$ rpki-client -vvf repo-rpki.idnic.net/repo/140e9c9f-d607-4497-af28-4d2b9092d5a6/0/3130332e3134382e38352e302f32342d3234203d3e20313339393836.roa File: 3130332e3134382e38352e302f32342d3234203d3e20313339393836.roa (raw, json) Hash identifier: KI4DRCx0w4L0nKpvK1CNtCzzpw68TT41WCumN5kF9lM= Subject key identifier: F8:C5:07:22:AC:B7:32:64:C3:91:52:54:5F:85:25:35:66:41:68:B9 Certificate issuer: /CN=95C3BA7F23B6351721F77DA8020731F9DA46B3C8 Certificate serial: 6F3E3C2120FDB91F41552C3C767EE3B1C8199B46 Authority key identifier: 95:C3:BA:7F:23:B6:35:17:21:F7:7D:A8:02:07:31:F9:DA:46:B3:C8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95C3BA7F23B6351721F77DA8020731F9DA46B3C8.cer Subject info access: rsync://repo-rpki.idnic.net/repo/140e9c9f-d607-4497-af28-4d2b9092d5a6/0/3130332e3134382e38352e302f32342d3234203d3e20313339393836.roa Signing time: Wed 08 Jan 2025 09:01:01 +0000 ROA not before: Wed 08 Jan 2025 08:56:01 +0000 ROA not after: Wed 07 Jan 2026 09:01:01 +0000 asID: 139986 IP address blocks: 103.148.85.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/140e9c9f-d607-4497-af28-4d2b9092d5a6/0/95C3BA7F23B6351721F77DA8020731F9DA46B3C8.crl rsync://repo-rpki.idnic.net/repo/140e9c9f-d607-4497-af28-4d2b9092d5a6/0/95C3BA7F23B6351721F77DA8020731F9DA46B3C8.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95C3BA7F23B6351721F77DA8020731F9DA46B3C8.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Mar 2025 11:24:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:3e:3c:21:20:fd:b9:1f:41:55:2c:3c:76:7e:e3:b1:c8:19:9b:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95C3BA7F23B6351721F77DA8020731F9DA46B3C8 Validity Not Before: Jan 8 08:56:01 2025 GMT Not After : Jan 7 09:01:01 2026 GMT Subject: CN=F8C50722ACB73264C39152545F852535664168B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:eb:29:88:c1:23:a0:6e:e8:4f:47:ce:54:d7: 1f:27:60:7e:8f:52:b9:2b:dd:0e:0c:a5:66:0f:4a: 16:00:6a:67:80:c9:fa:79:fd:c1:2e:81:fc:bd:ed: 97:97:b5:e6:6b:4b:5c:1c:12:84:43:d3:12:f4:e4: 00:bd:7f:1e:79:8b:29:56:7b:0e:ff:28:03:89:01: 34:6c:16:79:9a:02:08:fb:c9:5b:98:8f:f2:32:dc: bd:d1:19:da:30:03:0c:ec:f4:11:8b:ae:68:ce:cf: e0:7b:a4:2d:66:e1:09:7f:02:e3:e4:d2:56:92:4b: 6e:13:9a:72:62:e2:b0:10:c4:9a:dc:ca:e1:be:ad: 03:2e:1c:00:07:00:fe:4e:a0:17:6a:95:4f:6f:0f: b9:a9:9c:5c:d2:a0:c1:8a:36:a9:4d:9a:41:7c:4b: 33:91:a9:b3:4c:0f:a5:bb:ab:41:a4:1a:52:77:11: bd:c3:97:d1:f2:42:ce:7a:1f:67:be:1b:ea:f9:2f: 07:94:69:9a:9b:1c:d6:72:f1:e9:45:af:f7:45:19: f3:ea:8f:94:e0:cd:66:e0:e8:7e:41:f3:2c:d6:ea: 9f:26:bb:4c:51:46:d0:64:e0:65:3d:fc:fa:de:1c: 7f:ae:6f:10:ef:f1:ab:15:cf:b0:10:b9:4e:6d:0f: ae:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:C5:07:22:AC:B7:32:64:C3:91:52:54:5F:85:25:35:66:41:68:B9 X509v3 Authority Key Identifier: keyid:95:C3:BA:7F:23:B6:35:17:21:F7:7D:A8:02:07:31:F9:DA:46:B3:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/140e9c9f-d607-4497-af28-4d2b9092d5a6/0/95C3BA7F23B6351721F77DA8020731F9DA46B3C8.