$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030343a3a2f34382d3438203d3e203233363739.roa File: 323430313a323930303a383030343a3a2f34382d3438203d3e203233363739.roa (raw, json) Hash identifier: jKZAZmR09Ez2IhDwtyNbUuJyWL9/QPhqpC9zbd3wCHU= Subject key identifier: 4F:0B:A4:F2:46:DD:B2:8F:CB:B1:FB:54:A7:A6:9B:B3:5B:3D:C0:A7 Certificate issuer: /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Certificate serial: 6D66EA61216BDBDA30427CFC31253E8114818009 Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject info access: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030343a3a2f34382d3438203d3e203233363739.roa Signing time: Wed 01 Jan 2025 04:00:38 +0000 ROA not before: Wed 01 Jan 2025 03:55:38 +0000 ROA not after: Wed 31 Dec 2025 04:00:38 +0000 asID: 23679 IP address blocks: 2401:2900:8004::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 10:26:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:66:ea:61:21:6b:db:da:30:42:7c:fc:31:25:3e:81:14:81:80:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Validity Not Before: Jan 1 03:55:38 2025 GMT Not After : Dec 31 04:00:38 2025 GMT Subject: CN=4F0BA4F246DDB28FCBB1FB54A7A69BB35B3DC0A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:8c:7f:d0:c3:70:ad:77:e3:d8:fd:6f:d5:cd: d0:07:b4:2f:d3:af:ea:9e:e3:e0:52:39:38:37:ef: 41:71:04:04:ab:90:da:be:fa:05:c6:4e:7c:cf:bb: 54:28:5b:f7:d4:9b:c1:a5:41:eb:4d:87:d9:f1:d8: fc:3d:d6:b1:9a:ad:a1:53:c7:ff:fa:51:08:7b:a3: c9:4d:ab:cb:94:01:f5:e2:a8:94:4c:6b:9f:bd:f6: d2:36:d2:1a:c4:23:6d:7b:87:ae:7e:fd:17:63:89: 58:06:65:b8:40:94:68:a2:21:85:5d:04:71:b4:6d: 19:ff:42:07:40:a9:91:ec:68:fe:d9:9d:c2:f6:1b: 24:b1:b9:a1:8a:0c:b6:ca:fd:18:4d:61:bd:06:0c: 3b:27:74:58:12:fc:2f:3e:21:02:89:59:d2:ad:a1: 77:72:41:e1:b6:be:f0:f3:ce:b2:f4:97:1a:af:f3: 14:ee:58:3e:22:63:87:2d:07:30:31:79:af:9a:59: a0:f7:17:ad:17:ef:fc:f6:74:71:71:d4:35:d8:82: ca:c5:de:1d:03:03:31:9c:a0:7d:6e:c6:97:e5:6d: 6e:15:ff:de:81:57:e1:76:31:e1:cf:82:0e:e8:7c: a4:27:1f:95:d1:c2:48:8a:b7:01:03:10:b1:14:46: 20:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:0B:A4:F2:46:DD:B2:8F:CB:B1:FB:54:A7:A6:9B:B3:5B:3D:C0:A7 X509v3 Authority Key Identifier: keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030343a3a2f34382d3438203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8004::/48 Signature Algorithm: sha256WithRSAEncryption 7c:78:f4:df:eb:ae:ee:ad:8f:79:f2:38:64:72:51:b4:95:90: 5a:bc:23:68:04:ee:df:b7:61:7d:44:05:a0:7e:2d:ae:a2:85: b2:fe:57:c1:02:e7:26:35:8a:25:9a:13:af:20:cc:57:3e:a8: c1:2f:e9:1d:14:9b:0f:a0:ac:e6:57:62:a9:70:b0:76:4d:5c: 41:f7:d2:f0:eb:a5:92:64:fe:a7:ed:95:99:98:05:9f:59:24: 7c:8a:ab:c4:8a:50:83:6d:11:ee:0b:f5:32:cc:fe:83:38:3e: b9:f2:69:36:8d:75:b9:7b:fd:7a:69:45:1c:6f:00:97:ca:83: 3a:ae:74:71:67:7d:48:5e:78:5a:c9:13:27:2b:7b:3a:7a:72: 79:20:26:61:66:30:d1:84:01:75:2b:2c:a5:b5:e2:9b:70:ba: a6:d7:bf:19:c3:da:41:46:0c:81:a8:73:a3:a9:a5:2d:82:a2: eb:bc:ba:b6:2a:d6:8a:f4:b3:e4:a4:e5:00:99:14:62:51:60: 5a:83:21:9d:61:db:b4:a4:21:e7:b0:39:d8:b7:11:c6:a8:bb: 72:c3:ba:0a:14:77:d8:60:8f:53:db:b5:e9:60:67:06:77:cb: 8c:ae:6b:61:43:b9:f4:05:2c:45:08:d5:11:81:fa:ec:cb:9e: a8:8f:27:1b -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUbWbqYSFr29owQnz8MSU+gRSBgAkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0 RkE2Njk4NDAeFw0yNTAxMDEwMzU1MzhaFw0yNTEyMzEwNDAwMzhaMDMxMTAvBgNV BAMTKDRGMEJBNEYyNDZEREIyOEZDQkIxRkI1NEE3QTY5QkIzNUIzREMwQTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjH/Qw3Ctd+PY/W/VzdAHtC/T r+qe4+BSOTg370FxBASrkNq++gXGTnzPu1QoW/fUm8GlQetNh9nx2Pw91rGaraFT x//6UQh7o8lNq8uUAfXiqJRMa5+99tI20hrEI217h65+/RdjiVgGZbhAlGiiIYVd BHG0bRn/QgdAqZHsaP7ZncL2GySxuaGKDLbK/RhNYb0GDDsndFgS/C8+IQKJWdKt oXdyQeG2vvDzzrL0lxqv8xTuWD4iY4ctBzAxea+aWaD3F60X7/z2dHFx1DXYgsrF 3h0DAzGcoH1uxpflbW4V/96BV+F2MeHPgg7ofKQnH5XRwkiKtwEDELEURiCtAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUTwuk8kbdso/LsftUp6abs1s9wKcwHwYDVR0j BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2 Njk4NC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzQz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEp AIAEMA0GCSqGSIb3DQEBCwUAA4IBAQB8ePTf667urY958jhkclG0lZBavCNoBO7f t2F9RAWgfi2uooWy/lfBAucmNYolmhOvIMxXPqjBL+kdFJsPoKzmV2KpcLB2TVxB 99Lw66WSZP6n7ZWZmAWfWSR8iqvEilCDbRHuC/UyzP6DOD658mk2jXW5e/16aUUc bwCXyoM6rnRxZ31IXnhayRMnK3s6enJ5ICZhZjDRhAF1KyylteKbcLqm178Zw9pB RgyBqHOjqaUtgqLrvLq2KtaK9LPkpOUAmRRiUWBagyGdYdu0pCHnsDnYtxHGqLty w7oKFHfYYI9T27XpYGcGd8uMrmthQ7n0BSxFCNURgfrsy56ojycb -----END CERTIFICATE-----Generated at Sun Apr 6 11:03:42 2025 by rpki-client