$ rpki-client -vvf repo-rpki.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa File: 323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa (raw, json) Hash identifier: Bs16YGnlwrlePVXXY4N5cyCqUbI8df0nJCiwrMRxGZM= Subject key identifier: E9:25:B9:0C:DF:F7:AB:60:07:29:D2:46:CD:A2:30:80:85:BA:35:82 Certificate issuer: /CN=C24FD85D1F493383773D253EBB38BED908305E45 Certificate serial: 212E8DA14D4FD2676944C50BFA53C4A428DE27D0 Authority key identifier: C2:4F:D8:5D:1F:49:33:83:77:3D:25:3E:BB:38:BE:D9:08:30:5E:45 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C24FD85D1F493383773D253EBB38BED908305E45.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa Signing time: Fri 07 Feb 2025 14:46:27 +0000 ROA not before: Fri 07 Feb 2025 14:41:27 +0000 ROA not after: Fri 06 Feb 2026 14:46:27 +0000 asID: 142339 IP address blocks: 2407:a5c0:14::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/C24FD85D1F493383773D253EBB38BED908305E45.crl rsync://repo-rpki.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/C24FD85D1F493383773D253EBB38BED908305E45.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C24FD85D1F493383773D253EBB38BED908305E45.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 11:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:2e:8d:a1:4d:4f:d2:67:69:44:c5:0b:fa:53:c4:a4:28:de:27:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C24FD85D1F493383773D253EBB38BED908305E45 Validity Not Before: Feb 7 14:41:27 2025 GMT Not After : Feb 6 14:46:27 2026 GMT Subject: CN=E925B90CDFF7AB600729D246CDA2308085BA3582 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:33:6f:02:18:ef:27:28:32:ea:19:ba:64:28: 8b:b0:42:62:73:1f:33:9b:4a:08:7b:eb:d1:e3:04: 89:c8:7f:28:8b:41:a8:18:77:3c:5a:cf:f7:0e:e0: 8d:b8:d6:20:c2:93:6a:f9:7f:8c:a8:65:25:79:6a: 90:6e:88:b5:bb:ab:6c:65:45:00:d5:02:be:e0:88: 31:7d:f3:34:a3:89:1d:3f:ad:ea:5f:32:49:19:7d: 22:16:58:48:fd:ed:ea:c6:8c:eb:ff:e9:c8:14:04: 7a:35:81:4e:e2:a2:7c:af:4f:86:8a:98:72:89:62: 93:0d:18:1e:1c:8d:36:09:41:e9:a1:8b:d9:18:6e: 66:68:37:f2:91:2c:6c:1e:7b:d5:a9:06:5d:90:bd: 8e:2a:b0:2f:5d:45:a0:0e:d1:ee:55:8c:06:f8:b8: 3e:96:b0:bc:7c:87:22:53:ac:0a:5b:4e:f0:98:10: 53:5b:6c:78:66:e1:6e:95:57:bc:09:bf:15:a4:5b: de:cd:00:7c:a6:cf:7a:96:b1:78:e7:52:60:02:c6: c4:84:15:dc:61:3d:c8:ea:31:0f:a2:4c:84:6a:8d: b8:4d:d6:e6:34:bc:bc:4d:ce:9f:12:d1:5d:ee:07: 98:29:ee:c0:91:18:b0:39:8b:ef:a1:04:6d:02:32: 18:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:25:B9:0C:DF:F7:AB:60:07:29:D2:46:CD:A2:30:80:85:BA:35:82 X509v3 Authority Key Identifier: keyid:C2:4F:D8:5D:1F:49:33:83:77:3D:25:3E:BB:38:BE:D9:08:30:5E:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/C24FD85D1F493383773D253EBB38BED908305E45.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C24FD85D1F493383773D253EBB38BED908305E45.