$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3232352e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: ks9JPidHkztZIEPJWllI8TTDIV5/YT8ex9LJ2kaaAYU= Subject key identifier: E6:D5:84:35:97:E2:CD:B6:FD:44:60:91:D4:12:F4:BC:F1:CB:71:8B Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 3B71302E7DD1637B17FDFA94B067AC6EC74A971A Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203338373634.roa Signing time: Wed 20 Mar 2024 10:02:07 +0000 ROA not before: Wed 20 Mar 2024 09:57:07 +0000 ROA not after: Wed 19 Mar 2025 10:02:07 +0000 asID: 38764 IP address blocks: 120.29.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 05:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:71:30:2e:7d:d1:63:7b:17:fd:fa:94:b0:67:ac:6e:c7:4a:97:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Mar 20 09:57:07 2024 GMT Not After : Mar 19 10:02:07 2025 GMT Subject: CN=E6D5843597E2CDB6FD446091D412F4BCF1CB718B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:cc:0f:63:d7:b1:cc:d5:03:55:9a:ce:ad:1f: 75:92:13:e8:d4:f2:a5:78:14:01:30:33:5b:7c:f5: 61:76:86:c0:db:2d:00:ed:58:5a:14:5a:54:a4:59: cf:88:ff:f2:39:19:36:bb:98:f6:6b:e1:93:e0:cd: 14:2b:ac:3d:d4:d5:69:d5:70:c8:a1:91:72:1a:37: ba:d8:3e:79:ea:c1:0e:2a:76:55:b0:f0:7c:8d:8d: bb:57:3b:8b:6d:d6:42:e1:74:9d:28:65:cb:49:4d: 32:c4:9a:51:cc:9a:17:bb:02:9e:92:2e:35:45:05: bd:e3:0b:7d:b7:fe:19:a4:cc:74:c6:e3:d7:80:88: 2f:b4:0f:85:3e:54:6f:d2:3b:da:54:63:c9:87:38: 76:e4:a5:47:b7:bb:e1:14:b7:38:41:48:39:f4:ae: 4c:74:ab:c9:a0:72:f7:72:32:dc:ac:8e:d9:c9:0d: 15:28:1a:28:7b:d1:05:5f:0f:24:be:bf:bc:b3:3d: 20:35:32:53:8d:81:40:fc:39:4c:d5:ac:ce:e4:74: 9e:7c:bc:0c:10:c1:38:c6:a6:d8:3b:1c:cf:85:05: a6:97:f9:46:5c:15:f7:61:92:c5:7d:99:27:77:bb: da:09:bb:e7:49:cf:60:d2:3f:c2:d0:b4:66:e2:47: 2e:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:D5:84:35:97:E2:CD:B6:FD:44:60:91:D4:12:F4:BC:F1:CB:71:8B X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.225.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:c2:38:b9:41:a2:73:83:4a:be:00:ca:62:56:e4:a8:7b:58: 21:9c:da:ac:5e:92:46:ac:cc:fb:df:05:92:e7:d8:0e:c8:65: e3:21:f3:0c:ee:eb:bf:31:71:06:0f:fa:98:cd:75:81:79:ad: 57:61:be:e8:51:f5:9d:75:ed:14:bf:93:0c:08:2b:cb:e6:a0: 18:c2:e1:60:49:4a:56:46:4e:c5:fa:af:73:88:c6:d6:f4:12: 65:2f:9b:7a:27:64:25:4d:0b:8e:f1:a5:92:56:ea:1b:b5:39: 3f:13:34:c9:7c:fc:67:65:0e:08:b7:4b:56:48:c1:4c:c7:d5: f3:f1:f8:e9:16:d9:7d:72:51:49:aa:82:19:c8:3a:68:db:7f: 8e:1d:e6:45:87:45:84:c5:89:0b:dc:54:30:3a:29:68:b9:f5: b4:4f:47:84:0d:d8:44:0e:6a:a2:8b:31:5b:cf:45:0d:5c:aa: d9:a7:d4:a2:74:5b:c0:55:4a:44:32:6b:43:a5:fc:a7:e0:3c: c5:df:0c:67:2e:4e:44:1c:2f:88:25:d7:29:ce:87:13:52:ee: 30:2c:f3:aa:5f:ca:6e:45:95:90:c2:f1:5d:76:d6:14:ef:25: 76:fe:b9:47:7c:d8:38:2a:f3:a0:df:0b:5a:93:3b:f1:28:32: 02:9b:84:bf -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUO3EwLn3RY3sX/fqUsGesbsdKlxowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNDAzMjAwOTU3MDdaFw0yNTAzMTkxMDAyMDdaMDMxMTAvBgNV BAMTKEU2RDU4NDM1OTdFMkNEQjZGRDQ0NjA5MUQ0MTJGNEJDRjFDQjcxOEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDszA9j17HM1QNVms6tH3WSE+jU 8qV4FAEwM1t89WF2hsDbLQDtWFoUWlSkWc+I//I5GTa7mPZr4ZPgzRQrrD3U1WnV cMihkXIaN7rYPnnqwQ4qdlWw8HyNjbtXO4tt1kLhdJ0oZctJTTLEmlHMmhe7Ap6S LjVFBb3jC323/hmkzHTG49eAiC+0D4U+VG/SO9pUY8mHOHbkpUe3u+EUtzhBSDn0 rkx0q8mgcvdyMtysjtnJDRUoGih70QVfDyS+v7yzPSA1MlONgUD8OUzVrM7kdJ58 vAwQwTjGptg7HM+FBaaX+UZcFfdhksV9mSd3u9oJu+dJz2DSP8LQtGbiRy71AgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU5tWENZfizbb9RGCR1BL0vPHLcYswHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd4TANBgkqhkiG 9w0BAQsFAAOCAQEALMI4uUGic4NKvgDKYlbkqHtYIZzarF6SRqzM+98FkufYDshl 4yHzDO7rvzFxBg/6mM11gXmtV2G+6FH1nXXtFL+TDAgry+agGMLhYElKVkZOxfqv c4jG1vQSZS+beidkJU0LjvGlklbqG7U5PxM0yXz8Z2UOCLdLVkjBTMfV8/H46RbZ fXJRSaqCGcg6aNt/jh3mRYdFhMWJC9xUMDopaLn1tE9HhA3YRA5qoosxW89FDVyq 2afUonRbwFVKRDJrQ6X8p+A8xd8MZy5ORBwviCXXKc6HE1LuMCzzql/KbkWVkMLx XXbWFO8ldv65R3zYOCrzoN8LWpM78SgyApuEvw== -----END CERTIFICATE-----Generated at Fri Nov 22 08:13:03 2024 by rpki-client on console-fra.rpki-client.org