$ rpki-client -vvf repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/3135372e32302e3235322e302f32342d3234203d3e20313338303839.roa File: 3135372e32302e3235322e302f32342d3234203d3e20313338303839.roa (raw, json) Hash identifier: kNnDpqMg+O4Z2WqvzwojI8M7Ug+jBTmc0Ln78wdTfEc= Subject key identifier: 3A:D5:BC:52:A7:35:13:19:43:F6:2D:FF:D0:E1:44:54:F1:87:B3:E1 Certificate issuer: /CN=04D3D2E060243AD917D4F682922E4A805EDE3300 Certificate serial: 72997F78BBB9F7281DD8F09112310BE4EC9D7B87 Authority key identifier: 04:D3:D2:E0:60:24:3A:D9:17:D4:F6:82:92:2E:4A:80:5E:DE:33:00 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/04D3D2E060243AD917D4F682922E4A805EDE3300.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/3135372e32302e3235322e302f32342d3234203d3e20313338303839.roa Signing time: Fri 11 Oct 2024 04:18:09 +0000 ROA not before: Fri 11 Oct 2024 04:13:09 +0000 ROA not after: Fri 10 Oct 2025 04:18:09 +0000 asID: 138089 IP address blocks: 157.20.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/04D3D2E060243AD917D4F682922E4A805EDE3300.crl rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/04D3D2E060243AD917D4F682922E4A805EDE3300.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/04D3D2E060243AD917D4F682922E4A805EDE3300.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:99:7f:78:bb:b9:f7:28:1d:d8:f0:91:12:31:0b:e4:ec:9d:7b:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04D3D2E060243AD917D4F682922E4A805EDE3300 Validity Not Before: Oct 11 04:13:09 2024 GMT Not After : Oct 10 04:18:09 2025 GMT Subject: CN=3AD5BC52A735131943F62DFFD0E14454F187B3E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:70:44:99:e0:37:25:54:b0:2b:60:db:5d:80: e8:68:94:d8:28:88:01:f1:cc:33:21:9a:12:e1:68: 7c:a5:b4:a3:13:fd:55:9c:d0:00:a6:62:da:1e:60: 94:64:29:51:76:41:fe:5c:bb:e0:53:19:bd:f1:bc: 66:a7:42:37:60:f1:24:17:ee:7c:fd:da:d6:f6:ca: 48:4d:4a:b6:25:8d:ef:67:47:93:db:ba:fa:30:78: d9:c3:b3:fa:13:f4:1f:73:51:57:ad:c5:03:37:5c: 17:ab:d9:e2:d9:f1:9f:4e:b7:98:18:04:75:d7:ff: 68:3f:fd:e7:44:b0:c3:69:7c:b3:7b:2a:4a:bb:f8: b3:bf:f3:19:65:aa:05:4b:a9:b4:4c:ad:62:50:e8: d3:fc:c4:9e:d0:9e:d6:91:72:f7:f9:85:7c:61:11: fd:b0:8e:8f:df:e0:4f:12:43:12:73:10:55:7c:d1: 9a:c8:0c:e1:89:e8:dd:f4:7a:85:ba:c3:6b:27:1f: 1a:ce:9b:54:a1:76:66:cb:1b:42:e2:90:34:ff:cf: 2d:1b:a6:50:6b:fa:be:08:44:2d:59:93:b3:1c:03: 9d:87:df:c9:35:fb:ee:83:84:d5:ed:3b:70:bf:6d: 84:1e:94:42:b2:c0:f4:15:81:c5:b7:95:fc:5d:e4: eb:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:D5:BC:52:A7:35:13:19:43:F6:2D:FF:D0:E1:44:54:F1:87:B3:E1 X509v3 Authority Key Identifier: keyid:04:D3:D2:E0:60:24:3A:D9:17:D4:F6:82:92:2E:4A:80:5E:DE:33:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/04D3D2E060243AD917D4F682922E4A805EDE3300.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/04D3D2E060243AD917D4F682922E4A805EDE3300.