$ rpki-client -vvf repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a3937303a3a2f34342d3434203d3e20313533303837.roa File: 323430343a393763303a3937303a3a2f34342d3434203d3e20313533303837.roa (raw, json) Hash identifier: FCPjRuILimc1y3AzWysntAW1lv6bPjvpNuCAb/4Y8KY= Subject key identifier: 72:29:41:83:70:F6:FC:D5:66:FE:D6:A2:36:23:93:0E:90:83:F2:00 Certificate issuer: /CN=4DF3DB3DA21D0022202130736E4CCB048C1D5158 Certificate serial: 5730211E77BEBBF6CB8DA1DA2266DA2A1C167494 Authority key identifier: 4D:F3:DB:3D:A2:1D:00:22:20:21:30:73:6E:4C:CB:04:8C:1D:51:58 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a3937303a3a2f34342d3434203d3e20313533303837.roa Signing time: Tue 10 Dec 2024 06:11:03 +0000 ROA not before: Tue 10 Dec 2024 06:06:03 +0000 ROA not after: Tue 09 Dec 2025 06:11:03 +0000 asID: 153087 IP address blocks: 2404:97c0:970::/44 maxlen: 44 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.crl rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 22:52:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:30:21:1e:77:be:bb:f6:cb:8d:a1:da:22:66:da:2a:1c:16:74:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4DF3DB3DA21D0022202130736E4CCB048C1D5158 Validity Not Before: Dec 10 06:06:03 2024 GMT Not After : Dec 9 06:11:03 2025 GMT Subject: CN=7229418370F6FCD566FED6A23623930E9083F200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:03:7d:5c:23:96:03:de:0c:cb:a3:07:21:60: a0:f7:32:a7:fd:31:b8:ea:a0:9e:aa:89:a2:61:87: c1:5d:03:e9:6f:a4:34:e8:a1:52:da:86:f5:e5:0d: 88:e8:1e:e6:d8:a7:5a:40:0b:d5:31:6b:c7:af:6d: bb:02:1d:ad:57:30:70:89:2d:e9:f5:51:b7:b1:8b: bd:29:89:e9:1f:12:f5:86:b6:e7:73:f9:af:b7:5a: ed:1c:c2:cd:7a:cd:da:79:dd:24:06:36:6f:95:d3: 6d:75:69:58:75:ad:e6:ae:86:fb:4c:79:f0:c4:23: 6d:c3:51:eb:e6:63:b1:84:f2:5a:cd:bc:a5:c2:cc: 29:08:4d:b8:e9:ac:f7:90:2b:70:50:98:fc:2d:ed: 71:a9:cb:e5:18:a9:c1:0b:51:d1:9b:ff:c8:b5:65: 50:2c:5b:52:3f:08:e3:30:8b:bc:d2:b7:21:1a:e0: 66:f3:84:d4:69:9b:b1:e1:f1:cf:f6:07:89:f5:a1: f9:66:b4:b3:20:88:e8:fc:17:ea:d8:09:a4:94:33: 59:e8:b5:06:69:12:63:f2:35:96:40:09:37:f2:14: 22:79:d6:62:6f:be:4d:08:d8:63:a7:f0:1f:93:42: f8:b1:87:15:e4:d5:a5:4c:9a:ff:f8:5c:ca:fc:c8: dd:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:29:41:83:70:F6:FC:D5:66:FE:D6:A2:36:23:93:0E:90:83:F2:00 X509v3 Authority Key Identifier: keyid:4D:F3:DB:3D:A2:1D:00:22:20:21:30:73:6E:4C:CB:04:8C:1D:51:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a3937303a3a2f34342d3434203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:970::/44 Signature Algorithm: sha256WithRSAEncryption