$ rpki-client -vvf repo-rpki.idnic.net/repo/20d2bde4-056b-45c6-80bf-f5d4d277336b/0/3230322e34332e3131362e302f32332d3234203d3e203435373037.roa File: 3230322e34332e3131362e302f32332d3234203d3e203435373037.roa (raw, json) Hash identifier: Sf9PeSZZ7a8NKRrtWUTmVWuqUtTX2GsdEZGDuX14gwU= Subject key identifier: 7F:90:F8:D3:67:A5:98:12:AF:7D:AB:AB:62:00:A5:81:A8:7A:32:C1 Certificate issuer: /CN=754BC04892430632A8C965AF4C5B71C59B2A3CCB Certificate serial: 495CCE3491FB103699A30341C906993B2F569DB1 Authority key identifier: 75:4B:C0:48:92:43:06:32:A8:C9:65:AF:4C:5B:71:C5:9B:2A:3C:CB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/754BC04892430632A8C965AF4C5B71C59B2A3CCB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/20d2bde4-056b-45c6-80bf-f5d4d277336b/0/3230322e34332e3131362e302f32332d3234203d3e203435373037.roa Signing time: Fri 27 Dec 2024 08:00:01 +0000 ROA not before: Fri 27 Dec 2024 07:55:01 +0000 ROA not after: Fri 26 Dec 2025 08:00:01 +0000 asID: 45707 IP address blocks: 202.43.116.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/20d2bde4-056b-45c6-80bf-f5d4d277336b/0/754BC04892430632A8C965AF4C5B71C59B2A3CCB.crl rsync://repo-rpki.idnic.net/repo/20d2bde4-056b-45c6-80bf-f5d4d277336b/0/754BC04892430632A8C965AF4C5B71C59B2A3CCB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/754BC04892430632A8C965AF4C5B71C59B2A3CCB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 24 Feb 2025 00:10:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:5c:ce:34:91:fb:10:36:99:a3:03:41:c9:06:99:3b:2f:56:9d:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=754BC04892430632A8C965AF4C5B71C59B2A3CCB Validity Not Before: Dec 27 07:55:01 2024 GMT Not After : Dec 26 08:00:01 2025 GMT Subject: CN=7F90F8D367A59812AF7DABAB6200A581A87A32C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:fc:f9:e3:83:28:3e:8b:8e:5e:5f:6e:e8:33: 96:b2:db:c5:bf:69:1a:01:5e:c7:44:ef:c7:6b:64: 16:9f:76:99:00:62:fe:5f:93:1e:0a:6e:d6:43:f5: 73:6f:03:18:75:cd:4a:40:c4:33:3c:42:16:c6:4a: f6:32:e9:11:35:7e:78:97:99:fc:fa:2a:9a:e3:67: 33:f9:41:85:ef:4c:ee:e2:81:f5:86:83:56:c1:4d: 15:0a:fa:6b:28:f8:2a:59:78:58:71:e9:c4:3c:63: 96:9a:dd:ea:76:f0:e5:91:df:79:35:d8:35:63:1a: df:53:9b:50:a2:6e:59:00:fd:e7:53:da:89:cf:ef: 61:9d:7e:39:e8:81:84:1a:da:10:d2:6f:ab:8d:92: b6:af:bf:8c:dc:4f:7e:a8:05:50:2a:d2:3c:7f:77: 49:15:8c:68:11:79:53:bc:59:6e:24:e6:0b:3d:1f: 96:c7:f7:63:57:08:4d:ad:ba:64:b9:86:9b:42:df: 12:fb:d0:3d:fb:ac:f9:4a:10:ba:c7:57:8a:4b:6a: 1f:4a:1a:b6:22:a0:00:8e:b1:bc:3d:7b:57:ff:d7: 15:51:cf:56:31:3b:91:cf:e0:0d:41:81:6d:f7:ae: c7:38:8e:c6:e7:93:d0:41:87:55:74:1f:18:a8:06: eb:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:90:F8:D3:67:A5:98:12:AF:7D:AB:AB:62:00:A5:81:A8:7A:32:C1 X509v3 Authority Key Identifier: