$ rpki-client -vvf repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/3232302e3135372e39362e302f32302d3234203d3e2039373835.roa File: 3232302e3135372e39362e302f32302d3234203d3e2039373835.roa (raw, json) Hash identifier: qGAQjU82DMrYy0FQtS9J5kftDpMHLeKjpqvt4hR5ij8= Subject key identifier: 68:EB:63:D8:AA:06:AA:75:0F:7C:5B:F8:3F:1A:3F:A9:02:C4:9B:B2 Certificate issuer: /CN=BF3B675AEBEE64D00B323056545D1F630F1C489E Certificate serial: 427F0B99634444E7112D502530BA33B3FE4FCE68 Authority key identifier: BF:3B:67:5A:EB:EE:64:D0:0B:32:30:56:54:5D:1F:63:0F:1C:48:9E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF3B675AEBEE64D00B323056545D1F630F1C489E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/3232302e3135372e39362e302f32302d3234203d3e2039373835.roa Signing time: Mon 31 Jul 2023 00:13:34 +0000 ROA not before: Mon 31 Jul 2023 00:08:34 +0000 ROA not after: Mon 29 Jul 2024 00:13:34 +0000 asID: 9785 IP address blocks: 220.157.96.0/20 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/BF3B675AEBEE64D00B323056545D1F630F1C489E.crl rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/BF3B675AEBEE64D00B323056545D1F630F1C489E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF3B675AEBEE64D00B323056545D1F630F1C489E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Apr 2024 10:54:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:7f:0b:99:63:44:44:e7:11:2d:50:25:30:ba:33:b3:fe:4f:ce:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BF3B675AEBEE64D00B323056545D1F630F1C489E Validity Not Before: Jul 31 00:08:34 2023 GMT Not After : Jul 29 00:13:34 2024 GMT Subject: CN=68EB63D8AA06AA750F7C5BF83F1A3FA902C49BB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f3:8c:0b:30:1a:6c:fc:aa:63:ed:20:6f:09: 70:b6:04:db:56:e2:df:34:4a:f4:00:83:32:9d:e4: d1:69:7e:a3:43:51:6c:e1:76:a4:6e:61:15:fc:ab: d7:f9:0c:a1:47:28:20:6d:cc:ef:b7:ea:33:d4:a9: 63:d0:22:c3:ad:b1:8d:85:a0:67:5d:93:aa:da:0b: a6:29:35:a6:c6:64:bf:50:66:fb:13:4a:e0:78:c9: 8f:9c:45:49:12:3d:11:3b:ad:ec:d6:a2:10:1e:5d: cc:8a:e0:59:d1:83:78:ec:8d:80:f7:7f:43:0a:97: ca:35:46:1f:1a:c1:69:ba:3a:cd:1b:b3:2e:75:6a: 94:3a:0c:38:0e:2f:6a:5b:81:55:78:4c:46:82:cd: 41:15:28:9e:a0:fd:81:f0:d5:e9:82:cb:31:b9:2a: f5:84:af:80:8b:39:11:82:07:eb:15:ac:bf:1e:5c: cf:fd:13:59:83:b5:19:6c:70:a9:99:4d:74:9f:de: 5f:05:d6:72:06:0a:8b:b5:24:c0:27:a1:0c:15:2a: f2:0a:34:c4:f8:21:23:1b:92:ae:5a:9a:d1:15:0b: de:4c:9a:d0:41:8f:f8:21:a0:cf:09:be:4f:de:96: e2:d6:3a:7d:20:3f:b3:ea:5a:53:21:4f:40:cc:c7: 18:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:EB:63:D8:AA:06:AA:75:0F:7C:5B:F8:3F:1A:3F:A9:02:C4:9B:B2 X509v3 Authority Key Identifier: keyid:BF:3B:67:5A:EB:EE:64:D0:0B:32:30:56:54:5D:1F:63:0F:1C:48:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/BF3B675AEBEE64D00B323056545D1F630F1C489E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF3B675AEBEE64D00B323056545D1F630F1C489E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/3232302e3135372e39362e302f32302d3234203d3e2039373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 