b6:67:9e:bc:78:1c:ec:3d:9f:c6:c3:15:1b:7d:94:3f:18:72: 28:84:58:36:d4:db:eb:ab:b6:e5:94:7a:45:13:9a:31:2a:1b: e7:4b:50:3b:68:4a:58:45:de:3a:7c:de:5e:67:eb:60:25:a3: 40:68:9f:51:82:7d:20:8d:a8:2e:ec:99:a1:41:55:f1:e1:9d: c0:6c:39:c0:c3:4d:e0:33:9a:10:39:22:d0:88:8f:24:3e:5c: 08:e4:91:1b:28:41:62:1c:2e:25:8a:b5:8a:25:96:09:29:21: c0:47:c6:80:b0:aa:c6:02:9c:bd:0c:ef:7a:c7:cd:55:97:07: 68:06:5f:5c:3f:69:8d:6b:4c:58:cf:33:c1:2c:b9:b1:4b:8f: 4a:34:30:da:ec:d6:30:d6:6b:94:04:41:dd:46:00:2d:c4:bc: 21:9c:1c:58:e2:ff:c5:dd:bb:53:c3:7c:6f:bc:96:53:28:93: 25:0e:34:53:8a:2c:a5:20:5f:88:05:66:7f:83:7a:25:9b:41: aa:d2:f6:fc:db:8a:4d:88:f2:f4:15:e5:b6:3c:ed:a8:57:ea: 1f:54:b9:55:02:c0:ba:4f:bb:0b:aa:2f:94:11:07:b8:43:5c: 63:17:af:d3:06:03:bb:2f:14:58:d8:7a:29:a9:34:40:2f:7f: 97:d5:58:df -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUVzAhHne+u/bLjaHaImbaKhwWdJQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNERGM0RCM0RBMjFEMDAyMjIwMjEzMDczNkU0Q0NCMDQ4 QzFENTE1ODAeFw0yNDEyMTAwNjA2MDNaFw0yNTEyMDkwNjExMDNaMDMxMTAvBgNV BAMTKDcyMjk0MTgzNzBGNkZDRDU2NkZFRDZBMjM2MjM5MzBFOTA4M0YyMDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsA31cI5YD3gzLowchYKD3Mqf9 MbjqoJ6qiaJhh8FdA+lvpDTooVLahvXlDYjoHubYp1pAC9Uxa8evbbsCHa1XMHCJ Len1Ubexi70piekfEvWGtudz+a+3Wu0cws16zdp53SQGNm+V0211aVh1reauhvtM efDEI23DUevmY7GE8lrNvKXCzCkITbjprPeQK3BQmPwt7XGpy+UYqcELUdGb/8i1 ZVAsW1I/COMwi7zStyEa4GbzhNRpm7Hh8c/2B4n1oflmtLMgiOj8F+rYCaSUM1no tQZpEmPyNZZACTfyFCJ51mJvvk0I2GOn8B+TQvixhxXk1aVMmv/4XMr8yN3LAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUcilBg3D2/NVm/taiNiOTDpCD8gAwHwYDVR0j BBgwFoAUTfPbPaIdACIgITBzbkzLBIwdUVgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZGVkNTgxMS1iZTUwLTRjYWEtOWY5Ni02M2QzNzIwMzExZGUvMS80REYzREIzREEy MUQwMDIyMjAyMTMwNzM2RTRDQ0IwNDhDMUQ1MTU4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNERGM0RCM0RBMjFEMDAyMjIwMjEzMDczNkU0Q0NCMDQ4QzFE NTE1OC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkZWQ1ODExLWJlNTAtNGNhYS05 Zjk2LTYzZDM3MjAzMTFkZS8xLzMyMzQzMDM0M2EzOTM3NjMzMDNhMzkzNzMwM2Ez YTJmMzQzNDJkMzQzNDIwM2QzZTIwMzEzNTMzMzAzODM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEJASX wAlwMA0GCSqGSIb3DQEBCwUAA4IBAQC2Z568eBzsPZ/GwxUbfZQ/GHIohFg21Nvr q7bllHpFE5oxKhvnS1A7aEpYRd46fN5eZ+tgJaNAaJ9Rgn0gjagu7JmhQVXx4Z3A bDnAw03gM5oQOSLQiI8kPlwI5JEbKEFiHC4lirWKJZYJKSHAR8aAsKrGApy9DO96 x81VlwdoBl9cP2mNa0xYzzPBLLmxS49KNDDa7NYw1muUBEHdRgAtxLwhnBxY4v/F 3btTw3xvvJZTKJMlDjRTiiylIF+IBWZ/g3olm0Gq0vb824pNiPL0FeW2PO2oV+of VLlVAsC6T7sLqi+UEQe4Q1xjF6/TBgO7LxRY2HopqTRAL3+X1Vjf -----END CERTIFICATE-----Generated at Sun Apr 6 23:35:18 2025 by rpki-client