$ rpki-client -vvf repo-rpki.idnic.net/repo/154b9d32-3c5a-40e2-b788-069de0c3d2de/0/3130332e3232302e3131342e302f32332d3234203d3e20313335343436.roa File: 3130332e3232302e3131342e302f32332d3234203d3e20313335343436.roa (raw, json) Hash identifier: rmtw0G0gq68lr7jcdH8MQxUIP+1AwEpTMYMONzRXapE= Subject key identifier: 04:B9:A9:49:7D:C2:B4:18:A7:FC:0F:44:1A:A4:D7:43:DE:55:DE:4E Certificate issuer: /CN=1072AD17A8EDB1513AED95A258088F480ADA492B Certificate serial: 596106D6B9EC6E6559AD5AFA500459B048F0508C Authority key identifier: 10:72:AD:17:A8:ED:B1:51:3A:ED:95:A2:58:08:8F:48:0A:DA:49:2B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1072AD17A8EDB1513AED95A258088F480ADA492B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/154b9d32-3c5a-40e2-b788-069de0c3d2de/0/3130332e3232302e3131342e302f32332d3234203d3e20313335343436.roa Signing time: Fri 03 Jan 2025 03:00:00 +0000 ROA not before: Fri 03 Jan 2025 02:55:00 +0000 ROA not after: Fri 02 Jan 2026 03:00:00 +0000 asID: 135446 IP address blocks: 103.220.114.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/154b9d32-3c5a-40e2-b788-069de0c3d2de/0/1072AD17A8EDB1513AED95A258088F480ADA492B.crl rsync://repo-rpki.idnic.net/repo/154b9d32-3c5a-40e2-b788-069de0c3d2de/0/1072AD17A8EDB1513AED95A258088F480ADA492B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1072AD17A8EDB1513AED95A258088F480ADA492B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 23:36:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:61:06:d6:b9:ec:6e:65:59:ad:5a:fa:50:04:59:b0:48:f0:50:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1072AD17A8EDB1513AED95A258088F480ADA492B Validity Not Before: Jan 3 02:55:00 2025 GMT Not After : Jan 2 03:00:00 2026 GMT Subject: CN=04B9A9497DC2B418A7FC0F441AA4D743DE55DE4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:71:07:f0:96:52:fc:0b:a3:3c:2c:70:2b:87: 46:75:66:a6:05:d6:4b:f8:5a:68:76:82:3a:3d:4c: 9f:1f:9a:d3:54:37:ed:a3:68:41:c2:aa:b6:35:80: 51:03:66:ca:51:1a:58:2b:cd:74:eb:53:60:86:ad: d6:43:ef:01:9a:38:bd:88:7e:30:d0:5a:13:c8:f8: a3:d7:68:cd:c6:c5:6c:64:ea:3b:f4:05:e8:83:eb: 67:c6:52:42:8e:f9:02:c9:59:0e:76:30:66:05:95: 48:4d:d1:a2:7b:51:7d:5a:d2:ad:ab:50:6f:64:66: ba:07:19:59:e8:e4:4b:a8:0f:0f:49:10:3c:8c:c8: 3a:4d:34:b2:e5:dd:1f:07:6b:35:27:a7:5e:b4:e3: 3c:23:08:dc:44:24:df:03:42:58:aa:4e:92:ee:36: 5c:ce:31:c0:bc:e4:c5:35:a8:d4:b2:ac:bb:fc:69: d1:57:e0:ae:d9:27:78:30:c1:cf:1a:10:fe:f5:ab: b1:43:f2:8a:e4:26:4c:8c:28:da:3d:b1:76:ab:3e: f6:40:99:8b:87:a6:aa:e8:cc:f8:b0:4a:f6:22:7e: 46:92:38:bd:eb:3e:b6:0f:03:72:a8:87:62:82:9d: 79:7c:99:75:b4:53:07:12:e1:07:d5:ed:52:f1:e1: ed:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:B9:A9:49:7D:C2:B4:18:A7:FC:0F:44:1A:A4:D7:43:DE:55:DE:4E X509v3 Authority Key Identifier: keyid:10:72:AD:17:A8:ED:B1:51:3A:ED:95:A2:58:08:8F:48:0A:DA:49:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/154b9d32-3c5a-40e2-b788-069de0c3d2de/0/1072AD17A8EDB1513AED95A258088F480ADA492B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1072AD17A8EDB1513AED95A258088F480ADA492B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/154b9d32-3c5a-40e2-b788-069de0c3d2de/0/3130332e3232302e3131342e302f32332d3234203d3e20313335343436.