$ rpki-client -vvf repo-rpki.idnic.net/repo/1635a451-c304-45f5-b7db-5687e2b10807/0/3130332e3135342e37362e302f32332d3233203d3e20313430343831.roa File: 3130332e3135342e37362e302f32332d3233203d3e20313430343831.roa (raw, json) Hash identifier: +r4hk/SZgMTurIzv+fNPFL73b+UlFP07BXG9b2YC2us= Subject key identifier: A0:DB:19:9C:F2:B7:3C:2E:E0:AB:94:5C:C2:D4:18:3F:52:6F:8F:52 Certificate issuer: /CN=CEAE4F7759EE21BA652E0FB89D01A309B65D17D3 Certificate serial: 7ABA81A0041A85316DBE9EC2768F04E70FDA34FE Authority key identifier: CE:AE:4F:77:59:EE:21:BA:65:2E:0F:B8:9D:01:A3:09:B6:5D:17:D3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEAE4F7759EE21BA652E0FB89D01A309B65D17D3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1635a451-c304-45f5-b7db-5687e2b10807/0/3130332e3135342e37362e302f32332d3233203d3e20313430343831.roa Signing time: Mon 03 Mar 2025 03:34:22 +0000 ROA not before: Mon 03 Mar 2025 03:29:22 +0000 ROA not after: Mon 02 Mar 2026 03:34:22 +0000 asID: 140481 IP address blocks: 103.154.76.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1635a451-c304-45f5-b7db-5687e2b10807/0/CEAE4F7759EE21BA652E0FB89D01A309B65D17D3.crl rsync://repo-rpki.idnic.net/repo/1635a451-c304-45f5-b7db-5687e2b10807/0/CEAE4F7759EE21BA652E0FB89D01A309B65D17D3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEAE4F7759EE21BA652E0FB89D01A309B65D17D3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 21:57:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:ba:81:a0:04:1a:85:31:6d:be:9e:c2:76:8f:04:e7:0f:da:34:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEAE4F7759EE21BA652E0FB89D01A309B65D17D3 Validity Not Before: Mar 3 03:29:22 2025 GMT Not After : Mar 2 03:34:22 2026 GMT Subject: CN=A0DB199CF2B73C2EE0AB945CC2D4183F526F8F52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2d:02:90:67:ff:cd:88:52:38:77:f3:12:ae: 37:0a:55:4a:3b:b0:f5:41:b6:83:94:53:ff:57:e3: 70:69:8a:b1:0a:fb:02:4e:57:66:09:b2:d2:d1:de: b8:53:16:3c:66:6f:d5:26:33:b4:d2:61:c6:a5:b2: 23:65:1e:44:30:0c:6d:c9:e1:71:33:40:ec:ee:f5: 7b:d4:03:6b:9a:7b:ab:0e:83:09:54:c9:90:d5:33: 4a:d6:fa:a3:1f:01:a6:d4:ee:26:77:70:4d:5e:ee: 0e:d5:5d:4e:85:ca:67:26:d6:59:9a:f8:61:a1:6f: e0:bd:b8:45:a3:38:27:dd:90:2d:7e:95:7c:98:14: b0:61:f4:eb:19:f3:86:b6:32:66:85:95:e2:47:7b: 3d:ff:c5:2e:a2:4b:96:1a:e6:0a:59:25:5f:6d:3c: fa:2b:c5:e1:6e:76:62:8c:12:f4:3d:37:f7:04:c2: 25:90:4f:64:5b:a0:00:34:5e:cf:9a:12:99:b2:7c: ac:fd:e5:02:36:19:b6:43:c7:2b:eb:55:81:c6:aa: a2:26:0b:dc:57:21:63:b6:32:85:92:00:3e:00:f2: 85:a1:2d:1a:19:ca:9f:5f:8f:5b:87:b5:25:89:88: 55:90:76:aa:35:d3:17:3e:1a:f6:d3:cd:4f:aa:82: 4d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:DB:19:9C:F2:B7:3C:2E:E0:AB:94:5C:C2:D4:18:3F:52:6F:8F:52 X509v3 Authority Key Identifier: keyid:CE:AE:4F:77:59:EE:21:BA:65:2E:0F:B8:9D:01:A3:09:B6:5D:17:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1635a451-c304-45f5-b7db-5687e2b10807/0/CEAE4F7759EE21BA652E0FB89D01A309B65D17D3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEAE4F7759EE21BA652E0FB89D01A309B65D17D3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1635a451-c304-45f5-b7db-5687e2b10807/0/3130332e3135342e37362e302f32332d3233203d3e20313430343831.