$ rpki-client -vvf repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a633030303a3a2f33362d3336203d3e20313533303837.roa File: 323430343a393763303a633030303a3a2f33362d3336203d3e20313533303837.roa (raw, json) Hash identifier: CExyw62yhaULfuFNwHgJQzvOaDneumlJpO9PSL24k5c= Subject key identifier: 2C:01:24:00:36:8F:7B:B2:69:CC:BC:82:D5:FD:A9:2C:98:C7:90:D0 Certificate issuer: /CN=4DF3DB3DA21D0022202130736E4CCB048C1D5158 Certificate serial: 14F821BDF7ABF6822C419F01A348CC10059C1361 Authority key identifier: 4D:F3:DB:3D:A2:1D:00:22:20:21:30:73:6E:4C:CB:04:8C:1D:51:58 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a633030303a3a2f33362d3336203d3e20313533303837.roa Signing time: Tue 10 Dec 2024 05:57:16 +0000 ROA not before: Tue 10 Dec 2024 05:52:16 +0000 ROA not after: Tue 09 Dec 2025 05:57:16 +0000 asID: 153087 IP address blocks: 2404:97c0:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.crl rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 22:52:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:f8:21:bd:f7:ab:f6:82:2c:41:9f:01:a3:48:cc:10:05:9c:13:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4DF3DB3DA21D0022202130736E4CCB048C1D5158 Validity Not Before: Dec 10 05:52:16 2024 GMT Not After : Dec 9 05:57:16 2025 GMT Subject: CN=2C012400368F7BB269CCBC82D5FDA92C98C790D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e7:fc:4d:ed:15:2a:72:f0:94:c6:3f:7a:94: 11:0e:23:b1:f1:be:51:11:6b:32:a2:ad:0a:4e:0b: 42:bd:98:ab:e4:43:7d:fc:38:20:05:ae:03:8c:ba: 47:ad:42:85:75:38:5d:a2:d7:2c:dc:66:cc:a5:59: 74:f9:46:b7:e9:a2:6f:30:9d:8a:af:86:f0:e8:45: 86:af:f0:20:03:f8:f9:53:b4:21:5c:3a:70:74:1e: cd:6b:2d:57:02:7e:03:71:ec:52:f9:7b:f9:54:d9: 20:15:1e:1a:30:e6:10:b6:e0:fd:86:a5:59:05:6c: e6:3a:bc:e9:48:70:35:24:13:d1:a6:57:52:e0:24: 70:15:c7:e0:af:45:98:5b:0f:6e:7c:7f:56:14:bb: 57:6d:77:5d:ec:74:7a:28:51:e4:67:a3:b5:f0:67: 0c:c5:35:e9:7b:e4:8e:74:f6:82:62:15:99:bb:2b: 98:a4:ee:97:b4:1a:40:00:48:bf:2f:5f:6a:5b:67: 06:62:e5:d9:5d:6f:b5:0c:84:08:91:89:63:ac:53: 67:9b:27:4c:9e:e3:b9:5c:94:7f:ff:0f:5d:f2:ed: b6:3d:ec:ad:08:15:3b:6c:b3:5d:0c:81:81:c2:a8: 93:0e:9c:0f:18:47:55:9e:6f:4d:5c:74:db:4e:a1: 9d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:01:24:00:36:8F:7B:B2:69:CC:BC:82:D5:FD:A9:2C:98:C7:90:D0 X509v3 Authority Key Identifier: keyid:4D:F3:DB:3D:A2:1D:00:22:20:21:30:73:6E:4C:CB:04:8C:1D:51:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a633030303a3a2f33362d3336203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:c000::/36 Signature Algorithm: sha256WithRSAEncryption 