$ rpki-client -vvf repo-rpki.idnic.net/repo/074f214a-bf55-4048-845d-20675fb5f2a4/0/323430333a653338303a313030323a3a2f34382d3438203d3e20313334363337.roa File: 323430333a653338303a313030323a3a2f34382d3438203d3e20313334363337.roa (raw, json) Hash identifier: 2BQG0lP9Zs1EjExB89HW6Zq7y6r/wXETmMZ3S/1VixI= Subject key identifier: F9:41:4F:B7:87:B0:45:B4:CF:45:79:2C:C0:7D:67:3D:28:E3:31:2D Certificate issuer: /CN=027DBEC91021154263BB0CF1565833705023D987 Certificate serial: 25C18C299E7C9485633A891539F8BA4629825A6B Authority key identifier: 02:7D:BE:C9:10:21:15:42:63:BB:0C:F1:56:58:33:70:50:23:D9:87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/027DBEC91021154263BB0CF1565833705023D987.cer Subject info access: rsync://repo-rpki.idnic.net/repo/074f214a-bf55-4048-845d-20675fb5f2a4/0/323430333a653338303a313030323a3a2f34382d3438203d3e20313334363337.roa Signing time: Tue 21 Jan 2025 09:00:00 +0000 ROA not before: Tue 21 Jan 2025 08:55:00 +0000 ROA not after: Tue 20 Jan 2026 09:00:00 +0000 asID: 134637 IP address blocks: 2403:e380:1002::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/074f214a-bf55-4048-845d-20675fb5f2a4/0/027DBEC91021154263BB0CF1565833705023D987.crl rsync://repo-rpki.idnic.net/repo/074f214a-bf55-4048-845d-20675fb5f2a4/0/027DBEC91021154263BB0CF1565833705023D987.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/027DBEC91021154263BB0CF1565833705023D987.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 23:30:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:c1:8c:29:9e:7c:94:85:63:3a:89:15:39:f8:ba:46:29:82:5a:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=027DBEC91021154263BB0CF1565833705023D987 Validity Not Before: Jan 21 08:55:00 2025 GMT Not After : Jan 20 09:00:00 2026 GMT Subject: CN=F9414FB787B045B4CF45792CC07D673D28E3312D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:50:0c:b1:34:6e:8a:1e:53:82:3e:f0:58:81: da:af:d9:0b:ab:88:13:ef:89:01:46:4e:1c:41:71: cc:e6:eb:7a:d2:67:1b:a2:04:90:64:dc:d9:22:35: 8a:59:fb:68:24:ff:d3:60:12:e9:cd:6d:c1:4e:55: 64:9e:a6:22:50:be:ac:f4:69:6d:7e:81:30:3e:b2: 83:51:c5:72:43:17:71:b4:68:a0:b7:d6:96:b7:bd: 84:33:85:ef:ab:6b:9d:92:97:d0:4a:4f:e0:ba:85: a0:42:e8:ff:0e:47:92:00:f3:49:02:e7:cb:66:1c: 2a:f8:29:f3:68:a5:f0:f1:07:27:06:ea:d3:e1:7d: d2:f2:c2:5d:67:2c:2b:49:8c:c4:77:ba:11:a3:82: b8:3d:f5:eb:23:ed:70:b9:fd:fb:91:84:4a:ad:4c: 5f:7a:02:3e:36:f3:ef:61:c4:32:ab:14:c0:e2:a2: 99:6a:4b:28:91:32:69:ad:76:07:cb:59:3e:4c:54: 54:84:40:b6:06:64:74:32:55:3b:12:fd:0d:dc:3f: 82:73:b3:ea:dd:3a:87:57:ef:99:13:d2:e9:f9:9a: 65:ea:d1:de:f2:3c:e1:6c:8e:09:e9:92:82:86:89: ff:27:e1:a0:5a:da:f2:f8:a6:a7:d4:74:e6:e7:f7: fe:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:41:4F:B7:87:B0:45:B4:CF:45:79:2C:C0:7D:67:3D:28:E3:31:2D X509v3 Authority Key Identifier: keyid:02:7D:BE:C9:10:21:15:42:63:BB:0C:F1:56:58:33:70:50:23:D9:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/074f214a-bf55-4048-845d-20675fb5f2a4/0/027DBEC91021154263BB0CF1565833705023D987.