$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32312d3231203d3e203233393531.roa File: 3230322e36352e3131322e302f32312d3231203d3e203233393531.roa (raw, json) Hash identifier: YMkK1MNXH2D6eByawSLr2fAy1YjJp/Nm5M4Ucze1b40= Subject key identifier: 1C:8F:0B:54:E2:EB:6F:CE:0B:E8:F3:83:3E:46:82:EE:B5:4A:04:29 Certificate issuer: /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Certificate serial: 61F5CC5ACE1BF5D8363C57C92B36C9644B5CFE63 Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32312d3231203d3e203233393531.roa Signing time: Tue 25 Mar 2025 18:00:00 +0000 ROA not before: Tue 25 Mar 2025 17:55:00 +0000 ROA not after: Tue 24 Mar 2026 18:00:00 +0000 asID: 23951 IP address blocks: 202.65.112.0/21 maxlen: 21 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 02:49:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:f5:cc:5a:ce:1b:f5:d8:36:3c:57:c9:2b:36:c9:64:4b:5c:fe:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Validity Not Before: Mar 25 17:55:00 2025 GMT Not After : Mar 24 18:00:00 2026 GMT Subject: CN=1C8F0B54E2EB6FCE0BE8F3833E4682EEB54A0429 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e0:6d:89:7b:42:5e:e2:38:cf:2b:41:96:c7: f7:d1:74:8b:d8:88:4c:0d:88:55:25:6f:22:14:a3: 6e:99:6c:e4:9e:f9:b8:76:cf:a8:ed:d8:f2:53:8c: ee:a5:26:7b:71:cc:77:ce:57:61:8b:7b:fb:0a:7f: 67:19:aa:92:ef:e0:ae:f9:e9:a4:f3:1d:06:88:74: a7:8e:df:29:b9:d0:ae:1e:92:d6:20:1e:f7:b7:ea: 41:42:61:1b:82:f9:b0:de:ab:22:e9:2f:42:db:25: cd:e2:9a:b5:7f:d1:8a:57:5e:30:3d:f2:8f:69:8c: e0:b0:c8:53:69:19:e4:e0:d6:1a:bd:93:32:e2:db: b6:92:c6:c1:bd:8c:2f:43:74:61:c8:4e:3b:e1:cc: c9:5b:b8:ee:09:03:2f:9a:6a:b4:5c:62:16:a3:29: f4:f5:24:8e:6c:27:a8:4e:64:bc:e3:43:34:9a:83: 42:ac:64:60:3d:21:e5:1a:df:72:b7:6c:0d:9e:44: eb:97:0b:b5:55:9d:a4:39:db:3a:06:f2:8e:91:67: a8:62:e1:26:47:f9:3e:1d:6a:a0:0d:a8:eb:dc:ae: 62:7c:35:8c:57:22:ab:40:b3:fb:63:52:8b:a2:e2: 31:51:4e:8d:78:83:62:f5:26:77:89:07:53:cd:ca: 31:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:8F:0B:54:E2:EB:6F:CE:0B:E8:F3:83:3E:46:82:EE:B5:4A:04:29 X509v3 Authority Key Identifier: keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32312d3231203d3e203233393531.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.65.112.0/21 Signature Algorithm: sha256WithRSAEncryption 77:11:ae:fa:3b:d9:d3:d7:34:89:2e:bd:8e:91:cd:0b:63:2a: 21:61:a5:76:94:9d:68:f0:88:53:c5:1a:23:bc:ae:ba:54:cc: eb:6d:65:0e:a9:11:11:f4:b6:8f:42:76:3c:89:e9:59:02:08: 46:a6:9f:96:a6:6a:a5:da:95:c4:82:17:d6:b7:eb:59:18:d8: e2:ae:1b:5e:a8:56:29:ea:eb:27:e4:07:48:46:83:7e:30:34: d0:f2:41:15:9f:ea:45:0b:d1:d0:fd:f5:be:b1:63:0d:d5:c9: 4d:ce:44:c9:96:6e:44:86:76:5b:9b:a5:ce:1a:7d:86:f0:f1: 6a:75:a4:79:64:ae:9a:49:c1:52:65:40:3d:d7:91:e8:c4:1f: 23:8e:ce:c4:d6:84:f1:fd:6c:6c:59:f9:35:12:30:0c:69:d9: bb:28:8f:20:6f:cf:4c:0e:07:62:76:45:c5:5a:53:d7:60:f0: 1f:e7:8f:ed:65:9e:34:d7:e3:e4:81:b0:c9:b3:6c:8d:0d:f7: 25:14:06:27:cc:d2:e8:ad:e9:0f:2a:3e:a0:f0:6e:5a:2e:e2: 1f:a1:8f:15:12:c0:2c:bc:16:43:cf:47:a2:21:a9:fd:48:d7: 72:53:0c:8d:79:7d:5f:19:7e:64:f1:45:a7:e2:89:a8:e3:c1: 8d:5b:f1:ac -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUYfXMWs4b9dg2PFfJKzbJZEtc/mMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx NDNDOEU4RjAeFw0yNTAzMjUxNzU1MDBaFw0yNjAzMjQxODAwMDBaMDMxMTAvBgNV BAMTKDFDOEYwQjU0RTJFQjZGQ0UwQkU4RjM4MzNFNDY4MkVFQjU0QTA0MjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI4G2Je0Je4jjPK0GWx/fRdIvY iEwNiFUlbyIUo26ZbOSe+bh2z6jt2PJTjO6lJntxzHfOV2GLe/sKf2cZqpLv4K75 6aTzHQaIdKeO3ym50K4ektYgHve36kFCYRuC+bDeqyLpL0LbJc3imrV/0YpXXjA9 8o9pjOCwyFNpGeTg1hq9kzLi27aSxsG9jC9DdGHITjvhzMlbuO4JAy+aarRcYhaj KfT1JI5sJ6hOZLzjQzSag0KsZGA9IeUa33K3bA2eROuXC7VVnaQ52zoG8o6RZ6hi 4SZH+T4daqANqOvcrmJ8NYxXIqtAs/tjUoui4jFRTo14g2L1JneJB1PNyjG9AgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUHI8LVOLrb84L6PODPkaC7rVKBCkwHwYDVR0j BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0 MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND OEU4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlNmE3ZTQ2LWI2YWQtNGE3ZC1i OTMwLTFhYjBiZjAyZGQ1ZC8wLzMyMzAzMjJlMzYzNTJlMzEzMTMyMmUzMDJmMzIz MTJkMzIzMTIwM2QzZTIwMzIzMzM5MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8pBcDANBgkqhkiG 9w0BAQsFAAOCAQEAdxGu+jvZ09c0iS69jpHNC2MqIWGldpSdaPCIU8UaI7yuulTM 621lDqkREfS2j0J2PInpWQIIRqaflqZqpdqVxIIX1rfrWRjY4q4bXqhWKerrJ+QH SEaDfjA00PJBFZ/qRQvR0P31vrFjDdXJTc5EyZZuRIZ2W5ulzhp9hvDxanWkeWSu mknBUmVAPdeR6MQfI47OxNaE8f1sbFn5NRIwDGnZuyiPIG/PTA4HYnZFxVpT12Dw H+eP7WWeNNfj5IGwybNsjQ33JRQGJ8zS6K3pDyo+oPBuWi7iH6GPFRLALLwWQ89H oiGp/UjXclMMjXl9Xxl+ZPFFp+KJqOPBjVvxrA== -----END CERTIFICATE-----Generated at Tue Apr 8 03:22:40 2025 by rpki-client