$ rpki-client -vvf repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3230322e34332e3137362e302f32302d3234203d3e20313331313131.roa File: 3230322e34332e3137362e302f32302d3234203d3e20313331313131.roa (raw, json) Hash identifier: 2LFPdQC7sfy55qfY3d9WCKIbl57qZU5+z9zs069asuU= Subject key identifier: 20:A9:C7:4A:10:20:CA:90:25:55:7B:15:C5:CF:88:DC:51:96:8C:9D Certificate issuer: /CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F Certificate serial: 5AADA0DDFEC97D36E0BF3537CC732D0466A9CB21 Authority key identifier: C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3230322e34332e3137362e302f32302d3234203d3e20313331313131.roa Signing time: Sun 08 Dec 2024 10:00:02 +0000 ROA not before: Sun 08 Dec 2024 09:55:02 +0000 ROA not after: Sun 07 Dec 2025 10:00:02 +0000 asID: 131111 IP address blocks: 202.43.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 03:54:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:ad:a0:dd:fe:c9:7d:36:e0:bf:35:37:cc:73:2d:04:66:a9:cb:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F Validity Not Before: Dec 8 09:55:02 2024 GMT Not After : Dec 7 10:00:02 2025 GMT Subject: CN=20A9C74A1020CA9025557B15C5CF88DC51968C9D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:c9:3b:a3:db:65:66:04:a3:0d:9e:4d:6a:52: c5:07:da:c8:0c:7c:be:eb:9c:5f:59:c6:f6:ee:97: 4d:00:90:ac:a7:6d:52:ad:cf:50:49:9a:7d:ff:8f: fa:16:28:26:58:85:b2:0f:20:66:4a:a8:52:6c:2f: ad:73:2d:f6:09:b1:db:87:4e:ee:63:59:ec:58:16: 4e:cd:b4:74:06:a8:f8:07:00:fd:8e:ff:ab:c7:0e: 37:01:14:c2:4e:f3:47:cd:ed:64:19:a7:a0:e4:d6: 49:5e:f8:0a:d5:26:a9:ea:5f:1b:11:66:01:2e:af: b8:b6:c0:3e:d5:e4:9b:92:b2:f3:8c:29:5e:11:6c: 9a:8c:38:0a:bd:d4:91:7e:8e:f0:23:84:95:43:2e: 81:8d:16:68:0c:3a:68:19:4b:73:b3:3b:83:bf:43: 26:de:48:4f:a8:6e:ad:4a:f7:36:85:bf:16:c9:6b: 81:25:a3:b7:26:31:e7:95:aa:ab:ad:dc:9f:74:74: f3:c2:9a:85:ab:6c:b8:6b:f9:2a:79:0e:ff:97:24: 10:ff:7a:fb:a9:1c:c8:c7:f1:ec:6e:c8:88:21:89: 9f:63:f0:90:10:fc:12:1f:73:cc:47:ad:3b:91:38: b2:08:36:3b:e7:1a:00:a6:a4:46:27:08:1b:7d:91: 14:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:A9:C7:4A:10:20:CA:90:25:55:7B:15:C5:CF:88:DC:51:96:8C:9D X509v3 Authority Key Identifier: keyid:C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3230322e34332e3137362e302f32302d3234203d3e20313331313131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.43.176.0/20 Signature Algorithm: sha256WithRSAEncryption 34:47:7d:4c:14:d7:8a:a3:25:f6:ed:2e:01:9a:dc:ba:07:88: 