$ rpki-client -vvf repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32332d3233203d3e20313532343236.roa File: 3135372e32302e3232302e302f32332d3233203d3e20313532343236.roa (raw, json) Hash identifier: dEP/NYxkSWrofSp9FjUF1UULkvgWkwTtnjo7ldEjW28= Subject key identifier: 7F:09:C6:A1:59:34:3C:C8:1C:8A:DF:D8:4D:40:17:4D:28:BB:A8:0F Certificate issuer: /CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Certificate serial: 23360D1EBF9A7BB9B120300082AA75486CCF3CCC Authority key identifier: 41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32332d3233203d3e20313532343236.roa Signing time: Thu 20 Feb 2025 14:00:01 +0000 ROA not before: Thu 20 Feb 2025 13:55:01 +0000 ROA not after: Thu 19 Feb 2026 14:00:01 +0000 asID: 152426 IP address blocks: 157.20.220.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 00:29:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:36:0d:1e:bf:9a:7b:b9:b1:20:30:00:82:aa:75:48:6c:cf:3c:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Validity Not Before: Feb 20 13:55:01 2025 GMT Not After : Feb 19 14:00:01 2026 GMT Subject: CN=7F09C6A159343CC81C8ADFD84D40174D28BBA80F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7f:ab:9e:a9:b8:04:3d:2a:83:fd:5b:2a:e1: 27:f2:65:15:f9:7d:78:ac:41:79:74:77:51:25:d7: 5b:49:d3:89:51:74:3b:62:52:26:51:d6:36:c2:01: 3b:ab:91:58:ad:ba:f9:40:a3:e5:d0:99:31:ea:16: af:bd:fd:92:2c:1a:a3:19:1a:7a:8f:b9:02:2b:68: 78:7f:5b:54:32:16:0c:a7:14:cf:2f:2f:e2:01:24: ed:10:fa:69:11:f1:6d:cc:3e:7a:1a:b9:30:51:b7: 85:7c:56:34:11:db:19:5f:7c:6a:79:cb:f2:c8:70: 14:08:37:80:0e:3a:8f:b0:fe:27:e5:21:81:4b:19: 66:9d:ad:c8:c3:8b:14:1b:13:41:3a:96:dd:c8:1a: c6:24:53:c8:83:33:b7:50:22:76:79:08:a2:d2:8f: 03:5d:a6:3f:70:c3:ca:cf:23:9b:f0:6b:79:81:28: 8a:10:38:b9:9b:d2:c8:2d:6b:71:dc:ba:a0:4f:bf: c6:2d:73:a7:da:14:15:ce:7d:39:7c:c8:4c:90:1f: 7c:0b:cb:92:c3:69:3d:e7:88:7a:ac:70:40:53:f1: 4e:a1:af:40:b0:46:09:27:cc:cb:c7:dd:01:12:7a: 09:4d:f8:72:c5:cb:47:fd:55:57:e8:13:38:78:2b: 7f:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:09:C6:A1:59:34:3C:C8:1C:8A:DF:D8:4D:40:17:4D:28:BB:A8:0F X509v3 Authority Key Identifier: keyid:41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32332d3233203d3e20313532343236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.220.0/23 Signature Algorithm: sha256WithRSAEncryption 44:39:71:62:30:d2:7b:27:ee:a2:ee:af:86:e7:36:bc:d7:d2: 16:94:8e:21:91:0e:b5:c3:fc:58:ba:32:b6:52:3e:21:be:c8: 