$ rpki-client -vvf repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235312e302f32342d3234203d3e20313338303734.roa File: 3230322e34332e3235312e302f32342d3234203d3e20313338303734.roa (raw, json) Hash identifier: zLaCzFYcJmhf/sRs6wM2j5wW1nPbYiK+KMTtcnEwVeA= Subject key identifier: 42:F7:41:41:BF:60:DA:E5:AC:BE:07:B3:70:1A:B7:BD:93:A8:8A:C5 Certificate issuer: /CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB Certificate serial: 2320B90718F17A88D9E0A34D460B116A0C13E50A Authority key identifier: C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235312e302f32342d3234203d3e20313338303734.roa Signing time: Mon 29 Jan 2024 01:28:03 +0000 ROA not before: Mon 29 Jan 2024 01:23:03 +0000 ROA not after: Mon 27 Jan 2025 01:28:03 +0000 asID: 138074 IP address blocks: 202.43.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.crl rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Nov 2024 05:08:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:20:b9:07:18:f1:7a:88:d9:e0:a3:4d:46:0b:11:6a:0c:13:e5:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB Validity Not Before: Jan 29 01:23:03 2024 GMT Not After : Jan 27 01:28:03 2025 GMT Subject: CN=42F74141BF60DAE5ACBE07B3701AB7BD93A88AC5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:88:c8:ed:9f:eb:7e:bc:a3:4b:79:b9:e0:4c: aa:a2:20:a8:c5:a0:cd:d1:ad:93:f7:eb:fe:ed:06: d8:97:7e:ba:14:26:1c:3e:c9:6c:26:d6:a4:d0:ec: 08:47:85:4d:4a:33:2d:82:98:f3:ef:c6:ef:e2:96: 68:6e:c4:c9:00:f3:8c:4d:0e:f6:68:bb:df:4e:89: fe:bb:f3:cd:52:d2:b9:24:fa:19:66:a9:4e:5a:e7: fc:da:6e:d5:94:a9:05:91:1f:fb:55:39:4a:8d:83: d0:0b:6e:7f:b2:9f:cc:45:28:62:5a:96:ff:27:88: d5:ae:3b:01:0e:ae:a2:f8:84:68:e6:67:2d:8d:0d: 53:50:b6:e9:bb:22:79:fc:1a:09:5e:27:a3:6a:4a: a8:c2:95:0f:f3:83:fa:db:60:04:26:e0:d7:cc:e4: 16:34:da:5c:ca:fb:f3:d9:1c:af:3a:f8:3c:d4:c2: 23:a1:35:ec:1b:90:c0:f3:e4:b1:fe:ae:99:d4:4a: e0:1f:16:47:72:a2:a9:8b:03:15:ad:a4:6f:0e:ac: f0:61:c7:39:e0:2e:e4:b4:f5:5c:74:0c:d4:3a:b8: 2c:47:32:bc:6d:ca:54:a5:b1:e5:01:ce:04:14:61: 85:f2:95:76:77:32:df:95:58:a6:59:9e:d5:19:78: 5a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:F7:41:41:BF:60:DA:E5:AC:BE:07:B3:70:1A:B7:BD:93:A8:8A:C5 X509v3 Authority Key Identifier: keyid:C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235312e302f32342d3234203d3e20313338303734.