keyid:75:4B:C0:48:92:43:06:32:A8:C9:65:AF:4C:5B:71:C5:9B:2A:3C:CB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/20d2bde4-056b-45c6-80bf-f5d4d277336b/0/754BC04892430632A8C965AF4C5B71C59B2A3CCB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/754BC04892430632A8C965AF4C5B71C59B2A3CCB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/20d2bde4-056b-45c6-80bf-f5d4d277336b/0/3230322e34332e3131362e302f32332d3234203d3e203435373037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.43.116.0/23 Signature Algorithm: sha256WithRSAEncryption b5:76:2c:55:df:65:70:fc:f1:16:cc:46:82:85:94:80:09:35: 63:84:63:05:b0:d0:dc:af:8e:20:9b:46:41:3c:d3:92:11:13: ef:c9:ef:75:26:b9:a7:cf:a6:05:a5:e8:16:52:45:5c:98:52: 3f:1d:ba:2a:53:32:e7:9b:e4:97:d6:79:59:6d:b4:c0:58:df: d9:86:f4:26:90:13:c9:43:0c:7b:4c:12:95:78:be:a2:d5:10: 9d:da:7a:ce:f8:a3:02:f4:c1:f3:a0:53:0e:a4:65:42:2f:aa: 1a:50:10:75:0d:21:50:4c:30:a9:bd:92:d8:14:54:f3:28:01: fa:e3:01:80:7a:fc:bf:34:15:78:4f:4e:71:41:e1:02:38:e8: 83:6a:f2:03:b0:cc:8d:6d:08:a2:02:c6:4e:d9:5b:61:69:b1: 24:e3:ad:87:06:cf:cd:eb:e7:9b:9c:6e:0d:ef:f9:fd:02:05: 0e:57:a3:d1:16:5c:f1:9c:1a:9c:12:80:2d:9b:cc:e1:bc:b5: 55:f8:ee:fb:32:e9:dc:e4:47:e2:93:1f:98:e9:32:46:f9:c4: 5d:16:b6:7c:68:e0:63:71:01:07:0b:e2:dc:eb:30:74:07:9c: 23:f7:47:d4:e9:d2:f8:ca:d9:8c:8b:72:c9:f2:87:86:2d:a8: 1d:2d:47:94 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUSVzONJH7EDaZowNByQaZOy9WnbEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzU0QkMwNDg5MjQzMDYzMkE4Qzk2NUFGNEM1QjcxQzU5 QjJBM0NDQjAeFw0yNDEyMjcwNzU1MDFaFw0yNTEyMjYwODAwMDFaMDMxMTAvBgNV BAMTKDdGOTBGOEQzNjdBNTk4MTJBRjdEQUJBQjYyMDBBNTgxQTg3QTMyQzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0/Pnjgyg+i45eX27oM5ay28W/ aRoBXsdE78drZBafdpkAYv5fkx4KbtZD9XNvAxh1zUpAxDM8QhbGSvYy6RE1fniX mfz6KprjZzP5QYXvTO7igfWGg1bBTRUK+mso+CpZeFhx6cQ8Y5aa3ep28OWR33k1 2DVjGt9Tm1CiblkA/edT2onP72GdfjnogYQa2hDSb6uNkravv4zcT36oBVAq0jx/ d0kVjGgReVO8WW4k5gs9H5bH92NXCE2tumS5hptC3xL70D37rPlKELrHV4pLah9K GrYioACOsbw9e1f/1xVRz1YxO5HP4A1BgW33rsc4jsbnk9BBh1V0HxioButhAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUf5D402elmBKvfaurYgClgah6MsEwHwYDVR0j BBgwFoAUdUvASJJDBjKoyWWvTFtxxZsqPMswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MGQyYmRlNC0wNTZiLTQ1YzYtODBiZi1mNWQ0ZDI3NzMzNmIvMC83NTRCQzA0ODky NDMwNjMyQThDOTY1QUY0QzVCNzFDNTlCMkEzQ0NCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzU0QkMwNDg5MjQzMDYzMkE4Qzk2NUFGNEM1QjcxQzU5QjJB M0NDQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwZDJiZGU0LTA1NmItNDVjNi04 MGJmLWY1ZDRkMjc3MzM2Yi8wLzMyMzAzMjJlMzQzMzJlMzEzMTM2MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzQzNTM3MzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcordDANBgkqhkiG 9w0BAQsFAAOCAQEAtXYsVd9lcPzxFsxGgoWUgAk1Y4RjBbDQ3K+OIJtGQTzTkhET 78nvdSa5p8+mBaXoFlJFXJhSPx26KlMy55vkl9Z5WW20wFjf2Yb0JpATyUMMe0wS lXi+otUQndp6zvijAvTB86BTDqRlQi+qGlAQdQ0hUEwwqb2S2BRU8ygB+uMBgHr8 vzQVeE9OcUHhAjjog2ryA7DMjW0IogLGTtlbYWmxJOOthwbPzevnm5xuDe/5/QIF Dlej0RZc8ZwanBKALZvM4by1Vfju+zLp3ORH4pMfmOkyRvnEXRa2fGjgY3EBBwvi 3OswdAecI/dH1OnS+MrZjItyyfKHhi2oHS1HlA== -----END CERTIFICATE-----Generated at Fri Feb 21 11:19:56 2025 by rpki-client