$ rpki-client -vvf repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa File: 3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa (raw, json) Hash identifier: le1R9LsAJppqPYkVWs7sPDuE078rrP2+t7Tv4zWW31I= Subject key identifier: DD:4C:8C:EB:75:28:B7:A5:DF:05:32:21:68:F3:26:54:CA:45:4D:F3 Certificate issuer: /CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Certificate serial: 17060CD8DFA2DCDE14459EFFA4B696881B1B13DD Authority key identifier: 41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa Signing time: Thu 20 Feb 2025 14:00:01 +0000 ROA not before: Thu 20 Feb 2025 13:55:01 +0000 ROA not after: Thu 19 Feb 2026 14:00:01 +0000 asID: 152426 IP address blocks: 157.20.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 04:23:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:06:0c:d8:df:a2:dc:de:14:45:9e:ff:a4:b6:96:88:1b:1b:13:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Validity Not Before: Feb 20 13:55:01 2025 GMT Not After : Feb 19 14:00:01 2026 GMT Subject: CN=DD4C8CEB7528B7A5DF05322168F32654CA454DF3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:62:b8:83:09:a5:ec:53:ec:24:a0:fc:e5:f9: 42:5c:dc:99:87:77:6f:28:ac:af:b4:48:14:b9:0d: a2:fd:00:9a:13:34:ea:30:1a:e6:d4:a6:62:1a:57: 90:5f:21:ab:2e:52:8e:36:6a:85:da:1a:35:67:3e: d2:95:11:24:0e:3a:7e:00:7b:c6:ea:3c:75:a6:99: 09:f6:f2:0c:20:54:29:4b:e5:2c:e2:76:69:d4:34: e4:7f:fd:86:31:8a:d3:46:e6:c3:e2:d2:a4:9e:56: 02:db:e7:02:44:f7:46:0b:80:0e:e8:51:b1:f9:03: b9:cf:48:d6:34:af:be:4e:0d:1e:22:a1:ef:c9:6c: a1:3e:06:85:d7:77:27:5a:bd:75:b6:bc:d0:1e:88: 93:ac:dd:0e:3c:17:20:93:f9:d1:ad:9d:ce:cd:19: 24:47:78:2e:42:8d:83:c5:b2:04:9d:dd:de:e5:23: 00:dd:b8:b6:1a:55:2c:a8:3a:9f:45:b9:b2:74:f2: 8c:4c:30:f9:ef:17:1d:fa:51:6c:ee:38:b2:55:cc: fc:ee:a4:8e:4b:04:2a:d2:cf:9f:b5:00:9c:68:25: cd:9b:2e:14:c8:83:1b:11:fd:fe:cb:cd:b4:5c:a7: dd:84:86:43:5f:9d:43:6a:0c:bb:84:92:f8:6f:3e: 97:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:4C:8C:EB:75:28:B7:A5:DF:05:32:21:68:F3:26:54:CA:45:4D:F3 X509v3 Authority Key Identifier: keyid:41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.220.0/24 Signature Algorithm: sha256WithRSAEncryption 6a:9a:72:ac:25:97:3f:e7:e3:a9:a7:64:35:dd:86:ba:a0:19: 07:38:81:6d:68:fe:62:17:3c:cb:bb:bd:74:96:fd:18:67:72: ef:65:f5:7e:16:89:fb:23:c7:2a:00:3d:50:28:e9:a5:50:d3: 66:54:11:50:ef:f2:47:c8:09:18:2c:7d:5c:c6:8c:28:89:c9: eb:66:34:ff:8a:78:a0:b7:36:f7:c6:e3:b9:4e:d3:37:1b:2e: b4:fb:8d:28:6c:b5:f8:02:04:ef:05:2c:ef:e3:cd:6f:98:7f: 5a:94:a2:b7:d0:f0:6d:8c:af:3c:73:bd:d7:84:91:fe:dd:b6: 8f:a0:13:ae:3c:e8:51:23:2a:59:ba:e5:b4:45:59:36:6e:08: 87:63:19:ba:48:23:39:de:2e:cb:62:5a:aa:13:47:9e:75:59: 4a:a0:c4:19:4f:6f:76:ad:05:e1:00:04:63:1b:b2:4a:42:61: 13:f0:b7:7c:f2:b4:93:89:86:7f:27:39:97:42:10:d3:d1:82: 95:bb:5d:22:46:d9:51:08:35:90:e9:8b:2d:72:05:52:f7:6f: 59:26:54:8e:2b:26:6a:7e:11:bc:e8:75:0a:f7:46:d4:f6:4e: 3c:e5:4e:74:2e:ad:9a:bd:03:40:90:30:8c:68:f7:f4:1a:ad: 85:a1:5a:6a -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUFwYM2N+i3N4URZ7/pLaWiBsbE90wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFB QzQ0MThENDAeFw0yNTAyMjAxMzU1MDFaFw0yNjAyMTkxNDAwMDFaMDMxMTAvBgNV BAMTKERENEM4Q0VCNzUyOEI3QTVERjA1MzIyMTY4RjMyNjU0Q0E0NTRERjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYYriDCaXsU+wkoPzl+UJc3JmH d28orK+0SBS5DaL9AJoTNOowGubUpmIaV5BfIasuUo42aoXaGjVnPtKVESQOOn4A e8bqPHWmmQn28gwgVClL5SzidmnUNOR//YYxitNG5sPi0qSeVgLb5wJE90YLgA7o UbH5A7nPSNY0r75ODR4ioe/JbKE+BoXXdydavXW2vNAeiJOs3Q48FyCT+dGtnc7N GSRHeC5CjYPFsgSd3d7lIwDduLYaVSyoOp9FubJ08oxMMPnvFx36UWzuOLJVzPzu pI5LBCrSz5+1AJxoJc2bLhTIgxsR/f7LzbRcp92EhkNfnUNqDLuEkvhvPpdbAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU3UyM63Uot6XfBTIhaPMmVMpFTfMwHwYDVR0j BBgwFoAUQaR5rWuXS1C5mg38viT/iqxEGNQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w ZWRkNGNjYi00MmUzLTRiNzItOTE5My1lOTE4ZTdiMzA2N2QvMC80MUE0NzlBRDZC OTc0QjUwQjk5QTBERkNCRTI0RkY4QUFDNDQxOEQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFBQzQ0 MThENC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlZGQ0Y2NiLTQyZTMtNGI3Mi05 MTkzLWU5MThlN2IzMDY3ZC8wLzMxMzUzNzJlMzIzMDJlMzIzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTcMA0GCSqG SIb3DQEBCwUAA4IBAQBqmnKsJZc/5+Opp2Q13Ya6oBkHOIFtaP5iFzzLu710lv0Y Z3LvZfV+Fon7I8cqAD1QKOmlUNNmVBFQ7/JHyAkYLH1cxowoicnrZjT/inigtzb3 xuO5TtM3Gy60+40obLX4AgTvBSzv481vmH9alKK30PBtjK88c73XhJH+3baPoBOu POhRIypZuuW0RVk2bgiHYxm6SCM53i7LYlqqE0eedVlKoMQZT292rQXhAARjG7JK QmET8Ld88rSTiYZ/JzmXQhDT0YKVu10iRtlRCDWQ6YstcgVS929ZJlSOKyZqfhG8 6HUK90bU9k485U50Lq2avQNAkDCMaPf0Gq2FoVpq -----END CERTIFICATE-----Generated at Wed Apr 9 19:35:51 2025 by rpki-client