$ rpki-client -vvf repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/3130332e3132312e3132332e302f32342d3234203d3e20313338303539.roa File: 3130332e3132312e3132332e302f32342d3234203d3e20313338303539.roa (raw, json) Hash identifier: Zl03XVx57nbxitWYw7MeSszUElsg5oZ5jVn5EskWk+g= Subject key identifier: C5:2F:BD:5D:12:C6:D8:8F:B0:6E:5E:4C:B9:B5:B6:2C:03:56:C3:4C Certificate issuer: /CN=B6847B928C30800282D7BA8E337482DFF4DEC8A5 Certificate serial: 3AE580CDFB1FE65C6ACD6A3564CD7D853EC23F79 Authority key identifier: B6:84:7B:92:8C:30:80:02:82:D7:BA:8E:33:74:82:DF:F4:DE:C8:A5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6847B928C30800282D7BA8E337482DFF4DEC8A5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/3130332e3132312e3132332e302f32342d3234203d3e20313338303539.roa Signing time: Mon 02 Jun 2025 02:05:00 +0000 ROA not before: Mon 02 Jun 2025 02:00:00 +0000 ROA not after: Mon 01 Jun 2026 02:05:00 +0000 asID: 138059 IP address blocks: 103.121.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/B6847B928C30800282D7BA8E337482DFF4DEC8A5.crl rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/B6847B928C30800282D7BA8E337482DFF4DEC8A5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6847B928C30800282D7BA8E337482DFF4DEC8A5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 19:27:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:e5:80:cd:fb:1f:e6:5c:6a:cd:6a:35:64:cd:7d:85:3e:c2:3f:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B6847B928C30800282D7BA8E337482DFF4DEC8A5 Validity Not Before: Jun 2 02:00:00 2025 GMT Not After : Jun 1 02:05:00 2026 GMT Subject: CN=C52FBD5D12C6D88FB06E5E4CB9B5B62C0356C34C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:96:a8:5b:b9:37:77:3e:21:fc:d7:99:bb:37: f2:0c:c9:42:16:0e:bd:ac:4e:84:5f:d8:38:7d:6a: ce:98:21:d0:43:70:49:98:17:75:9a:d1:04:3c:d9: 85:1d:6c:2a:ed:63:a6:3c:6f:d7:66:87:f9:df:8b: db:f6:a1:f6:4f:a3:1c:8f:5c:16:ab:ad:b6:7b:16: f0:81:43:15:0d:ec:5e:d2:38:cc:dc:2c:87:0a:11: 83:48:37:bf:e7:64:99:d8:22:f0:34:44:38:e5:9c: 56:cb:8a:16:49:fc:2c:3c:82:55:e7:d8:1f:84:b7: 06:24:88:42:28:30:f1:0a:74:b2:5f:48:06:c6:7d: 58:77:97:24:8b:02:e5:af:3b:b4:c7:f5:83:2f:ec: 99:1c:2c:fa:55:f9:fb:a1:fe:5d:19:4c:b7:7d:67: 98:11:29:11:86:7c:42:e6:a3:70:93:2e:23:ee:3b: 63:5b:10:8b:1a:f3:71:f4:3b:87:c0:ee:17:6f:b6: ee:ee:fc:1d:19:cb:81:95:ef:7e:69:1c:86:56:49: 34:1a:89:63:5c:5c:0a:e1:6b:44:71:c6:34:b8:ad: 2d:4e:3e:9e:99:ed:3a:10:63:76:b2:e7:9c:09:ca: 47:ec:23:11:24:1f:7f:c0:6b:c9:ce:6d:ca:37:41: 4e:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:2F:BD:5D:12:C6:D8:8F:B0:6E:5E:4C:B9:B5:B6:2C:03:56:C3:4C X509v3 Authority Key Identifier: keyid:B6:84:7B:92:8C:30:80:02:82:D7:BA:8E:33:74:82:DF:F4:DE:C8:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/B6847B928C30800282D7BA8E337482DFF4DEC8A5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6847B928C30800282D7BA8E337482DFF4DEC8A5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/3130332e3132312e3132332e302f32342d3234203d3e20313338303539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.121.123.