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.154.76.0/23 Signature Algorithm: sha256WithRSAEncryption 9b:9e:4d:b1:da:f9:aa:e0:c7:03:6d:74:85:8c:b4:82:81:da: 5a:bc:2d:cd:f7:e4:b4:f2:eb:66:f0:a3:7c:ca:9e:db:50:29: c2:a4:e6:3f:bf:4e:67:79:d2:9e:7c:11:41:13:45:1f:fe:cd: cc:d4:d6:0c:e1:5b:35:0f:f5:11:6d:37:c9:d4:81:cc:4d:c9: 9e:a0:3a:a3:fb:ea:af:bd:4d:b2:ca:17:89:d9:1b:12:df:26: 1a:f3:3e:d4:25:37:81:0d:a6:f7:52:1a:26:a9:1a:7a:b8:c1: af:f0:d4:7a:a9:1d:24:71:8a:85:65:0c:1a:cc:36:a6:97:80: 6a:be:b0:dc:83:c3:fc:c2:fd:5f:fc:4f:dd:72:3b:01:63:e4: 1f:d2:a6:26:a6:72:44:af:d5:b7:28:e1:8c:8a:36:b1:72:f3: 9d:95:6b:e4:00:7c:c8:82:31:d4:03:33:6e:d6:38:e1:e8:21: ee:b1:87:7f:7a:d0:cc:d6:97:8e:fb:31:ab:91:70:ef:2e:34: b8:5a:d8:b3:6b:86:b1:8f:ea:c4:cf:ec:bd:60:0d:f6:e8:3a: be:93:25:8b:c1:53:fa:f9:91:96:c2:fc:14:3c:da:9f:fc:65: 7b:24:9a:28:c4:d1:b8:62:5b:2d:d9:63:1f:24:af:d6:11:02: 32:ff:a8:7f -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUerqBoAQahTFtvp7Cdo8E5w/aNP4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBRTRGNzc1OUVFMjFCQTY1MkUwRkI4OUQwMUEzMDlC NjVEMTdEMzAeFw0yNTAzMDMwMzI5MjJaFw0yNjAzMDIwMzM0MjJaMDMxMTAvBgNV BAMTKEEwREIxOTlDRjJCNzNDMkVFMEFCOTQ1Q0MyRDQxODNGNTI2RjhGNTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzLQKQZ//NiFI4d/MSrjcKVUo7 sPVBtoOUU/9X43BpirEK+wJOV2YJstLR3rhTFjxmb9UmM7TSYcalsiNlHkQwDG3J 4XEzQOzu9XvUA2uae6sOgwlUyZDVM0rW+qMfAabU7iZ3cE1e7g7VXU6Fymcm1lma +GGhb+C9uEWjOCfdkC1+lXyYFLBh9OsZ84a2MmaFleJHez3/xS6iS5Ya5gpZJV9t PPorxeFudmKMEvQ9N/cEwiWQT2RboAA0Xs+aEpmyfKz95QI2GbZDxyvrVYHGqqIm C9xXIWO2MoWSAD4A8oWhLRoZyp9fj1uHtSWJiFWQdqo10xc+GvbTzU+qgk0nAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUoNsZnPK3PC7gq5RcwtQYP1Jvj1IwHwYDVR0j BBgwFoAUzq5Pd1nuIbplLg+4nQGjCbZdF9MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NjM1YTQ1MS1jMzA0LTQ1ZjUtYjdkYi01Njg3ZTJiMTA4MDcvMC9DRUFFNEY3NzU5 RUUyMUJBNjUyRTBGQjg5RDAxQTMwOUI2NUQxN0QzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0VBRTRGNzc1OUVFMjFCQTY1MkUwRkI4OUQwMUEzMDlCNjVE MTdEMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE2MzVhNDUxLWMzMDQtNDVmNS1i N2RiLTU2ODdlMmIxMDgwNy8wLzMxMzAzMzJlMzEzNTM0MmUzNzM2MmUzMDJmMzIz MzJkMzIzMzIwM2QzZTIwMzEzNDMwMzQzODMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5pMMA0GCSqG SIb3DQEBCwUAA4IBAQCbnk2x2vmq4McDbXSFjLSCgdpavC3N9+S08utm8KN8yp7b UCnCpOY/v05nedKefBFBE0Uf/s3M1NYM4Vs1D/URbTfJ1IHMTcmeoDqj++qvvU2y yheJ2RsS3yYa8z7UJTeBDab3UhomqRp6uMGv8NR6qR0kcYqFZQwazDaml4BqvrDc g8P8wv1f/E/dcjsBY+Qf0qYmpnJEr9W3KOGMijaxcvOdlWvkAHzIgjHUAzNu1jjh 6CHusYd/etDM1peO+zGrkXDvLjS4Wtiza4axj+rEz+y9YA326Dq+kyWLwVP6+ZGW wvwUPNqf/GV7JJooxNG4Ylst2WMfJK/WEQIy/6h/ -----END CERTIFICATE-----Generated at Thu Apr 17 23:23:58 2025 by rpki-client