46:f8:6b:9b:a0:dd:5f:88:c9:fa:4c:dc:da:ad:89:65:e8:ad: d4:b7:39:8d:67:03:0b:92:b9:f6:53:28:16:66:f3:25:ae:7a: 32:8f:0a:1d:6b:18:20:77:27:8a:e0:84:7a:89:c0:df:1e:c0: a1:71:56:d1:1b:df:aa:11:c5:07:f3:8d:05:92:16:3c:d2:6c: 07:d1:27:9b:53:e0:7d:5c:be:d9:7e:62:2b:0f:db:c5:fa:ea: b8:68:70:d3:17:f8:e7:64:92:a7:3f:96:c1:f9:5a:d9:f3:c1: 8b:8e:37:02:77:ac:dc:c6:15:65:07:cf:66:0e:14:75:10:2c: f3:61:8c:db:4d:51:db:ab:bd:da:dc:0c:30:ea:e6:05:9f:db: b4:ff:23:33:d2:32:c1:2d:2b:65:16:4a:4f:1f:c5:68:a3:70: 95:12:e5:eb:2e:cd:37:80:9d:39:8f:7b:db:76:cc:11:ec:c5: 21:32:b1:84:be:c9:cd:5e:9c:b0:9c:5b:76:b8:bf:96:d0:82: 53:c8:e8:3b:eb:7a:3f:db:4d:05:1b:6e:28:2b:ee:d7:a5:3d: c2:7a:1d:2f:ff:c7:78:3b:4f:25:e1:f7:47:24:9f:ed:01:a2: 0f:39:39:0a:7d:33:7f:e2:e8:db:ab:0b:38:e3:19:f6:b9:a0: 66:e4:db:e3 -----BEGIN CERTIFICATE----- MIIFNDCCBBygAwIBAgIUFPghvfer9oIsQZ8Bo0jMEAWcE2EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNERGM0RCM0RBMjFEMDAyMjIwMjEzMDczNkU0Q0NCMDQ4 QzFENTE1ODAeFw0yNDEyMTAwNTUyMTZaFw0yNTEyMDkwNTU3MTZaMDMxMTAvBgNV BAMTKDJDMDEyNDAwMzY4RjdCQjI2OUNDQkM4MkQ1RkRBOTJDOThDNzkwRDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw5/xN7RUqcvCUxj96lBEOI7Hx vlERazKirQpOC0K9mKvkQ338OCAFrgOMuketQoV1OF2i1yzcZsylWXT5Rrfpom8w nYqvhvDoRYav8CAD+PlTtCFcOnB0Hs1rLVcCfgNx7FL5e/lU2SAVHhow5hC24P2G pVkFbOY6vOlIcDUkE9GmV1LgJHAVx+CvRZhbD258f1YUu1dtd13sdHooUeRno7Xw ZwzFNel75I509oJiFZm7K5ik7pe0GkAASL8vX2pbZwZi5dldb7UMhAiRiWOsU2eb J0ye47lclH//D13y7bY97K0IFTtss10MgYHCqJMOnA8YR1Web01cdNtOoZ0jAgMB AAGjggI+MIICOjAdBgNVHQ4EFgQULAEkADaPe7JpzLyC1f2pLJjHkNAwHwYDVR0j BBgwFoAUTfPbPaIdACIgITBzbkzLBIwdUVgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZGVkNTgxMS1iZTUwLTRjYWEtOWY5Ni02M2QzNzIwMzExZGUvMS80REYzREIzREEy MUQwMDIyMjAyMTMwNzM2RTRDQ0IwNDhDMUQ1MTU4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNERGM0RCM0RBMjFEMDAyMjIwMjEzMDczNkU0Q0NCMDQ4QzFE NTE1OC5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkZWQ1ODExLWJlNTAtNGNhYS05 Zjk2LTYzZDM3MjAzMTFkZS8xLzMyMzQzMDM0M2EzOTM3NjMzMDNhNjMzMDMwMzAz YTNhMmYzMzM2MmQzMzM2MjAzZDNlMjAzMTM1MzMzMDM4Mzcucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQk BJfAwDANBgkqhkiG9w0BAQsFAAOCAQEARvhrm6DdX4jJ+kzc2q2JZeit1Lc5jWcD C5K59lMoFmbzJa56Mo8KHWsYIHcniuCEeonA3x7AoXFW0RvfqhHFB/ONBZIWPNJs B9Enm1PgfVy+2X5iKw/bxfrquGhw0xf452SSpz+Wwfla2fPBi443Anes3MYVZQfP Zg4UdRAs82GM201R26u92twMMOrmBZ/btP8jM9IywS0rZRZKTx/FaKNwlRLl6y7N N4CdOY9723bMEezFITKxhL7JzV6csJxbdri/ltCCU8joO+t6P9tNBRtuKCvu16U9 wnodL//HeDtPJeH3RySf7QGiDzk5Cn0zf+Lo26sLOOMZ9rmgZuTb4w== -----END CERTIFICATE-----Generated at Sun Apr 6 23:35:24 2025 by rpki-client