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.220.114.0/23 Signature Algorithm: sha256WithRSAEncryption 8d:3a:ec:cf:08:d8:c2:52:24:cb:00:34:bc:bb:39:0d:88:7f: 0c:27:05:72:8f:f8:74:56:6a:53:f3:eb:08:da:a7:16:a9:35: c0:42:cf:1f:ea:15:a2:9b:e3:ae:bb:64:38:e2:55:95:41:f9: 65:6c:55:d9:5c:06:70:0b:68:a5:40:50:23:08:e6:2b:ba:06: 7a:97:13:51:79:b3:a0:9f:99:e5:45:0b:61:86:9e:14:fb:c8: 88:1c:23:cb:0f:15:51:8e:07:24:fc:7b:08:b7:cf:97:de:bc: b8:00:57:e5:47:16:48:0e:bf:b3:66:60:42:77:17:2b:92:7f: ce:45:e2:f5:49:7e:cb:7b:44:f3:31:49:f2:43:78:e3:d5:07: 6e:ca:62:27:9d:43:62:7b:9a:01:81:00:84:28:73:77:cb:e2: c9:73:83:60:04:a9:cd:c6:9e:d7:88:e1:ca:90:02:fd:75:34: d7:bf:f8:f0:9c:6e:51:7d:0e:ac:66:fb:b2:43:da:77:d5:c2: c3:d2:c4:c1:27:16:9e:04:07:7a:8f:e2:9a:3c:39:43:93:72: a4:c0:20:67:e5:09:f5:45:99:34:17:44:88:33:ce:0e:84:e1: b1:10:fa:ba:08:e2:a3:2e:d5:fe:88:7b:c9:ff:fc:96:43:32: f1:de:bf:f3 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUWWEG1rnsbmVZrVr6UARZsEjwUIwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTA3MkFEMTdBOEVEQjE1MTNBRUQ5NUEyNTgwODhGNDgw QURBNDkyQjAeFw0yNTAxMDMwMjU1MDBaFw0yNjAxMDIwMzAwMDBaMDMxMTAvBgNV BAMTKDA0QjlBOTQ5N0RDMkI0MThBN0ZDMEY0NDFBQTRENzQzREU1NURFNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIcQfwllL8C6M8LHArh0Z1ZqYF 1kv4Wmh2gjo9TJ8fmtNUN+2jaEHCqrY1gFEDZspRGlgrzXTrU2CGrdZD7wGaOL2I fjDQWhPI+KPXaM3GxWxk6jv0BeiD62fGUkKO+QLJWQ52MGYFlUhN0aJ7UX1a0q2r UG9kZroHGVno5EuoDw9JEDyMyDpNNLLl3R8HazUnp1604zwjCNxEJN8DQliqTpLu NlzOMcC85MU1qNSyrLv8adFX4K7ZJ3gwwc8aEP71q7FD8orkJkyMKNo9sXarPvZA mYuHpqrozPiwSvYifkaSOL3rPrYPA3Koh2KCnXl8mXW0UwcS4QfV7VLx4e3dAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUBLmpSX3CtBin/A9EGqTXQ95V3k4wHwYDVR0j BBgwFoAUEHKtF6jtsVE67ZWiWAiPSAraSSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NTRiOWQzMi0zYzVhLTQwZTItYjc4OC0wNjlkZTBjM2QyZGUvMC8xMDcyQUQxN0E4 RURCMTUxM0FFRDk1QTI1ODA4OEY0ODBBREE0OTJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTA3MkFEMTdBOEVEQjE1MTNBRUQ5NUEyNTgwODhGNDgwQURB NDkyQi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE1NGI5ZDMyLTNjNWEtNDBlMi1i Nzg4LTA2OWRlMGMzZDJkZS8wLzMxMzAzMzJlMzIzMjMwMmUzMTMxMzQyZTMwMmYz MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzUzNDM0MzYucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn3HIwDQYJ KoZIhvcNAQELBQADggEBAI067M8I2MJSJMsANLy7OQ2IfwwnBXKP+HRWalPz6wja pxapNcBCzx/qFaKb4667ZDjiVZVB+WVsVdlcBnALaKVAUCMI5iu6BnqXE1F5s6Cf meVFC2GGnhT7yIgcI8sPFVGOByT8ewi3z5fevLgAV+VHFkgOv7NmYEJ3FyuSf85F 4vVJfst7RPMxSfJDeOPVB27KYiedQ2J7mgGBAIQoc3fL4slzg2AEqc3GnteI4cqQ Av11NNe/+PCcblF9Dqxm+7JD2nfVwsPSxMEnFp4EB3qP4po8OUOTcqTAIGflCfVF mTQXRIgzzg6E4bEQ+roI4qMu1f6Ie8n//JZDMvHev/M= -----END CERTIFICATE-----Generated at Sun Apr 6 11:13:17 2025 by rpki-client