$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa File: 323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa (raw, json) Hash identifier: OQ7NX/BADRWr3bWdObmX85s41XlkHi1KEW289h0QGdg= Subject key identifier: 8E:85:D5:20:41:1A:F6:1A:B2:52:7D:07:CC:84:DD:F9:2D:65:0C:DC Certificate issuer: /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Certificate serial: 1883E5F10555AADECF2901AD5CCECDEE0E269F82 Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject info access: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa Signing time: Wed 01 Jan 2025 04:00:36 +0000 ROA not before: Wed 01 Jan 2025 03:55:36 +0000 ROA not after: Wed 31 Dec 2025 04:00:36 +0000 asID: 23679 IP address blocks: 2401:2900:8005::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 10:26:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:83:e5:f1:05:55:aa:de:cf:29:01:ad:5c:ce:cd:ee:0e:26:9f:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Validity Not Before: Jan 1 03:55:36 2025 GMT Not After : Dec 31 04:00:36 2025 GMT Subject: CN=8E85D520411AF61AB2527D07CC84DDF92D650CDC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0b:54:30:9b:80:47:ac:5a:b6:9d:27:fb:2d: dc:de:f1:1e:27:78:29:88:1c:50:e0:33:23:64:cd: a2:a6:1c:78:61:09:4f:94:4a:51:29:b7:eb:ef:b9: 7d:e2:1f:a6:04:42:90:2d:4d:92:99:ef:19:15:12: a0:0d:02:33:1a:72:01:28:5e:04:0d:20:61:77:e6: 43:03:d7:7f:03:e0:50:2a:eb:8e:c1:76:14:15:5d: 72:3b:ad:f7:cc:61:7b:b3:9b:f7:ce:59:a6:79:37: 6b:8f:d6:78:bf:db:ca:bd:f7:0e:29:a7:3c:07:83: 55:43:f2:5f:64:19:24:52:34:20:67:5b:b7:77:fe: 90:54:2b:b3:01:01:ab:b3:b9:b6:3f:a1:1c:84:a0: 89:be:35:a2:99:98:7d:38:32:d0:19:d5:d2:35:00: a9:e8:07:ed:e2:6e:9f:d9:bc:7b:90:fb:3c:6b:78: a9:05:5a:3a:0a:ea:5a:4a:51:97:d6:84:de:b9:6e: 55:7b:69:86:67:e3:45:3a:ea:77:cf:ea:d3:61:12: 1a:1f:b8:86:99:46:f7:a8:54:da:68:1f:35:2f:d1: 03:c0:55:6a:ca:c3:4d:9b:2e:30:af:5d:93:b6:f1: ac:a0:2d:96:65:7d:f4:5b:d8:f0:4c:f0:08:db:f1: 1a:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:85:D5:20:41:1A:F6:1A:B2:52:7D:07:CC:84:DD:F9:2D:65:0C:DC X509v3 Authority Key Identifier: keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8005::/48 Signature Algorithm: sha256WithRSAEncryption 34:41:3b:ab:e7:78:c6:3f:6d:7c:92:82:16:6d:d0:46:80:24: a1:a6:0e:23:78:7b:55:2d:65:bb:37:b7:c0:fe:ce:cd:72:e6: fa:d6:3b:18:a1:72:c2:49:05:39:32:ac:37:e8:06:8b:77:99: aa:52:7e:ec:be:d6:41:ec:5b:f7:22:66:98:64:63:b0:6b:51: 20:3f:0b:3d:7a:e0:af:1c:c4:23:67:86:65:40:54:67:81:a3: 5c:e3:f6:a6:fd:ae:50:9d:9e:b3:a3:29:a0:9c:73:88:05:47: 95:36:95:af:6a:b0:33:e4:51:b6:32:f1:b1:6b:46:3f:49:9d: 43:92:b0:57:39:0e:e2:ea:5b:e8:31:21:66:d1:b5:a8:ba:46: 4b:99:11:a8:a2:a3:64:28:17:01:ff:f3:d7:05:bd:e1:73:54: 59:54:6d:0e:c9:8c:47:f0:26:7c:d9:00:52:a1:a2:84:cb:eb: 1b:2f:da:d1:2a:e1:6f:b2:12:19:99:7e:c1:98:f9:fb:d1:04: 09:ab:a6:19:61:12:db:90:d8:d2:41:30:82:3f:6e:84:e6:f8: f3:8f:ab:18:c7:f9:54:8f:52:6e:e4:b7:eb:48:e2:0d:b7:d1: cd:23:e8:2a:4a:18:ba:82:57:77:29:b7:be:76:80:92:18:7f: c3:3d:f3:b4 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUGIPl8QVVqt7PKQGtXM7N7g4mn4IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0 RkE2Njk4NDAeFw0yNTAxMDEwMzU1MzZaFw0yNTEyMzEwNDAwMzZaMDMxMTAvBgNV BAMTKDhFODVENTIwNDExQUY2MUFCMjUyN0QwN0NDODREREY5MkQ2NTBDREMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHC1Qwm4BHrFq2nSf7Ldze8R4n eCmIHFDgMyNkzaKmHHhhCU+USlEpt+vvuX3iH6YEQpAtTZKZ7xkVEqANAjMacgEo XgQNIGF35kMD138D4FAq647BdhQVXXI7rffMYXuzm/fOWaZ5N2uP1ni/28q99w4p pzwHg1VD8l9kGSRSNCBnW7d3/pBUK7MBAauzubY/oRyEoIm+NaKZmH04MtAZ1dI1 AKnoB+3ibp/ZvHuQ+zxreKkFWjoK6lpKUZfWhN65blV7aYZn40U66nfP6tNhEhof uIaZRveoVNpoHzUv0QPAVWrKw02bLjCvXZO28aygLZZlffRb2PBM8Ajb8RppAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUjoXVIEEa9hqyUn0HzITd+S1lDNwwHwYDVR0j BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2 Njk4NC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzUz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEp AIAFMA0GCSqGSIb3DQEBCwUAA4IBAQA0QTur53jGP218koIWbdBGgCShpg4jeHtV LWW7N7fA/s7Ncub61jsYoXLCSQU5Mqw36AaLd5mqUn7svtZB7Fv3ImaYZGOwa1Eg Pws9euCvHMQjZ4ZlQFRngaNc4/am/a5QnZ6zoymgnHOIBUeVNpWvarAz5FG2MvGx a0Y/SZ1DkrBXOQ7i6lvoMSFm0bWoukZLmRGooqNkKBcB//PXBb3hc1RZVG0OyYxH 8CZ82QBSoaKEy+sbL9rRKuFvshIZmX7BmPn70QQJq6YZYRLbkNjSQTCCP26E5vjz j6sYx/lUj1Ju5LfrSOINt9HNI+gqShi6gld3Kbe+doCSGH/DPfO0 -----END CERTIFICATE-----Generated at Sun Apr 6 11:01:25 2025 by rpki-client