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:a5c0:14::/48 Signature Algorithm: sha256WithRSAEncryption 05:ce:ac:bb:41:63:cd:fe:c1:0e:e7:52:f1:04:6f:b1:72:2f: 6a:6e:58:36:25:37:a6:a0:fe:33:23:76:fc:46:3e:19:f0:da: 63:45:d3:b2:72:d7:43:34:ff:31:7f:1a:73:23:b0:d7:1b:29: 6d:91:e3:15:9b:1e:77:f3:5c:60:14:da:ff:8f:3a:f6:17:5e: a5:c2:17:86:e4:0f:74:f8:39:b5:df:e4:8e:ef:83:ce:d4:19: 8c:87:d0:d7:6d:64:ac:8b:55:47:ee:57:75:c0:52:96:8b:79: b4:53:31:02:e8:39:a7:8d:85:f6:61:85:fc:33:a4:0e:db:13: 48:77:8a:e1:87:4f:5a:9a:19:e8:a5:21:0a:61:0c:cd:79:1a: e7:64:ed:43:0d:7c:81:60:1a:b8:3c:a4:5b:95:48:54:5e:25: 1c:97:2f:25:8c:1e:e2:e1:26:dd:45:29:99:5f:57:b7:0b:6e: d5:66:9f:17:da:09:90:0a:ec:aa:22:e6:0d:f5:33:a5:c8:23: 46:fc:5b:ca:ec:2b:80:ed:a6:47:6e:c8:50:4b:c9:44:0f:0e: 58:d3:64:ee:72:f9:32:38:1d:bc:61:ba:2d:9a:35:fd:2d:aa: a9:c8:86:07:9f:61:fa:d9:78:a4:25:79:ee:a5:1b:92:b9:a5: e1:07:a4:cb -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUIS6NoU1P0mdpRMUL+lPEpCjeJ9AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzI0RkQ4NUQxRjQ5MzM4Mzc3M0QyNTNFQkIzOEJFRDkw ODMwNUU0NTAeFw0yNTAyMDcxNDQxMjdaFw0yNjAyMDYxNDQ2MjdaMDMxMTAvBgNV BAMTKEU5MjVCOTBDREZGN0FCNjAwNzI5RDI0NkNEQTIzMDgwODVCQTM1ODIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZM28CGO8nKDLqGbpkKIuwQmJz HzObSgh769HjBInIfyiLQagYdzxaz/cO4I241iDCk2r5f4yoZSV5apBuiLW7q2xl RQDVAr7giDF98zSjiR0/repfMkkZfSIWWEj97erGjOv/6cgUBHo1gU7ionyvT4aK mHKJYpMNGB4cjTYJQemhi9kYbmZoN/KRLGwee9WpBl2QvY4qsC9dRaAO0e5VjAb4 uD6WsLx8hyJTrApbTvCYEFNbbHhm4W6VV7wJvxWkW97NAHymz3qWsXjnUmACxsSE FdxhPcjqMQ+iTIRqjbhN1uY0vLxNzp8S0V3uB5gp7sCRGLA5i++hBG0CMhhBAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQU6SW5DN/3q2AHKdJGzaIwgIW6NYIwHwYDVR0j BBgwFoAUwk/YXR9JM4N3PSU+uzi+2QgwXkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x MTkyMDIxZS0zOTA0LTQxMTUtYWY1ZS0zZWRiNzEzYmFhMTQvMC9DMjRGRDg1RDFG NDkzMzgzNzczRDI1M0VCQjM4QkVEOTA4MzA1RTQ1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzI0RkQ4NUQxRjQ5MzM4Mzc3M0QyNTNFQkIzOEJFRDkwODMw NUU0NS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzExOTIwMjFlLTM5MDQtNDExNS1h ZjVlLTNlZGI3MTNiYWExNC8wLzMyMzQzMDM3M2E2MTM1NjMzMDNhMzEzNDNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMjMzMzMzOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQHpcAA FDANBgkqhkiG9w0BAQsFAAOCAQEABc6su0Fjzf7BDudS8QRvsXIvam5YNiU3pqD+ MyN2/EY+GfDaY0XTsnLXQzT/MX8acyOw1xspbZHjFZsed/NcYBTa/4869hdepcIX huQPdPg5td/kju+DztQZjIfQ121krItVR+5XdcBSlot5tFMxAug5p42F9mGF/DOk DtsTSHeK4YdPWpoZ6KUhCmEMzXka52TtQw18gWAauDykW5VIVF4lHJcvJYwe4uEm 3UUpmV9Xtwtu1WafF9oJkArsqiLmDfUzpcgjRvxbyuwrgO2mR27IUEvJRA8OWNNk 7nL5MjgdvGG6LZo1/S2qqciGB59h+tl4pCV57qUbkrml4Qekyw== -----END CERTIFICATE-----Generated at Sun Apr 6 12:16:28 2025 by rpki-client