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:49:6d:26:31:f9:c1:14:14:85:97:ca:1f:6b:b2:67:81:f1: ae:f9:46:d0:51:1f:64:8d:64:2d:db:a3:72:18:6f:74:48:53: cc:6a:05:2b:a2:64:98:24:57:b9:d8:d4:be:eb:94:44:5e:c4: 33:fd:f3:29:8b:85:e7:49:77:c7:d6:bb:e2:8f:8b:bc:4c:e2: 20:c9:56:08:13:3e:18:bf:93:f4:fe:c8:69:04:f9:22:ea:d3: 2e:69:1d:30:73:90:91:3f:e5:2e:39:40:32:77:44:2f:90:4b: 3c:a4:a6:4d:a9:4c:06:50:b7:35:bb:52:cd:a5:6b:16:c5:80: 7a:33:90:b2:61:ad:0e:80:20:56:d8:eb:24:09:bd:00:8a:1c: 47:71:be:d9:6d:b6:93:79:89:f7:59:fe:50:9a:15:a4:c1:62: 56:86:7f:e2:d4:97:c2:3b:4b:35:42:eb:55:18:38:3d:c1:50: 00:92:e5:ec:04:8f:7a:25:fc:e3:95:3a:52:3d:aa:10:71:73: 10:21:24:59:59:e0:52:75:ee:11:d1:af:58:c0:41:0b:f1:48: d7:bb:ad:cf:e0:a0:c3:a3:97:e6:20:b5:63:b5:4d:e9:0b:a8: ad:b8:10:56:ea:09:6a:37:48:02:a5:5b:3b:06:11:03:e4:cd: c5:e5:4e:f1 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUOuWAzfsf5lxqzWo1ZM19hT7CP3kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjY4NDdCOTI4QzMwODAwMjgyRDdCQThFMzM3NDgyREZG NERFQzhBNTAeFw0yNTA2MDIwMjAwMDBaFw0yNjA2MDEwMjA1MDBaMDMxMTAvBgNV BAMTKEM1MkZCRDVEMTJDNkQ4OEZCMDZFNUU0Q0I5QjVCNjJDMDM1NkMzNEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7lqhbuTd3PiH815m7N/IMyUIW Dr2sToRf2Dh9as6YIdBDcEmYF3Wa0QQ82YUdbCrtY6Y8b9dmh/nfi9v2ofZPoxyP XBarrbZ7FvCBQxUN7F7SOMzcLIcKEYNIN7/nZJnYIvA0RDjlnFbLihZJ/Cw8glXn 2B+EtwYkiEIoMPEKdLJfSAbGfVh3lySLAuWvO7TH9YMv7JkcLPpV+fuh/l0ZTLd9 Z5gRKRGGfELmo3CTLiPuO2NbEIsa83H0O4fA7hdvtu7u/B0Zy4GV735pHIZWSTQa iWNcXArha0RxxjS4rS1OPp6Z7ToQY3ay55wJykfsIxEkH3/Aa8nObco3QU5HAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUxS+9XRLG2I+wbl5MubW2LANWw0wwHwYDVR0j BBgwFoAUtoR7kowwgAKC17qOM3SC3/TeyKUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w N2RlZGVkMS1kMTRlLTQxMjMtYjVjOS1jOTNhNTk5N2ZjMzAvMC9CNjg0N0I5MjhD MzA4MDAyODJEN0JBOEUzMzc0ODJERkY0REVDOEE1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjY4NDdCOTI4QzMwODAwMjgyRDdCQThFMzM3NDgyREZGNERF QzhBNS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA3ZGVkZWQxLWQxNGUtNDEyMy1i NWM5LWM5M2E1OTk3ZmMzMC8wLzMxMzAzMzJlMzEzMjMxMmUzMTMyMzMyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzMDM1Mzkucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABneXswDQYJ KoZIhvcNAQELBQADggEBAD9JbSYx+cEUFIWXyh9rsmeB8a75RtBRH2SNZC3bo3IY b3RIU8xqBSuiZJgkV7nY1L7rlERexDP98ymLhedJd8fWu+KPi7xM4iDJVggTPhi/ k/T+yGkE+SLq0y5pHTBzkJE/5S45QDJ3RC+QSzykpk2pTAZQtzW7Us2laxbFgHoz kLJhrQ6AIFbY6yQJvQCKHEdxvtlttpN5ifdZ/lCaFaTBYlaGf+LUl8I7SzVC61UY OD3BUACS5ewEj3ol/OOVOlI9qhBxcxAhJFlZ4FJ17hHRr1jAQQvxSNe7rc/goMOj l+YgtWO1TekLqK24EFbqCWo3SAKlWzsGEQPkzcXlTvE= -----END CERTIFICATE-----Generated at Sat Jun 7 13:56:32 2025 by rpki-client