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.43.251.0/24 Signature Algorithm: sha256WithRSAEncryption c8:84:bc:45:13:08:5a:2d:f8:fe:ea:f7:d1:15:a4:05:6e:ad: 3c:a5:69:df:d4:ce:3a:80:66:bb:08:f7:ef:af:da:58:33:4d: 5f:17:87:56:a6:ba:1e:92:8e:fc:3e:7d:3c:c2:88:2a:cb:95: 17:bd:03:37:69:52:ca:27:f9:98:f9:30:98:d4:83:ee:50:3c: e6:36:a3:7c:c7:ad:39:ff:ee:c4:b3:59:ec:39:59:36:96:91: b8:ae:3b:7d:6a:89:58:db:af:a6:b8:01:ef:5a:39:a4:43:cb: 61:b0:0a:d2:6a:75:22:bf:cd:07:b9:fd:29:70:a9:dc:85:b4: 87:a0:db:40:e9:b4:bb:8a:06:cd:cb:26:5c:c3:d7:fa:64:27: b9:1a:de:00:a3:7c:b5:81:0e:81:a6:d1:97:db:67:55:43:83: 3e:9a:fb:bb:7f:39:36:60:b5:6f:b3:eb:f5:8c:a3:de:c8:ab: 4d:3b:62:52:c6:d9:f9:2d:b0:8f:4a:ed:94:72:23:41:67:98: e8:40:ff:98:7b:bf:a3:0e:78:f3:34:ae:81:4c:9c:90:35:20: e0:23:ea:3b:0f:81:16:12:96:96:42:2a:c8:2a:49:1b:b8:e2: f5:4f:64:00:71:d8:28:18:6e:a8:0e:c7:26:a1:75:b2:f1:79: 29:5c:09:93 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUIyC5BxjxeojZ4KNNRgsRagwT5QowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZC RUZCM0FCQjAeFw0yNDAxMjkwMTIzMDNaFw0yNTAxMjcwMTI4MDNaMDMxMTAvBgNV BAMTKDQyRjc0MTQxQkY2MERBRTVBQ0JFMDdCMzcwMUFCN0JEOTNBODhBQzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAiMjtn+t+vKNLebngTKqiIKjF oM3RrZP36/7tBtiXfroUJhw+yWwm1qTQ7AhHhU1KMy2CmPPvxu/ilmhuxMkA84xN DvZou99Oif67881S0rkk+hlmqU5a5/zabtWUqQWRH/tVOUqNg9ALbn+yn8xFKGJa lv8niNWuOwEOrqL4hGjmZy2NDVNQtum7Inn8GgleJ6NqSqjClQ/zg/rbYAQm4NfM 5BY02lzK+/PZHK86+DzUwiOhNewbkMDz5LH+rpnUSuAfFkdyoqmLAxWtpG8OrPBh xzngLuS09Vx0DNQ6uCxHMrxtylSlseUBzgQUYYXylXZ3Mt+VWKZZntUZeFpZAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUQvdBQb9g2uWsvgezcBq3vZOoisUwHwYDVR0j BBgwFoAUyOwY4CdjmwW8WKIijRJkhr77OrswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YzI4OTcwNi1hNGY0LTRlMWYtOWE2ZS0wMWM5YzUzY2Q4ZjkvMC9DOEVDMThFMDI3 NjM5QjA1QkM1OEEyMjI4RDEyNjQ4NkJFRkIzQUJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZCRUZC M0FCQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFjMjg5NzA2LWE0ZjQtNGUxZi05 YTZlLTAxYzljNTNjZDhmOS8wLzMyMzAzMjJlMzQzMzJlMzIzNTMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzNzM0LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyiv7MA0GCSqG SIb3DQEBCwUAA4IBAQDIhLxFEwhaLfj+6vfRFaQFbq08pWnf1M46gGa7CPfvr9pY M01fF4dWproeko78Pn08wogqy5UXvQM3aVLKJ/mY+TCY1IPuUDzmNqN8x605/+7E s1nsOVk2lpG4rjt9aolY26+muAHvWjmkQ8thsArSanUiv80Huf0pcKnchbSHoNtA 6bS7igbNyyZcw9f6ZCe5Gt4Ao3y1gQ6BptGX22dVQ4M+mvu7fzk2YLVvs+v1jKPe yKtNO2JSxtn5LbCPSu2UciNBZ5joQP+Ye7+jDnjzNK6BTJyQNSDgI+o7D4EWEpaW QirIKkkbuOL1T2QAcdgoGG6oDscmoXWy8XkpXAmT -----END CERTIFICATE-----Generated at Thu Nov 21 05:34:31 2024 by rpki-client on console-ams.rpki-client.org