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/3135372e32302e3235322e302f32342d3234203d3e20313338303839.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.252.0/24 Signature Algorithm: sha256WithRSAEncryption 05:39:e1:4f:27:cb:f0:6a:8a:4d:f5:0e:7f:1d:c8:a3:79:c8: 35:16:ee:24:43:fd:fa:0d:38:17:84:70:3d:59:72:b0:96:56: e5:73:c4:08:04:e0:37:14:45:40:b8:c1:01:e2:22:49:7b:80: 06:f2:e0:67:03:1e:e8:e5:29:1d:81:c4:b0:92:21:b8:7a:a6: d6:29:ee:f1:58:d3:ee:8b:af:43:29:1a:cc:d8:bd:36:92:ee: ae:10:8a:35:c6:07:a2:40:b5:1a:6a:eb:35:6b:e3:20:21:4a: 19:f7:f8:a7:45:94:33:c1:80:34:a0:e2:56:a8:48:77:6d:b9: 95:bf:11:9b:53:7c:cc:34:1b:11:05:29:bc:76:87:0a:7e:70: b1:6f:e0:98:b4:0b:fc:83:9d:43:da:a8:e2:6a:2f:9c:28:14: 37:c4:db:e6:ad:88:dd:0a:6b:9e:67:b2:99:cf:66:8e:01:5b: 19:36:a8:ed:8f:95:1e:81:f5:ff:c1:de:82:48:fd:90:cc:76: 1f:5d:db:34:87:b3:44:ce:22:e3:c7:cf:b8:8d:4b:49:65:48: 02:1d:49:d7:6e:c4:25:89:8a:85:90:39:ab:0f:a4:50:c3:f0: e3:1a:5d:02:f5:d0:6f:54:1b:88:38:a7:0d:72:bb:72:0c:4a: bc:af:17:6d -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUcpl/eLu59ygd2PCREjEL5Oyde4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDREM0QyRTA2MDI0M0FEOTE3RDRGNjgyOTIyRTRBODA1 RURFMzMwMDAeFw0yNDEwMTEwNDEzMDlaFw0yNTEwMTAwNDE4MDlaMDMxMTAvBgNV BAMTKDNBRDVCQzUyQTczNTEzMTk0M0Y2MkRGRkQwRTE0NDU0RjE4N0IzRTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAcESZ4DclVLArYNtdgOholNgo iAHxzDMhmhLhaHyltKMT/VWc0ACmYtoeYJRkKVF2Qf5cu+BTGb3xvGanQjdg8SQX 7nz92tb2ykhNSrYlje9nR5PbuvoweNnDs/oT9B9zUVetxQM3XBer2eLZ8Z9Ot5gY BHXX/2g//edEsMNpfLN7Kkq7+LO/8xllqgVLqbRMrWJQ6NP8xJ7QntaRcvf5hXxh Ef2wjo/f4E8SQxJzEFV80ZrIDOGJ6N30eoW6w2snHxrOm1ShdmbLG0LikDT/zy0b plBr+r4IRC1Zk7McA52H38k1++6DhNXtO3C/bYQelEKywPQVgcW3lfxd5OslAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUOtW8Uqc1ExlD9i3/0OFEVPGHs+EwHwYDVR0j BBgwFoAUBNPS4GAkOtkX1PaCki5KgF7eMwAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w ZThkNThhOC1lMTk3LTQxNzktYjczYy02MDhlMDQ3ZDA5YTMvMC8wNEQzRDJFMDYw MjQzQUQ5MTdENEY2ODI5MjJFNEE4MDVFREUzMzAwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMDREM0QyRTA2MDI0M0FEOTE3RDRGNjgyOTIyRTRBODA1RURF MzMwMC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlOGQ1OGE4LWUxOTctNDE3OS1i NzNjLTYwOGUwNDdkMDlhMy8wLzMxMzUzNzJlMzIzMDJlMzIzNTMyMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT8MA0GCSqG SIb3DQEBCwUAA4IBAQAFOeFPJ8vwaopN9Q5/Hcijecg1Fu4kQ/36DTgXhHA9WXKw llblc8QIBOA3FEVAuMEB4iJJe4AG8uBnAx7o5SkdgcSwkiG4eqbWKe7xWNPui69D KRrM2L02ku6uEIo1xgeiQLUaaus1a+MgIUoZ9/inRZQzwYA0oOJWqEh3bbmVvxGb U3zMNBsRBSm8docKfnCxb+CYtAv8g51D2qjiai+cKBQ3xNvmrYjdCmueZ7KZz2aO AVsZNqjtj5UegfX/wd6CSP2QzHYfXds0h7NEziLjx8+4jUtJZUgCHUnXbsQliYqF kDmrD6RQw/DjGl0C9dBvVBuIOKcNcrtyDEq8rxdt -----END CERTIFICATE-----Generated at Wed Nov 20 18:41:49 2024 by rpki-client on console-fra.rpki-client.org