51:a9:07:8a:fd:71:83:30:d4:5a:72:bf:e1:a9:9f:4d:24:f0: 7b:42:96:85:8a:b9:81:cf:98:2e:0c:11:11:64:53:c3:6f:77: b8:53:c2:2d:a2:6c:b4:28:70:6b:60:a8:d3:ae:63:e5:07:e6: 93:bb:77:8c:91:d6:e8:e4:95:38:97:c0:8e:b4:28:00:0b:5e: b3:0b:3d:50:9e:c5:bb:a5:71:3c:96:c0:8d:11:66:de:14:7c: a8:2e:d0:e6:2a:0f:e2:2c:47:a2:7a:c0:8d:7e:9f:b1:8b:c4: 1f:bd:c0:f9:f2:95:f5:8b:ce:f2:f0:67:d6:33:53:b8:68:8d: bd:42:bd:34:a2:49:e7:38:5a:3c:14:e6:63:44:a7:aa:63:07: f5:c2:41:26:93:cd:7c:61:46:50:df:08:b5:a9:73:eb:46:dd: dc:ed:bd:70:fc:18:6e:c2:e6:97:7e:95:b3:33:06:61:29:7d: 5f:5c:20:fb:83:ad:64:33:5c:fa:28:30:35:06:34:03:c4:90: 56:6e:62:ba:f9:d2:74:5d:d2:b7:ac:23:b1:e4:11:ed:e3:b4: ea:8c:ef:f1 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUIzYNHr+ae7mxIDAAgqp1SGzPPMwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFB QzQ0MThENDAeFw0yNTAyMjAxMzU1MDFaFw0yNjAyMTkxNDAwMDFaMDMxMTAvBgNV BAMTKDdGMDlDNkExNTkzNDNDQzgxQzhBREZEODRENDAxNzREMjhCQkE4MEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGf6ueqbgEPSqD/Vsq4SfyZRX5 fXisQXl0d1El11tJ04lRdDtiUiZR1jbCATurkVituvlAo+XQmTHqFq+9/ZIsGqMZ GnqPuQIraHh/W1QyFgynFM8vL+IBJO0Q+mkR8W3MPnoauTBRt4V8VjQR2xlffGp5 y/LIcBQIN4AOOo+w/iflIYFLGWadrcjDixQbE0E6lt3IGsYkU8iDM7dQInZ5CKLS jwNdpj9ww8rPI5vwa3mBKIoQOLmb0sgta3HcuqBPv8Ytc6faFBXOfTl8yEyQH3wL y5LDaT3niHqscEBT8U6hr0CwRgknzMvH3QESeglN+HLFy0f9VVfoEzh4K3+7AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUfwnGoVk0PMgcit/YTUAXTSi7qA8wHwYDVR0j BBgwFoAUQaR5rWuXS1C5mg38viT/iqxEGNQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w ZWRkNGNjYi00MmUzLTRiNzItOTE5My1lOTE4ZTdiMzA2N2QvMC80MUE0NzlBRDZC OTc0QjUwQjk5QTBERkNCRTI0RkY4QUFDNDQxOEQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFBQzQ0 MThENC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlZGQ0Y2NiLTQyZTMtNGI3Mi05 MTkzLWU5MThlN2IzMDY3ZC8wLzMxMzUzNzJlMzIzMDJlMzIzMjMwMmUzMDJmMzIz MzJkMzIzMzIwM2QzZTIwMzEzNTMyMzQzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRTcMA0GCSqG SIb3DQEBCwUAA4IBAQBEOXFiMNJ7J+6i7q+G5za819IWlI4hkQ61w/xYujK2Uj4h vshRqQeK/XGDMNRacr/hqZ9NJPB7QpaFirmBz5guDBERZFPDb3e4U8Itomy0KHBr YKjTrmPlB+aTu3eMkdbo5JU4l8COtCgAC16zCz1QnsW7pXE8lsCNEWbeFHyoLtDm Kg/iLEeiesCNfp+xi8QfvcD58pX1i87y8GfWM1O4aI29Qr00oknnOFo8FOZjRKeq Ywf1wkEmk818YUZQ3wi1qXPrRt3c7b1w/BhuwuaXfpWzMwZhKX1fXCD7g61kM1z6 KDA1BjQDxJBWbmK6+dJ0XdK3rCOx5BHt47TqjO/x -----END CERTIFICATE-----Generated at Sun Apr 6 11:47:14 2025 by rpki-client