$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030363a3a2f34382d3438203d3e203233363739.roa File: 323430313a323930303a383030363a3a2f34382d3438203d3e203233363739.roa (raw, json) Hash identifier: MLaN7rlkNMhS70oe8wa1v5dCyL/DCt5I/N1Z3BQjIO4= Subject key identifier: 47:44:BF:AE:6B:33:D1:5A:A6:F2:F5:E9:92:6F:02:67:48:04:B5:71 Certificate issuer: /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Certificate serial: 0888B3834D8FB0F4C3ABC1BDF778F4561069D90A Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject info access: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030363a3a2f34382d3438203d3e203233363739.roa Signing time: Wed 01 Jan 2025 04:00:38 +0000 ROA not before: Wed 01 Jan 2025 03:55:38 +0000 ROA not after: Wed 31 Dec 2025 04:00:38 +0000 asID: 23679 IP address blocks: 2401:2900:8006::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 10:26:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:88:b3:83:4d:8f:b0:f4:c3:ab:c1:bd:f7:78:f4:56:10:69:d9:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Validity Not Before: Jan 1 03:55:38 2025 GMT Not After : Dec 31 04:00:38 2025 GMT Subject: CN=4744BFAE6B33D15AA6F2F5E9926F02674804B571 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d9:03:81:50:c9:99:4a:2c:b9:2c:c0:f4:29: 35:85:45:6d:e3:19:56:39:04:0f:8e:06:91:a6:34: ae:cd:ac:a6:d1:37:df:47:1d:db:f7:bf:6a:b3:50: c2:be:0b:76:6e:98:b3:31:09:78:8a:88:76:3c:a7: a9:88:d8:7c:69:0a:6e:aa:7c:0c:e3:a1:58:93:41: 28:64:4f:c0:e0:54:54:aa:8d:6e:02:b9:1d:ac:9f: 65:d4:2f:a7:58:66:7d:fd:74:dd:e2:ff:a1:e0:39: 82:a1:93:c1:cc:c9:36:bd:95:23:38:53:a4:8b:10: 3d:c1:8e:f6:64:8f:7d:9e:25:92:44:a2:d1:62:48: ef:78:c7:6a:ba:d5:53:54:8b:41:7a:a3:93:9c:23: c6:f9:57:f3:10:03:37:7d:2d:c6:c2:38:1b:08:36: d8:03:90:1e:25:03:ae:14:32:da:7b:1f:23:be:b4: 70:62:23:1d:9e:29:5e:cd:16:a1:9c:ae:fc:1f:47: 46:95:d4:5d:18:b5:9a:44:76:24:3b:8e:ba:24:0a: 77:e0:0c:77:bd:d2:15:51:dd:79:90:63:38:33:f5: 55:ec:f0:95:98:56:e7:e8:3c:98:ee:07:5b:ee:0b: bf:d9:95:f0:63:31:d2:c8:4b:3e:58:72:b3:8f:3c: 40:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:44:BF:AE:6B:33:D1:5A:A6:F2:F5:E9:92:6F:02:67:48:04:B5:71 X509v3 Authority Key Identifier: keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030363a3a2f34382d3438203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8006::/48 Signature Algorithm: sha256WithRSAEncryption 85:70:c4:91:c1:89:34:2b:88:04:0e:61:bf:b6:54:71:61:37: a2:98:1e:a3:32:9d:ff:08:58:6c:bc:d9:5f:8e:fb:a8:57:d9: e3:8b:19:a9:3a:7a:42:01:c4:53:c7:13:0f:cf:ee:ad:de:a4: 48:ff:36:9a:46:36:0b:33:b3:ec:b2:0f:d2:d9:33:df:ae:ed: 10:06:5b:13:58:ef:a4:4e:4f:fb:8f:5a:b2:08:a9:dd:2f:16: ba:d8:17:67:74:3b:28:17:a0:0c:aa:f0:bb:cc:dc:0f:72:f5: b5:0e:a6:a3:7f:b3:aa:95:19:9a:89:40:75:fc:10:2f:4d:ec: 80:70:f7:26:49:03:c9:f1:e9:46:6a:9a:cc:49:69:5a:b3:8c: e5:19:f6:6e:44:48:dc:74:2f:1e:8d:c5:ca:5b:e9:62:7b:44: bb:32:30:25:14:1e:a1:cb:d4:a5:74:b5:26:cb:ce:a8:3f:c3: 6b:ad:a3:a0:c2:5d:47:ba:b9:1d:f4:9a:99:26:29:2f:91:a8: 10:6d:66:bf:83:4a:82:a9:db:9a:09:37:6b:01:42:44:76:a3: fe:97:be:17:df:7a:8d:90:65:21:02:8d:3e:82:fe:ae:36:84: 7d:cc:82:5b:a5:d4:6d:c3:fa:1c:70:5c:f3:b2:65:e0:2e:83: 7c:86:45:87 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUCIizg02PsPTDq8G993j0VhBp2QowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0 RkE2Njk4NDAeFw0yNTAxMDEwMzU1MzhaFw0yNTEyMzEwNDAwMzhaMDMxMTAvBgNV BAMTKDQ3NDRCRkFFNkIzM0QxNUFBNkYyRjVFOTkyNkYwMjY3NDgwNEI1NzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC92QOBUMmZSiy5LMD0KTWFRW3j GVY5BA+OBpGmNK7NrKbRN99HHdv3v2qzUMK+C3ZumLMxCXiKiHY8p6mI2HxpCm6q fAzjoViTQShkT8DgVFSqjW4CuR2sn2XUL6dYZn39dN3i/6HgOYKhk8HMyTa9lSM4 U6SLED3BjvZkj32eJZJEotFiSO94x2q61VNUi0F6o5OcI8b5V/MQAzd9LcbCOBsI NtgDkB4lA64UMtp7HyO+tHBiIx2eKV7NFqGcrvwfR0aV1F0YtZpEdiQ7jrokCnfg DHe90hVR3XmQYzgz9VXs8JWYVufoPJjuB1vuC7/ZlfBjMdLISz5YcrOPPEBJAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUR0S/rmsz0Vqm8vXpkm8CZ0gEtXEwHwYDVR0j BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2 Njk4NC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzYz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEp AIAGMA0GCSqGSIb3DQEBCwUAA4IBAQCFcMSRwYk0K4gEDmG/tlRxYTeimB6jMp3/ CFhsvNlfjvuoV9njixmpOnpCAcRTxxMPz+6t3qRI/zaaRjYLM7Pssg/S2TPfru0Q BlsTWO+kTk/7j1qyCKndLxa62BdndDsoF6AMqvC7zNwPcvW1Dqajf7OqlRmaiUB1 /BAvTeyAcPcmSQPJ8elGaprMSWlas4zlGfZuREjcdC8ejcXKW+lie0S7MjAlFB6h y9SldLUmy86oP8NrraOgwl1Hurkd9JqZJikvkagQbWa/g0qCqduaCTdrAUJEdqP+ l74X33qNkGUhAo0+gv6uNoR9zIJbpdRtw/occFzzsmXgLoN8hkWH -----END CERTIFICATE-----Generated at Sun Apr 6 11:05:56 2025 by rpki-client