$ rpki-client -vvf ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133362e302f32322d3234203d3e203136353039.roa File: 32332e3234372e3133362e302f32322d3234203d3e203136353039.roa (raw, json) Hash identifier: XbV+xSyJ8QgIE2faGabXRkQYbfAgxD+SersAbeJZcs8= Subject key identifier: 1C:EA:69:23:69:EE:50:44:16:01:57:0D:C9:38:D5:50:CD:47:53:9C Certificate issuer: /CN=5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18 Certificate serial: 21563595E998D34B820EF2220DAF3DC70275EF22 Authority key identifier: 16:25:7C:19:66:8C:67:13:C4:01:2B:10:1E:64:62:66:CD:77:B5:0D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer Subject info access: rsync://ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133362e302f32322d3234203d3e203136353039.roa Signing time: Mon 18 May 2026 09:21:33 +0000 ROA not before: Mon 18 May 2026 09:16:33 +0000 ROA not after: Mon 17 May 2027 09:21:33 +0000 asID: 16509 IP address blocks: 23.247.136.0/22 maxlen: 24 Validation: OK Signature path: rsync://ca.nat.moe/repo/NATOLAB/2/16257C19668C6713C4012B101E646266CD77B50D.crl rsync://ca.nat.moe/repo/NATOLAB/2/16257C19668C6713C4012B101E646266CD77B50D.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/04c12c6c-ab0e-4d03-b9c8-6c3592368c77.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/04c12c6c-ab0e-4d03-b9c8-6c3592368c77.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 07 Jun 2026 08:05:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:56:35:95:e9:98:d3:4b:82:0e:f2:22:0d:af:3d:c7:02:75:ef:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18 Validity Not Before: May 18 09:16:33 2026 GMT Not After : May 17 09:21:33 2027 GMT Subject: CN=1CEA692369EE50441601570DC938D550CD47539C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:04:9a:f9:af:3c:3a:f3:be:5f:0e:90:9e:97: f9:a9:b2:75:64:18:bf:fc:48:3d:90:71:e0:23:71: e7:db:fd:aa:fa:e7:ae:f0:28:9c:72:b1:5a:e9:51: bf:ae:30:d7:59:4c:b7:30:f8:6f:9f:79:da:83:58: b5:29:5d:c1:92:67:c9:36:3d:23:95:2e:e3:76:e6: 44:63:7b:a7:60:3b:7f:1e:74:c6:ff:d9:87:13:0c: 9d:ef:c9:b1:69:0d:1b:ea:c5:1d:45:78:db:d9:7f: b4:57:2f:82:ac:16:04:73:47:d8:31:0c:e1:91:a6: c0:8f:87:97:e7:5c:fe:03:cf:ac:9c:61:d7:62:00: e5:94:2e:77:f5:24:7f:f1:62:60:b0:e6:63:21:b3: 99:5e:b9:e7:7b:85:aa:e7:9d:3b:55:fa:4c:a4:c0: 3b:e5:ea:3f:3a:a8:1f:27:26:ed:e6:b2:75:92:d7: 14:bf:58:9a:eb:55:58:33:7e:fb:3d:23:f1:ec:dd: 44:3f:c2:ec:1d:c0:59:7a:f2:ec:b1:88:d5:dc:d2: e4:45:cd:62:36:07:db:c2:c9:16:1d:57:ac:14:02: 71:6c:5d:9c:5e:3d:0e:3b:2c:2f:40:a1:b7:54:24: 9e:e3:15:bb:1c:75:7e:e4:93:67:1d:9a:e6:b0:d5: 98:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:EA:69:23:69:EE:50:44:16:01:57:0D:C9:38:D5:50:CD:47:53:9C X509v3 Authority Key Identifier: keyid:16:25:7C:19:66:8C:67:13:C4:01:2B:10:1E:64:62:66:CD:77:B5:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://ca.nat.moe/repo/NATOLAB/2/16257C19668C6713C4012B101E646266CD77B50D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer Subject Information Access: Signed Object - URI:rsync://ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133362e302f32322d3234203d3e203136353039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.247.136.0/22 Signature Algorithm: sha256WithRSAEncryption aa:ec:01:11:09:20:5d:7e:e3:61:91:06:dc:65:18:9e:a1:66: bb:29:c4:cc:38:d8:b1:5f:35:66:da:a3:ee:dc:80:db:a3:2e: 49:2d:d6:53:91:14:49:25:42:33:42:c5:69:6b:43:c4:cb:8b: 2b:1c:69:fa:81:25:19:34:04:ce:45:1d:a5:7c:7c:eb:31:31: 99:79:3c:db:bc:ac:0b:9d:0b:9f:1e:02:55:3a:38:b2:e1:42: aa:93:56:5e:8d:70:d6:70:97:5a:e5:6a:b3:77:e0:8a:6d:a7: 85:79:b9:bf:bb:8d:e0:50:26:55:9c:c2:b4:4e:19:12:15:07: a8:60:1d:96:a7:ce:8c:c0:98:21:37:b3:26:47:a7:0d:31:a7: 78:11:f9:2d:ea:b7:88:fa:9d:f9:7a:69:30:23:50:12:87:b9: 71:05:3a:8d:e7:60:15:c5:89:e1:d6:f2:d8:da:52:87:d8:76: b4:bd:34:b2:77:18:e0:49:c1:2c:ae:2f:d0:ff:4a:b3:e8:c4: c8:07:e2:5a:39:de:0d:13:73:94:9a:3c:74:a6:85:5e:81:89: f4:30:fe:8d:9d:48:1e:1d:b1:04:b2:19:20:d7:a4:6f:99:b1: 92:7c:37:35:c7:18:d0:aa:64:57:85:68:dd:ed:12:88:f7:8c: f2:5b:0a:f0 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIVY1lemY00uCDvIiDa89xwJ17yIwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNTA5M2NiYjQ2ZjY5OTAxYzExOWEyYmUxMDgzZGYyYWEy YjQzM2JiYTNmOTYwZmJjMTgwHhcNMjYwNTE4MDkxNjMzWhcNMjcwNTE3MDkyMTMz WjAzMTEwLwYDVQQDEygxQ0VBNjkyMzY5RUU1MDQ0MTYwMTU3MERDOTM4RDU1MENE NDc1MzlDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygSa+a88OvO+ Xw6Qnpf5qbJ1ZBi//Eg9kHHgI3Hn2/2q+ueu8CiccrFa6VG/rjDXWUy3MPhvn3na g1i1KV3BkmfJNj0jlS7jduZEY3unYDt/HnTG/9mHEwyd78mxaQ0b6sUdRXjb2X+0 Vy+CrBYEc0fYMQzhkabAj4eX51z+A8+snGHXYgDllC539SR/8WJgsOZjIbOZXrnn e4Wq5507VfpMpMA75eo/OqgfJybt5rJ1ktcUv1ia61VYM377PSPx7N1EP8LsHcBZ evLssYjV3NLkRc1iNgfbwskWHVesFAJxbF2cXj0OOywvQKG3VCSe4xW7HHV+5JNn HZrmsNWYIwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFBzqaSNp7lBEFgFXDck41VDN R1OcMB8GA1UdIwQYMBaAFBYlfBlmjGcTxAErEB5kYmbNd7UNMA4GA1UdDwEB/wQE AwIHgDBfBgNVHR8EWDBWMFSgUqBQhk5yc3luYzovL2NhLm5hdC5tb2UvcmVwby9O QVRPTEFCLzIvMTYyNTdDMTk2NjhDNjcxM0M0MDEyQjEwMUU2NDYyNjZDRDc3QjUw RC5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8v cnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1l ODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3Yy00MzM5LWEy ZjMtNjI5OWEzYjAyZTI5LzA0YzEyYzZjLWFiMGUtNGQwMy1iOWM4LTZjMzU5MjM2 OGM3Ny81MDkzY2JiNDZmNjk5MDFjMTE5YTJiZTEwODNkZjJhYTJiNDMzYmJhM2Y5 NjBmYmMxOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzov L2NhLm5hdC5tb2UvcmVwby9OQVRPTEFCLzIvMzIzMzJlMzIzNDM3MmUzMTMzMzYy ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCF/eI MA0GCSqGSIb3DQEBCwUAA4IBAQCq7AERCSBdfuNhkQbcZRieoWa7KcTMONixXzVm 2qPu3IDboy5JLdZTkRRJJUIzQsVpa0PEy4srHGn6gSUZNATORR2lfHzrMTGZeTzb vKwLnQufHgJVOjiy4UKqk1ZejXDWcJda5Wqzd+CKbaeFebm/u43gUCZVnMK0ThkS FQeoYB2Wp86MwJghN7MmR6cNMad4Efkt6reI+p35emkwI1ASh7lxBTqN52AVxYnh 1vLY2lKH2Ha0vTSydxjgScEsri/Q/0qz6MTIB+JaOd4NE3OUmjx0poVegYn0MP6N nUgeHbEEshkg16RvmbGSfDc1xxjQqmRXhWjd7RKI94zyWwrw -----END CERTIFICATE-----Generated at Sat Jun 6 08:15:46 2026 by rpki-client