$ rpki-client -vvf repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235332e302f32342d3234203d3e20313338303734.roa File: 3230322e34332e3235332e302f32342d3234203d3e20313338303734.roa (raw, json) Hash identifier: PbVOVfoFeweVzjvEY9pOnArl1Ztl77cws3RLnI/lI98= Subject key identifier: 8F:1B:63:9C:B7:E6:67:FC:20:B2:57:50:05:0B:84:8C:48:87:BC:AA Certificate issuer: /CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB Certificate serial: 06C7A0785090E5D01891C1177335C80F11C8F222 Authority key identifier: C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235332e302f32342d3234203d3e20313338303734.roa Signing time: Mon 29 Jan 2024 01:28:51 +0000 ROA not before: Mon 29 Jan 2024 01:23:51 +0000 ROA not after: Mon 27 Jan 2025 01:28:51 +0000 asID: 138074 IP address blocks: 202.43.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.crl rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:54:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:c7:a0:78:50:90:e5:d0:18:91:c1:17:73:35:c8:0f:11:c8:f2:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB Validity Not Before: Jan 29 01:23:51 2024 GMT Not After : Jan 27 01:28:51 2025 GMT Subject: CN=8F1B639CB7E667FC20B25750050B848C4887BCAA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:7d:eb:0b:28:b4:52:8b:6b:c0:c1:24:d9:0b: 75:7d:20:74:63:b9:d8:63:89:45:c3:95:9f:41:91: 71:5c:1c:80:d2:b3:a7:11:7a:ba:d7:f0:5c:00:60: 2f:22:50:e8:e3:38:cb:71:c6:6d:b5:3f:ec:b0:1a: 14:d7:94:1f:cb:f4:1b:c2:58:76:62:4c:59:2f:4c: bf:8a:ed:b1:02:7e:79:ed:9d:b0:1d:61:77:71:a5: 58:d9:7a:7d:71:0e:e0:52:51:bc:2c:59:49:cb:1b: 14:be:00:2d:aa:bf:bc:fc:6a:2f:5f:80:b0:38:50: 12:c0:9d:d8:a5:84:7e:1a:12:3f:ca:85:ee:da:44: 61:d6:8c:aa:df:9c:7c:b3:25:a5:46:e6:38:12:69: ae:40:56:93:1b:78:12:c9:ff:43:ac:da:5c:e7:a2: ff:a7:d5:4a:2e:0d:14:a5:94:3b:a5:6f:aa:0b:b2: d3:75:03:1c:1e:21:ce:a5:19:9e:42:8d:88:b1:91: d9:3e:c2:a9:c8:09:53:19:39:2f:e7:81:20:da:0e: 17:bb:19:0e:35:fb:78:62:d6:a5:bf:1f:0a:24:fd: 0a:b4:ff:81:6c:d5:e9:c7:71:8f:aa:47:14:83:39: 40:9c:16:ce:6f:a8:e5:b7:73:ee:50:cc:9a:5a:21: 86:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:1B:63:9C:B7:E6:67:FC:20:B2:57:50:05:0B:84:8C:48:87:BC:AA X509v3 Authority Key Identifier: keyid:C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235332e302f32342d3234203d3e20313338303734.