$ rpki-client -vvf repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa File: 3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa (raw, json) Hash identifier: AbFWue/BYgWIXd6P8SIneA+XLbDHRHLP3X5Z1w+V3a8= Subject key identifier: F7:34:ED:18:63:9F:79:22:C5:6D:F7:73:AF:E8:BD:8E:92:7F:91:6E Certificate issuer: /CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Certificate serial: 178EB8D118F1C2506EBC1C33305EAFCE0FA10990 Authority key identifier: 41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa Signing time: Thu 21 Mar 2024 13:48:19 +0000 ROA not before: Thu 21 Mar 2024 13:43:19 +0000 ROA not after: Thu 20 Mar 2025 13:48:19 +0000 asID: 152426 IP address blocks: 157.20.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:8e:b8:d1:18:f1:c2:50:6e:bc:1c:33:30:5e:af:ce:0f:a1:09:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Validity Not Before: Mar 21 13:43:19 2024 GMT Not After : Mar 20 13:48:19 2025 GMT Subject: CN=F734ED18639F7922C56DF773AFE8BD8E927F916E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d0:c0:eb:7d:2c:1f:c1:bc:0d:f0:1b:04:7d: 6e:09:5e:fb:b5:4d:a7:e2:26:fd:54:28:9e:83:f8: 38:00:d1:9b:8d:48:a2:c0:45:f9:e3:15:17:8c:5c: 3b:0d:4d:37:68:46:c4:7c:10:76:cf:26:93:dc:13: c4:6e:6f:39:3e:45:49:ae:fb:76:ea:f6:4b:c2:ca: 5a:44:71:98:b8:96:1d:68:d0:fa:a7:78:32:e8:53: 43:67:70:15:cf:04:fb:03:8b:2a:7e:0c:86:2b:63: 29:16:50:d6:a8:35:b6:68:ea:6f:6d:eb:9f:c0:ad: 7b:e8:70:61:c8:ba:73:fb:01:85:64:39:7b:19:4f: 53:d5:c0:3d:e4:f8:a9:d4:0a:e4:a2:1c:ad:99:b9: 32:0f:61:2f:e5:75:0d:ea:41:a5:2c:12:10:2e:d5: f5:82:d3:3a:a4:3b:25:f5:1a:65:ba:91:9c:72:24: 00:77:a7:22:32:ae:67:1f:60:dc:7d:f9:3c:3d:1f: 9d:63:88:45:db:a1:f9:bf:eb:67:7e:5c:05:3c:2f: a7:4f:51:0a:d5:a4:4c:3a:0b:c7:1a:83:e6:96:e9: d0:58:28:cd:cf:03:eb:75:6b:1a:1f:fe:6f:9f:e9: da:6a:5d:e2:d7:a1:31:11:d6:12:c9:51:8b:1e:42: 5f:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:34:ED:18:63:9F:79:22:C5:6D:F7:73:AF:E8:BD:8E:92:7F:91:6E X509v3 Authority Key Identifier: keyid:41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.220.0/24 Signature Algorithm: sha256WithRSAEncryption 77:01:39:e8:2f:b3:95:4b:7f:b4:99:7a:a5:75:78:d8:a3:03: 70:06:8f:e5:ec:4f:b9:a9:04:97:0a:2d:c3:58:9b:05:67:09: 15:dc:56:2f:23:64:3f:80:cd:28:7b:da:08:dc:0d:63:92:91: a6:5e:b8:78:26:2a:84:c4:80:9f:e6:93:01:74:30:ef:ec:e7: 62:a7:4d:ca:d8:a9:3b:73:d6:26:c6:a4:62:54:09:8d:e9:d9: ba:47:e0:0d:34:e7:e3:9d:00:9e:72:89:41:9a:5a:c7:15:10: 4b:a3:f5:2c:4a:62:be:34:5c:2a:34:2d:55:e3:61:12:f9:73: 5d:47:4d:61:14:86:7d:9e:0e:62:69:da:f9:eb:62:04:92:b4: 5c:31:16:07:e7:87:2c:bd:91:7c:6d:8a:ee:a8:af:b6:9b:e0: 5a:73:2d:2f:67:f7:33:39:44:9b:08:b7:ab:dc:a0:b4:b8:64: 45:38:9a:b0:34:b9:80:28:5c:6f:8c:3e:f0:b0:ef:c0:a9:ea: 3a:e5:fc:4e:f4:1a:8e:c0:80:c7:a0:ca:f1:3c:88:cb:a7:f7: c6:cf:00:70:6b:c3:56:ab:99:8f:89:53:cd:ed:8a:fe:12:3c: a7:63:9a:95:c3:6c:17:48:00:10:96:f4:f8:77:40:e1:2e:c0: b9:4f:47:45 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUF4640RjxwlBuvBwzMF6vzg+hCZAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFB QzQ0MThENDAeFw0yNDAzMjExMzQzMTlaFw0yNTAzMjAxMzQ4MTlaMDMxMTAvBgNV BAMTKEY3MzRFRDE4NjM5Rjc5MjJDNTZERjc3M0FGRThCRDhFOTI3RjkxNkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC00MDrfSwfwbwN8BsEfW4JXvu1 TafiJv1UKJ6D+DgA0ZuNSKLARfnjFReMXDsNTTdoRsR8EHbPJpPcE8Rubzk+RUmu +3bq9kvCylpEcZi4lh1o0PqneDLoU0NncBXPBPsDiyp+DIYrYykWUNaoNbZo6m9t 65/ArXvocGHIunP7AYVkOXsZT1PVwD3k+KnUCuSiHK2ZuTIPYS/ldQ3qQaUsEhAu 1fWC0zqkOyX1GmW6kZxyJAB3pyIyrmcfYNx9+Tw9H51jiEXbofm/62d+XAU8L6dP UQrVpEw6C8cag+aW6dBYKM3PA+t1axof/m+f6dpqXeLXoTER1hLJUYseQl/dAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU9zTtGGOfeSLFbfdzr+i9jpJ/kW4wHwYDVR0j BBgwFoAUQaR5rWuXS1C5mg38viT/iqxEGNQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w ZWRkNGNjYi00MmUzLTRiNzItOTE5My1lOTE4ZTdiMzA2N2QvMC80MUE0NzlBRDZC OTc0QjUwQjk5QTBERkNCRTI0RkY4QUFDNDQxOEQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFBQzQ0 MThENC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlZGQ0Y2NiLTQyZTMtNGI3Mi05 MTkzLWU5MThlN2IzMDY3ZC8wLzMxMzUzNzJlMzIzMDJlMzIzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTcMA0GCSqG SIb3DQEBCwUAA4IBAQB3ATnoL7OVS3+0mXqldXjYowNwBo/l7E+5qQSXCi3DWJsF ZwkV3FYvI2Q/gM0oe9oI3A1jkpGmXrh4JiqExICf5pMBdDDv7Odip03K2Kk7c9Ym xqRiVAmN6dm6R+ANNOfjnQCecolBmlrHFRBLo/UsSmK+NFwqNC1V42ES+XNdR01h FIZ9ng5iadr562IEkrRcMRYH54csvZF8bYruqK+2m+Bacy0vZ/czOUSbCLer3KC0 uGRFOJqwNLmAKFxvjD7wsO/Aqeo65fxO9BqOwIDHoMrxPIjLp/fGzwBwa8NWq5mP iVPN7Yr+EjynY5qVw2wXSAAQlvT4d0DhLsC5T0dF -----END CERTIFICATE-----Generated at Thu Nov 21 07:38:02 2024 by rpki-client on console-ams.rpki-client.org