220.157.96.0/20 Signature Algorithm: sha256WithRSAEncryption 32:7c:4c:9b:a5:88:16:b3:af:4a:f0:58:0e:cd:24:02:46:f4: 66:d0:3e:c8:79:11:b4:bd:87:58:aa:c2:32:8f:09:10:e0:e7: b8:51:cc:51:07:31:6d:db:cc:fe:5a:74:2d:56:d4:ec:96:85: 93:51:af:05:62:50:56:ae:3c:e2:1d:4a:c0:f6:8b:5c:1c:66: 0f:48:ab:f4:cf:bf:52:9f:6b:d4:cd:20:2c:8f:ae:88:a0:5c: 17:74:32:6e:89:a6:75:b1:01:5c:78:f5:63:fe:22:5d:a9:fe: 29:3b:3a:c7:b3:4f:98:d9:99:6f:5f:c8:74:c0:10:54:08:74: 8c:b7:30:2a:a6:67:ee:0a:74:92:52:29:49:a2:af:83:0c:da: 77:0c:bd:4c:fe:62:0f:69:6c:4c:be:c8:0d:53:c7:8f:5e:67: 0e:f2:23:9c:66:c8:43:95:0b:01:7c:28:62:e4:7e:00:ed:6c: 6e:04:26:8a:9e:db:1d:22:d6:73:33:ef:9f:29:18:97:c2:6c: 42:e4:72:1f:0a:b2:df:9a:9b:81:96:c6:74:57:cd:2f:28:70: f8:06:8f:12:07:c8:d1:9f:1a:f0:47:ad:29:f1:00:fa:2a:af: 7a:a9:55:24:98:cd:1a:2d:eb:db:e9:66:4b:77:6b:6d:0c:c9: ac:a9:f5:14 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUQn8LmWNEROcRLVAlMLozs/5PzmgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkYzQjY3NUFFQkVFNjREMDBCMzIzMDU2NTQ1RDFGNjMw RjFDNDg5RTAeFw0yMzA3MzEwMDA4MzRaFw0yNDA3MjkwMDEzMzRaMDMxMTAvBgNV BAMTKDY4RUI2M0Q4QUEwNkFBNzUwRjdDNUJGODNGMUEzRkE5MDJDNDlCQjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX84wLMBps/Kpj7SBvCXC2BNtW 4t80SvQAgzKd5NFpfqNDUWzhdqRuYRX8q9f5DKFHKCBtzO+36jPUqWPQIsOtsY2F oGddk6raC6YpNabGZL9QZvsTSuB4yY+cRUkSPRE7rezWohAeXcyK4FnRg3jsjYD3 f0MKl8o1Rh8awWm6Os0bsy51apQ6DDgOL2pbgVV4TEaCzUEVKJ6g/YHw1emCyzG5 KvWEr4CLORGCB+sVrL8eXM/9E1mDtRlscKmZTXSf3l8F1nIGCou1JMAnoQwVKvIK NMT4ISMbkq5amtEVC95MmtBBj/ghoM8Jvk/eluLWOn0gP7PqWlMhT0DMxxhNAgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUaOtj2KoGqnUPfFv4Pxo/qQLEm7IwHwYDVR0j BBgwFoAUvztnWuvuZNALMjBWVF0fYw8cSJ4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 OTBjOTAwOS1hZDUzLTRmYTYtYTE4My0zNGIzNDU3YmVhMDMvMC9CRjNCNjc1QUVC RUU2NEQwMEIzMjMwNTY1NDVEMUY2MzBGMUM0ODlFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkYzQjY3NUFFQkVFNjREMDBCMzIzMDU2NTQ1RDFGNjMwRjFD NDg5RS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY5MGM5MDA5LWFkNTMtNGZhNi1h MTgzLTM0YjM0NTdiZWEwMy8wLzMyMzIzMDJlMzEzNTM3MmUzOTM2MmUzMDJmMzIz MDJkMzIzNDIwM2QzZTIwMzkzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATcnWAwDQYJKoZIhvcN AQELBQADggEBADJ8TJuliBazr0rwWA7NJAJG9GbQPsh5EbS9h1iqwjKPCRDg57hR zFEHMW3bzP5adC1W1OyWhZNRrwViUFauPOIdSsD2i1wcZg9Iq/TPv1Kfa9TNICyP roigXBd0Mm6JpnWxAVx49WP+Il2p/ik7OsezT5jZmW9fyHTAEFQIdIy3MCqmZ+4K dJJSKUmir4MM2ncMvUz+Yg9pbEy+yA1Tx49eZw7yI5xmyEOVCwF8KGLkfgDtbG4E Joqe2x0i1nMz758pGJfCbELkch8Kst+am4GWxnRXzS8ocPgGjxIHyNGfGvBHrSnx APoqr3qpVSSYzRot69vpZkt3a20Myayp9RQ= -----END CERTIFICATE-----Generated at Wed Apr 24 08:33:50 2024 by rpki-client on console-fra.rpki-client.org