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.43.253.0/24 Signature Algorithm: sha256WithRSAEncryption cf:3e:03:83:90:92:93:ec:5d:d7:05:74:b0:77:40:e0:fc:bb: 78:e0:f7:3f:60:53:c0:12:e1:77:cd:f8:3d:b2:64:65:ac:32: 64:49:10:bc:4d:f6:2f:16:b0:f0:52:b8:be:e9:7f:be:6e:4c: 61:93:ce:07:7a:20:e6:f6:48:ab:ab:6e:ac:7c:f6:5d:17:a4: ef:32:cd:a9:ec:92:76:59:f0:c0:96:57:f4:4c:7c:93:66:a8: 53:54:5f:f3:cc:2d:aa:58:97:17:20:8d:cc:e9:ab:d4:9b:68: 84:1d:23:13:ef:c0:7e:86:e8:81:e5:49:e2:b4:a2:94:8a:d4: e7:6f:5b:97:f0:55:fa:62:9b:b4:98:5f:ec:26:5b:0d:0a:9b: 2d:29:00:03:c6:b9:50:09:d9:03:49:f0:83:46:52:d3:a3:63: 65:2a:cc:4e:c9:7d:8a:08:82:d9:fb:d7:8c:b8:6a:bc:fd:7a: c5:4a:12:06:21:a4:84:91:78:61:32:f8:23:56:f1:8d:62:22: 32:48:9e:e9:5a:6d:72:b3:cc:7c:7c:9a:5d:25:e4:4c:75:dd: 52:a3:14:3e:a8:0e:c2:eb:6e:15:c0:5e:fb:94:f1:98:5c:eb: 29:0a:d1:22:a5:04:a9:60:94:5a:c1:14:35:ec:5c:89:17:c2: ce:fb:32:65 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUBsegeFCQ5dAYkcEXczXIDxHI8iIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZC RUZCM0FCQjAeFw0yNDAxMjkwMTIzNTFaFw0yNTAxMjcwMTI4NTFaMDMxMTAvBgNV BAMTKDhGMUI2MzlDQjdFNjY3RkMyMEIyNTc1MDA1MEI4NDhDNDg4N0JDQUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvfesLKLRSi2vAwSTZC3V9IHRj udhjiUXDlZ9BkXFcHIDSs6cRerrX8FwAYC8iUOjjOMtxxm21P+ywGhTXlB/L9BvC WHZiTFkvTL+K7bECfnntnbAdYXdxpVjZen1xDuBSUbwsWUnLGxS+AC2qv7z8ai9f gLA4UBLAndilhH4aEj/Khe7aRGHWjKrfnHyzJaVG5jgSaa5AVpMbeBLJ/0Os2lzn ov+n1UouDRSllDulb6oLstN1AxweIc6lGZ5CjYixkdk+wqnICVMZOS/ngSDaDhe7 GQ41+3hi1qW/Hwok/Qq0/4Fs1enHcY+qRxSDOUCcFs5vqOW3c+5QzJpaIYZvAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUjxtjnLfmZ/wgsldQBQuEjEiHvKowHwYDVR0j BBgwFoAUyOwY4CdjmwW8WKIijRJkhr77OrswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YzI4OTcwNi1hNGY0LTRlMWYtOWE2ZS0wMWM5YzUzY2Q4ZjkvMC9DOEVDMThFMDI3 NjM5QjA1QkM1OEEyMjI4RDEyNjQ4NkJFRkIzQUJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZCRUZC M0FCQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFjMjg5NzA2LWE0ZjQtNGUxZi05 YTZlLTAxYzljNTNjZDhmOS8wLzMyMzAzMjJlMzQzMzJlMzIzNTMzMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzNzM0LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyiv9MA0GCSqG SIb3DQEBCwUAA4IBAQDPPgODkJKT7F3XBXSwd0Dg/Lt44Pc/YFPAEuF3zfg9smRl rDJkSRC8TfYvFrDwUri+6X++bkxhk84HeiDm9kirq26sfPZdF6TvMs2p7JJ2WfDA llf0THyTZqhTVF/zzC2qWJcXII3M6avUm2iEHSMT78B+huiB5UnitKKUitTnb1uX 8FX6Ypu0mF/sJlsNCpstKQADxrlQCdkDSfCDRlLTo2NlKsxOyX2KCILZ+9eMuGq8 /XrFShIGIaSEkXhhMvgjVvGNYiIySJ7pWm1ys8x8fJpdJeRMdd1SoxQ+qA7C624V wF77lPGYXOspCtEipQSpYJRawRQ17FyJF8LO+zJl -----END CERTIFICATE-----Generated at Wed May 8 23:43:09 2024 by rpki-client on console-fra.rpki-client.org