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/027DBEC91021154263BB0CF1565833705023D987.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/074f214a-bf55-4048-845d-20675fb5f2a4/0/323430333a653338303a313030323a3a2f34382d3438203d3e20313334363337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:e380:1002::/48 Signature Algorithm: sha256WithRSAEncryption a6:4f:79:10:7a:8e:d5:1c:2c:5b:5c:74:5e:d8:95:a7:6a:ea: 27:52:96:74:a6:7c:98:27:b6:e7:f9:a4:0d:ef:c2:33:17:48: 3d:80:7a:ef:96:d2:be:0b:1c:b3:75:e2:8f:cc:83:17:c2:70: 0b:83:4e:3c:af:23:32:11:fc:60:8b:27:0c:13:f3:3d:26:e0: e0:a5:31:5e:0e:e0:58:06:27:17:95:6e:87:22:f4:85:c2:fd: f6:d5:82:f2:cb:3b:64:6d:31:9f:d4:99:91:cb:72:b1:70:17: 20:78:05:b6:f4:bb:4f:a5:43:cb:56:be:b9:26:bc:c1:3b:c2: 99:99:3b:3d:ae:6f:3d:95:fa:73:20:7c:6a:43:7d:98:35:53: 4a:dc:c9:fe:64:d1:43:bc:3d:ce:8c:05:19:3f:56:21:6b:31: 9a:34:91:fe:ed:a5:34:2e:fa:cd:a7:3b:be:23:0f:b5:f1:15: a0:d8:af:60:0e:1a:61:91:6e:39:15:00:c5:1c:9d:33:cc:96: 22:56:15:07:8c:e1:84:f6:16:4d:57:e4:03:46:a9:0d:a8:ab: fa:7d:ac:89:3c:77:74:97:71:21:ef:c2:87:e2:17:ab:a3:ca: 03:4b:34:85:09:31:f3:a4:f6:9c:65:31:c7:1d:f2:e3:21:7b: 9d:bc:ef:93 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUJcGMKZ58lIVjOokVOfi6RimCWmswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDI3REJFQzkxMDIxMTU0MjYzQkIwQ0YxNTY1ODMzNzA1 MDIzRDk4NzAeFw0yNTAxMjEwODU1MDBaFw0yNjAxMjAwOTAwMDBaMDMxMTAvBgNV BAMTKEY5NDE0RkI3ODdCMDQ1QjRDRjQ1NzkyQ0MwN0Q2NzNEMjhFMzMxMkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQUAyxNG6KHlOCPvBYgdqv2Qur iBPviQFGThxBcczm63rSZxuiBJBk3NkiNYpZ+2gk/9NgEunNbcFOVWSepiJQvqz0 aW1+gTA+soNRxXJDF3G0aKC31pa3vYQzhe+ra52Sl9BKT+C6haBC6P8OR5IA80kC 58tmHCr4KfNopfDxBycG6tPhfdLywl1nLCtJjMR3uhGjgrg99esj7XC5/fuRhEqt TF96Aj428+9hxDKrFMDioplqSyiRMmmtdgfLWT5MVFSEQLYGZHQyVTsS/Q3cP4Jz s+rdOodX75kT0un5mmXq0d7yPOFsjgnpkoKGif8n4aBa2vL4pqfUdObn9/7RAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQU+UFPt4ewRbTPRXkswH1nPSjjMS0wHwYDVR0j BBgwFoAUAn2+yRAhFUJjuwzxVlgzcFAj2YcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NzRmMjE0YS1iZjU1LTQwNDgtODQ1ZC0yMDY3NWZiNWYyYTQvMC8wMjdEQkVDOTEw MjExNTQyNjNCQjBDRjE1NjU4MzM3MDUwMjNEOTg3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMDI3REJFQzkxMDIxMTU0MjYzQkIwQ0YxNTY1ODMzNzA1MDIz RDk4Ny5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA3NGYyMTRhLWJmNTUtNDA0OC04 NDVkLTIwNjc1ZmI1ZjJhNC8wLzMyMzQzMDMzM2E2NTMzMzgzMDNhMzEzMDMwMzIz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzQzNjMzMzcucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk A+OAEAIwDQYJKoZIhvcNAQELBQADggEBAKZPeRB6jtUcLFtcdF7Yladq6idSlnSm fJgntuf5pA3vwjMXSD2Aeu+W0r4LHLN14o/MgxfCcAuDTjyvIzIR/GCLJwwT8z0m 4OClMV4O4FgGJxeVboci9IXC/fbVgvLLO2RtMZ/UmZHLcrFwFyB4Bbb0u0+lQ8tW vrkmvME7wpmZOz2ubz2V+nMgfGpDfZg1U0rcyf5k0UO8Pc6MBRk/ViFrMZo0kf7t pTQu+s2nO74jD7XxFaDYr2AOGmGRbjkVAMUcnTPMliJWFQeM4YT2Fk1X5ANGqQ2o q/p9rIk8d3SXcSHvwofiF6ujygNLNIUJMfOk9pxlMccd8uMhe52875M= -----END CERTIFICATE-----Generated at Sun Apr 6 17:56:38 2025 by rpki-client