$ rpki-client -vvf repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa File: 3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa (raw, json) Hash identifier: 5TL2HsiRY0J5tCiDuwP5I5G6VKjQwHWtSJpLgBKSl9s= Subject key identifier: 96:B6:3A:A1:50:8B:6A:3D:92:06:DC:D3:B5:7D:3F:13:8C:9D:33:E6 Certificate issuer: /CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Certificate serial: 6DA2D7FA8E7DDF7EF54B7BC5F5E762F10744BE2D Authority key identifier: 4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa Signing time: Tue 05 Mar 2024 08:00:01 +0000 ROA not before: Tue 05 Mar 2024 07:55:01 +0000 ROA not after: Tue 04 Mar 2025 08:00:01 +0000 asID: 141607 IP address blocks: 223.25.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 18:52:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:a2:d7:fa:8e:7d:df:7e:f5:4b:7b:c5:f5:e7:62:f1:07:44:be:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Validity Not Before: Mar 5 07:55:01 2024 GMT Not After : Mar 4 08:00:01 2025 GMT Subject: CN=96B63AA1508B6A3D9206DCD3B57D3F138C9D33E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:01:d0:8f:80:32:01:64:e3:dd:5d:d6:57:67: ec:93:af:66:42:a1:d6:d5:c6:2c:10:42:38:e4:99: 00:b6:1b:d3:5a:59:b5:c1:a7:ca:1b:6a:24:cf:18: c1:81:49:e7:1b:5b:64:93:90:16:4f:fa:66:72:31: a1:0c:ee:6e:01:cb:cf:4a:86:03:1c:04:13:a8:8a: f4:76:6e:53:12:58:c9:d6:da:fe:fd:41:f8:87:e9: ee:66:70:2c:91:b0:d4:27:b9:fd:80:f1:6a:67:d8: 3f:23:bc:d1:16:d3:53:3c:e1:83:ad:fd:2a:cd:3b: 79:19:b1:e6:e9:bb:04:e8:c4:36:e3:7a:70:04:4a: b1:26:b2:39:b2:b9:57:37:f1:d5:25:7d:83:34:76: ee:31:cf:93:5e:45:e7:13:df:b2:be:5a:92:0d:76: a1:65:7e:b1:ae:00:5a:65:78:ec:d7:f1:20:59:72: f8:80:aa:f0:24:66:b9:3c:d9:53:dc:92:db:8d:db: 65:e7:0f:85:7c:fa:56:06:51:08:4e:f2:a3:2c:09: 2b:ff:f5:20:72:c8:a3:0f:4e:18:19:a5:0f:d2:11: 22:a4:17:86:05:a9:65:79:a3:7e:4a:ea:d7:78:a1: fc:df:c3:72:2c:0b:0e:6a:4b:04:f7:83:6e:82:5a: d2:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:B6:3A:A1:50:8B:6A:3D:92:06:DC:D3:B5:7D:3F:13:8C:9D:33:E6 X509v3 Authority Key Identifier: keyid:4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.111.0/24 Signature Algorithm: sha256WithRSAEncryption 07:b3:7d:8c:14:ab:64:64:30:42:9b:2d:1b:a3:e5:62:9c:94: d9:d8:ba:16:45:44:df:1d:3f:40:fb:61:08:30:28:4e:f6:16: 63:d3:31:12:09:a6:72:aa:9a:75:88:78:71:2f:ee:05:44:91: 5b:42:4f:e7:4b:74:0f:03:fe:55:7c:b6:c6:ae:a6:19:5f:6e: 7c:00:19:98:9d:d0:6b:53:8e:94:b3:fe:68:f3:13:03:53:f6: 63:6f:95:81:41:8d:50:54:34:33:af:36:6c:57:ef:b9:b2:96: 49:a4:f4:ca:6e:7c:32:3c:ba:c1:b7:1b:2f:59:c0:e8:06:5c: 09:5d:54:27:fe:eb:aa:ad:71:02:b0:62:d9:54:f4:20:19:83: e3:01:37:66:97:83:6b:ec:a1:30:d8:80:75:5d:1b:2d:a0:a5: 1c:88:9e:ac:cd:e6:e1:38:c5:71:23:77:f1:0d:34:58:0e:69: fa:01:b4:b4:00:10:a2:85:be:dc:e2:be:40:a5:26:f2:43:86: fd:96:91:2a:ab:8d:50:e2:89:fe:f5:51:f0:07:3e:f3:69:ce: 25:d3:f6:e0:4d:82:ff:17:82:24:55:48:4c:f8:61:1e:70:53: 34:8d:c2:a4:a1:e0:f8:c2:78:97:7b:a2:5e:50:33:d6:58:69: f1:5a:8e:a0 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUbaLX+o593371S3vF9edi8QdEvi0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3 RkMzODc4NzAeFw0yNDAzMDUwNzU1MDFaFw0yNTAzMDQwODAwMDFaMDMxMTAvBgNV BAMTKDk2QjYzQUExNTA4QjZBM0Q5MjA2RENEM0I1N0QzRjEzOEM5RDMzRTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGAdCPgDIBZOPdXdZXZ+yTr2ZC odbVxiwQQjjkmQC2G9NaWbXBp8obaiTPGMGBSecbW2STkBZP+mZyMaEM7m4By89K hgMcBBOoivR2blMSWMnW2v79QfiH6e5mcCyRsNQnuf2A8Wpn2D8jvNEW01M84YOt /SrNO3kZsebpuwToxDbjenAESrEmsjmyuVc38dUlfYM0du4xz5NeRecT37K+WpIN dqFlfrGuAFpleOzX8SBZcviAqvAkZrk82VPcktuN22XnD4V8+lYGUQhO8qMsCSv/ 9SByyKMPThgZpQ/SESKkF4YFqWV5o35K6td4ofzfw3IsCw5qSwT3g26CWtJBAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUlrY6oVCLaj2SBtzTtX0/E4ydM+YwHwYDVR0j BBgwFoAUS/HcwLzFsaS2vlJqdf8zOX/Dh4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ZDI1NDQxOS01M2JlLTRhZDQtYmY3Zi0yOWY4OTEyNTIzZDAvMC80QkYxRENDMEJD QzVCMUE0QjZCRTUyNkE3NUZGMzMzOTdGQzM4Nzg3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3RkMz ODc4Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMTMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzYzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xlvMA0GCSqG SIb3DQEBCwUAA4IBAQAHs32MFKtkZDBCmy0bo+VinJTZ2LoWRUTfHT9A+2EIMChO 9hZj0zESCaZyqpp1iHhxL+4FRJFbQk/nS3QPA/5VfLbGrqYZX258ABmYndBrU46U s/5o8xMDU/Zjb5WBQY1QVDQzrzZsV++5spZJpPTKbnwyPLrBtxsvWcDoBlwJXVQn /uuqrXECsGLZVPQgGYPjATdml4Nr7KEw2IB1XRstoKUciJ6szebhOMVxI3fxDTRY Dmn6AbS0ABCihb7c4r5ApSbyQ4b9lpEqq41Q4on+9VHwBz7zac4l0/bgTYL/F4Ik VUhM+GEecFM0jcKkoeD4wniXe6JeUDPWWGnxWo6g -----END CERTIFICATE-----Generated at Sat Apr 27 10:12:53 2024 by rpki-client on console-ams.rpki-client.org