$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232372e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3232372e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: nmfqdJt0aXuTPYm1CDeqAamB0d6pnRG7QixtZqaeJvs= Subject key identifier: FB:8E:F3:5E:51:60:17:A7:32:46:B9:52:B9:A3:E2:64:3E:F6:1D:4A Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 2AD52E9EFDE5C91AC362D3E190B8B587AACB4F5F Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232372e302f32342d3234203d3e203338373634.roa Signing time: Wed 20 Mar 2024 10:02:07 +0000 ROA not before: Wed 20 Mar 2024 09:57:07 +0000 ROA not after: Wed 19 Mar 2025 10:02:07 +0000 asID: 38764 IP address blocks: 120.29.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 05:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:d5:2e:9e:fd:e5:c9:1a:c3:62:d3:e1:90:b8:b5:87:aa:cb:4f:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Mar 20 09:57:07 2024 GMT Not After : Mar 19 10:02:07 2025 GMT Subject: CN=FB8EF35E516017A73246B952B9A3E2643EF61D4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:b1:0c:9e:fb:7f:8b:11:1f:e9:e7:a4:e6:56: 08:5b:71:c5:84:c4:da:b4:10:cd:7a:60:22:81:88: 03:f7:7d:3a:54:f8:eb:7e:5e:83:57:24:49:e5:cb: c0:3c:26:3f:30:62:9a:0e:cb:9c:d2:54:aa:c5:b7: a6:4f:f3:b2:dc:ad:b4:4d:69:97:36:a3:09:c9:d3: ca:85:5f:8d:51:ac:4c:81:33:6f:f7:0f:2f:82:2d: e9:73:79:a5:89:d2:8e:3f:76:2d:3a:a9:4a:28:6a: 68:59:6e:03:af:79:c3:cc:e3:43:e1:84:ef:4d:89: a9:a2:41:51:41:64:15:3b:f7:c9:a5:bb:bb:ce:e8: 79:fc:33:3d:60:99:41:32:e3:4a:a9:bd:6a:95:25: d8:4f:68:60:f5:b7:1c:bd:f7:18:87:15:55:23:8a: e4:29:98:e0:65:8a:2f:b4:24:71:7d:0e:6f:f6:2f: e1:d1:5e:c5:1b:85:8d:fb:ac:7d:3a:e3:c5:9a:30: c0:37:3f:ec:78:d2:85:19:84:c9:43:b8:84:71:8f: 1d:7f:02:1a:c9:c4:20:27:b1:e2:d3:0b:9b:3f:fe: c6:84:e6:a4:bf:5b:32:50:7f:1d:60:8d:43:47:47: ae:13:c2:47:f5:f0:8a:49:1f:a0:80:55:d1:da:ad: 57:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:8E:F3:5E:51:60:17:A7:32:46:B9:52:B9:A3:E2:64:3E:F6:1D:4A X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232372e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.227.0/24 Signature Algorithm: sha256WithRSAEncryption b0:35:12:76:ff:7a:ad:9d:ce:d5:a0:e9:e6:cd:58:31:ef:81: b0:9f:e1:2e:21:c0:5b:65:11:9f:9b:e8:9a:ef:06:d9:ce:49: cc:c1:63:71:f5:52:73:a4:da:cc:70:93:99:74:0e:5f:fe:8a: f1:eb:b3:69:25:b5:87:1d:9e:ef:f4:94:27:08:b5:dd:d9:16: 7b:c3:63:69:1a:7c:13:c2:ed:d8:e1:38:ad:55:c6:e3:40:1d: 66:c1:7d:36:fd:fe:e0:66:cd:00:2f:25:8b:cd:ee:01:63:b7: 96:28:e2:c5:0c:21:a4:a3:8a:2a:3a:d2:e8:5a:ca:ea:52:f5: a9:4a:80:2f:ed:74:5d:85:47:c1:ca:77:4f:94:d5:01:cf:85: fd:a2:b0:25:e3:06:99:1a:09:68:ec:7f:ea:47:75:98:db:7f: 62:53:23:ed:54:b1:bb:40:50:23:ac:ba:5b:62:ca:95:7e:14: e8:18:39:1f:51:ab:30:0a:66:04:a9:e8:c8:24:1b:d5:0c:46: 9b:70:6c:0a:4a:7d:79:6f:10:85:71:67:ee:42:d8:1d:b3:94: 29:c7:4d:b5:18:e4:e0:7e:9a:ce:4e:af:30:6d:cd:68:0c:90: ad:72:16:52:e5:4b:b3:d5:d3:a5:3f:9b:27:0f:9e:b0:4e:28: ec:eb:d1:1f -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUKtUunv3lyRrDYtPhkLi1h6rLT18wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNDAzMjAwOTU3MDdaFw0yNTAzMTkxMDAyMDdaMDMxMTAvBgNV BAMTKEZCOEVGMzVFNTE2MDE3QTczMjQ2Qjk1MkI5QTNFMjY0M0VGNjFENEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfsQye+3+LER/p56TmVghbccWE xNq0EM16YCKBiAP3fTpU+Ot+XoNXJEnly8A8Jj8wYpoOy5zSVKrFt6ZP87LcrbRN aZc2ownJ08qFX41RrEyBM2/3Dy+CLelzeaWJ0o4/di06qUooamhZbgOvecPM40Ph hO9NiamiQVFBZBU798mlu7vO6Hn8Mz1gmUEy40qpvWqVJdhPaGD1txy99xiHFVUj iuQpmOBlii+0JHF9Dm/2L+HRXsUbhY37rH0648WaMMA3P+x40oUZhMlDuIRxjx1/ AhrJxCAnseLTC5s//saE5qS/WzJQfx1gjUNHR64Twkf18IpJH6CAVdHarVdxAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU+47zXlFgF6cyRrlSuaPiZD72HUowHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd4zANBgkqhkiG 9w0BAQsFAAOCAQEAsDUSdv96rZ3O1aDp5s1YMe+BsJ/hLiHAW2URn5vomu8G2c5J zMFjcfVSc6TazHCTmXQOX/6K8euzaSW1hx2e7/SUJwi13dkWe8NjaRp8E8Lt2OE4 rVXG40AdZsF9Nv3+4GbNAC8li83uAWO3lijixQwhpKOKKjrS6FrK6lL1qUqAL+10 XYVHwcp3T5TVAc+F/aKwJeMGmRoJaOx/6kd1mNt/YlMj7VSxu0BQI6y6W2LKlX4U 6Bg5H1GrMApmBKnoyCQb1QxGm3BsCkp9eW8QhXFn7kLYHbOUKcdNtRjk4H6azk6v MG3NaAyQrXIWUuVLs9XTpT+bJw+esE4o7OvRHw== -----END CERTIFICATE-----Generated at Fri Nov 22 08:13:03 2024 by rpki-client on console-fra.rpki-client.org