29:fb:4c:73:79:bc:40:ef:8d:db:16:dd:ff:01:4d:04:bb:aa: 05:5a:88:ee:28:25:1f:16:bf:bd:e9:3b:86:f7:37:e9:24:52: 83:83:f7:fe:93:8f:96:51:5e:57:c4:65:9c:19:19:f2:14:66: 88:59:db:2c:f8:17:87:46:1f:0c:21:95:5e:3d:7a:18:51:43: b6:da:28:f3:f2:33:da:bd:ec:bc:23:d8:74:96:30:a1:d7:3e: fd:b5:51:da:e4:67:be:a6:33:f7:eb:bf:38:c9:2a:ed:65:70: 05:16:2a:34:63:f1:f5:c3:60:d9:1c:e6:0a:e2:36:3f:41:c1: 5d:4e:18:a1:6a:0a:6d:46:fb:4d:86:5c:2c:75:89:9f:1d:75: 4c:d7:ea:df:a3:b7:93:66:bd:88:57:08:b7:4c:fb:7f:32:dd: 62:2f:30:62:9d:db:d2:27:4f:ab:26:82:bd:f0:35:12:9b:05: 9d:85:2e:fb:b2:fa:30:e5:27:71:fa:1f:7e:3f:cb:55:74:ac: 09:d5:72:32:58:9c:19:02:96:30:7e:96:d9:1a:9e:63:82:30: d4:03:c3:13:77:cd:05:9b:e0:54:75:23:60:3d:33:96:fa:c3: 43:69:40:72 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUWq2g3f7JfTbgvzU3zHMtBGapyyEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4 NzE2REMyRjAeFw0yNDEyMDgwOTU1MDJaFw0yNTEyMDcxMDAwMDJaMDMxMTAvBgNV BAMTKDIwQTlDNzRBMTAyMENBOTAyNTU1N0IxNUM1Q0Y4OERDNTE5NjhDOUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTyTuj22VmBKMNnk1qUsUH2sgM fL7rnF9Zxvbul00AkKynbVKtz1BJmn3/j/oWKCZYhbIPIGZKqFJsL61zLfYJsduH Tu5jWexYFk7NtHQGqPgHAP2O/6vHDjcBFMJO80fN7WQZp6Dk1kle+ArVJqnqXxsR ZgEur7i2wD7V5JuSsvOMKV4RbJqMOAq91JF+jvAjhJVDLoGNFmgMOmgZS3OzO4O/ QybeSE+obq1K9zaFvxbJa4Elo7cmMeeVqqut3J90dPPCmoWrbLhr+Sp5Dv+XJBD/ evupHMjH8exuyIghiZ9j8JAQ/BIfc8xHrTuROLIINjvnGgCmpEYnCBt9kRSJAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUIKnHShAgypAlVXsVxc+I3FGWjJ0wHwYDVR0j BBgwFoAUwa+MmZ6dBtrevDh9eLMFq4cW3C8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x OTIwNWU3Yy1hODgxLTQ4NzMtOTE4OC1lNTIxYjZhZjUyOWMvMC9DMUFGOEM5OTlF OUQwNkRBREVCQzM4N0Q3OEIzMDVBQjg3MTZEQzJGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4NzE2 REMyRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE5MjA1ZTdjLWE4ODEtNDg3My05 MTg4LWU1MjFiNmFmNTI5Yy8wLzMyMzAzMjJlMzQzMzJlMzEzNzM2MmUzMDJmMzIz MDJkMzIzNDIwM2QzZTIwMzEzMzMxMzEzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEyiuwMA0GCSqG SIb3DQEBCwUAA4IBAQA0R31MFNeKoyX27S4Bmty6B4gp+0xzebxA743bFt3/AU0E u6oFWojuKCUfFr+96TuG9zfpJFKDg/f+k4+WUV5XxGWcGRnyFGaIWdss+BeHRh8M IZVePXoYUUO22ijz8jPavey8I9h0ljCh1z79tVHa5Ge+pjP36784ySrtZXAFFio0 Y/H1w2DZHOYK4jY/QcFdThihagptRvtNhlwsdYmfHXVM1+rfo7eTZr2IVwi3TPt/ Mt1iLzBindvSJ0+rJoK98DUSmwWdhS77svow5Sdx+h9+P8tVdKwJ1XIyWJwZApYw fpbZGp5jgjDUA8MTd80Fm+BUdSNgPTOW+sNDaUBy -----END CERTIFICATE-----Generated at Sun Apr 6 09:37:48 2025 by rpki-client