:3b:4b:eb:c7: 11:b3:64:82:bc:68:23:18:4c:7b:e7:07:05:c5:27:f2:ea:77: 5f:ad:4b:95:f5:1b:6c:7c:b5:d7:14:41:bd:76:46:0c:2b:01: 48:41:22:62:86:0e:5f:7d:d4:1e:e3:68:16:88:eb:3d:82:5c: 06:0b:6f:17:de:8f:24:7a:26:a9:07:a3:ec:fc:d2:10:2f:3f: 68:2f:dd:1d:4b:79:37:19:ff:94:4a:e6:a0:c7:c5:51:a6:c5: dd:72:74:bf:fa:94:86:33:17:a4:04:85:66:f8:5b:9c:bc:34: c8:12:e9:29:aa:16:ef:96:37:63:7f:39:9e:b9:f8:a5:6d:96: db:ac:bf:0b -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUMx3J4v9+IgMQyhzv/vNtWDooMVEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5 QUU5MjdGNjAeFw0yMzEwMTEwOTU1MDFaFw0yNDEwMDkxMDAwMDFaMDMxMTAvBgNV BAMTKDg4QUQzQThBNkU0MDQxMjE4RTE4NkE4MzIzMTY2REEyOEIwNzg3RUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJtiW3uPhcK9q9aE9duXNhZCZg jb31h92f6JS4O95qCvdzrWnOjLT/+Ncd/FlDXEaggxt+UpWpa2ZI3Jnstk+c5NHH BJNJ2/mltRMioXBLRjndEsc6FTCCiVLSGXgbQFh82Vh2vGq0II2pIyWKzNtaC4go daG+cq9XKcWsxAXbvA0zApWM4sCH7OMaju4upHxt66M9jshOstnZzA7hRl7xlNnq OCKtXifthTvZg2NDNT89AlVhG6ApDIajMp6+hrdP9yBqR944qfLjWOmG4hL4xhO1 LmcGr/DAsNydYOCA6wR2CzkLMiZw7ra9jZHiLGbSkNOYK2vsl1oHtfKI4lkzAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUiK06im5AQSGOGGqDIxZtoosHh+owHwYDVR0j BBgwFoAUEPAPrm8Lk6vclWKKzjw8GJrpJ/YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YzBjMTRhOS0zYTc3LTQ5ZTItOTE5NC00OGQwOTEzNDU4YjIvMC8xMEYwMEZBRTZG MEI5M0FCREM5NTYyOEFDRTNDM0MxODlBRTkyN0Y2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5QUU5 MjdGNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVjMGMxNGE5LTNhNzctNDllMi05 MTk0LTQ4ZDA5MTM0NThiMi8wLzMyMzAzMjJlMzEzNTM0MmUzMTM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzYzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAypoRMA0GCSqG SIb3DQEBCwUAA4IBAQCkMvtSQgSh6SziG40YEgXsiwh5h9RWU94oqVDAgxx3U12E CZfHgZ//Vtl96LJXRIvTw3Etr5/joHmgBEWKG/Rg27YpXWTlGuGiy0/4q9ReKRn+ /NmjdsHCt6ttYRuJ1hpDw+d8eyB0QnFFRQiBdQd/MS0Uo5zayrDVaTtL68cRs2SC vGgjGEx75wcFxSfy6ndfrUuV9RtsfLXXFEG9dkYMKwFIQSJihg5ffdQe42gWiOs9 glwGC28X3o8keiapB6Ps/NIQLz9oL90dS3k3Gf+USuagx8VRpsXdcnS/+pSGMxek BIVm+FucvDTIEukpqhbvljdjfzmeufilbZbbrL8L -----END CERTIFICATE-----Generated at Sat Apr 27 10:12:45 2024 by rpki-client on console-ams.rpki-client.org