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95C3BA7F23B6351721F77DA8020731F9DA46B3C8.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/140e9c9f-d607-4497-af28-4d2b9092d5a6/0/3130332e3134382e38352e302f32342d3234203d3e20313339393836.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.148.85.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:6d:28:65:5f:a4:fe:6d:21:ba:7c:ef:e2:ad:25:2c:dd:dc: 7a:42:6b:b5:4d:d3:8b:03:c1:12:90:99:7c:24:99:2c:a5:b8: 61:de:4e:fe:ea:3d:c4:10:02:6f:38:ba:d7:44:9c:80:af:34: e8:95:43:92:f8:5e:da:b2:b0:67:dd:52:dd:84:07:58:00:b1: 52:d4:9a:8a:d9:27:12:bc:e5:38:2f:97:f8:33:56:1c:a6:7b: fb:ad:c8:18:10:e4:e6:ed:4d:ac:e5:62:b4:c4:76:b4:62:80: 26:db:c4:e9:d4:c9:ec:80:c6:a0:fb:79:97:f7:09:a4:ed:5f: 13:67:ee:c2:f2:f9:ec:30:8a:7e:9e:2c:5f:58:8b:bd:e9:28: 6c:d5:f5:46:5a:8d:1d:eb:98:48:5a:0a:4f:15:2c:c7:c1:00: d6:31:3d:ca:46:af:35:cc:8e:6a:7d:b0:f2:74:59:28:71:c9: 34:de:e2:59:96:40:a6:11:a7:8e:8f:50:47:e3:2a:25:12:5f: 90:08:ca:9e:b2:00:b0:99:6b:f5:6a:dd:56:bd:d0:1d:39:49: 01:5d:27:f1:2f:a4:c0:2d:30:fa:cf:5e:1e:1f:ce:6f:2b:cb: 51:a1:bc:cf:69:68:44:c1:83:95:fc:1b:f6:41:2d:4d:59:9a: c6:51:81:7e -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUbz48ISD9uR9BVSw8dn7jscgZm0YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTVDM0JBN0YyM0I2MzUxNzIxRjc3REE4MDIwNzMxRjlE QTQ2QjNDODAeFw0yNTAxMDgwODU2MDFaFw0yNjAxMDcwOTAxMDFaMDMxMTAvBgNV BAMTKEY4QzUwNzIyQUNCNzMyNjRDMzkxNTI1NDVGODUyNTM1NjY0MTY4QjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi6ymIwSOgbuhPR85U1x8nYH6P Urkr3Q4MpWYPShYAameAyfp5/cEugfy97ZeXteZrS1wcEoRD0xL05AC9fx55iylW ew7/KAOJATRsFnmaAgj7yVuYj/Iy3L3RGdowAwzs9BGLrmjOz+B7pC1m4Ql/AuPk 0laSS24TmnJi4rAQxJrcyuG+rQMuHAAHAP5OoBdqlU9vD7mpnFzSoMGKNqlNmkF8 SzORqbNMD6W7q0GkGlJ3Eb3Dl9HyQs56H2e+G+r5LweUaZqbHNZy8elFr/dFGfPq j5TgzWbg6H5B8yzW6p8mu0xRRtBk4GU9/PreHH+ubxDv8asVz7AQuU5tD66fAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU+MUHIqy3MmTDkVJUX4UlNWZBaLkwHwYDVR0j BBgwFoAUlcO6fyO2NRch932oAgcx+dpGs8gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NDBlOWM5Zi1kNjA3LTQ0OTctYWYyOC00ZDJiOTA5MmQ1YTYvMC85NUMzQkE3RjIz QjYzNTE3MjFGNzdEQTgwMjA3MzFGOURBNDZCM0M4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOTVDM0JBN0YyM0I2MzUxNzIxRjc3REE4MDIwNzMxRjlEQTQ2 QjNDOC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE0MGU5YzlmLWQ2MDctNDQ5Ny1h ZjI4LTRkMmI5MDkyZDVhNi8wLzMxMzAzMzJlMzEzNDM4MmUzODM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM5MzkzODM2LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5RVMA0GCSqG SIb3DQEBCwUAA4IBAQBbbShlX6T+bSG6fO/irSUs3dx6Qmu1TdOLA8ESkJl8JJks pbhh3k7+6j3EEAJvOLrXRJyArzTolUOS+F7asrBn3VLdhAdYALFS1JqK2ScSvOU4 L5f4M1Ycpnv7rcgYEOTm7U2s5WK0xHa0YoAm28Tp1MnsgMag+3mX9wmk7V8TZ+7C 8vnsMIp+nixfWIu96Shs1fVGWo0d65hIWgpPFSzHwQDWMT3KRq81zI5qfbDydFko cck03uJZlkCmEaeOj1BH4yolEl+QCMqesgCwmWv1at1WvdAdOUkBXSfxL6TALTD6 z14eH85vK8tRobzPaWhEwYOV/Bv2QS1NWZrGUYF+ -----END CERTIFICATE-----Generated at Tue Mar 11 05:05:08 2025 by rpki-client