$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232382e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3232382e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: a5XbgxWOlYfxiizoKqkwomxuwG1c799qt6OAm6CmmC0= Subject key identifier: 77:E4:71:AA:CB:AA:4D:0A:BE:DE:87:87:43:E2:F5:45:98:9D:F1:21 Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 47D7D664C253D67CB49FE1E70AE5CF8E2043B565 Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232382e302f32342d3234203d3e203338373634.roa Signing time: Wed 20 Mar 2024 10:02:07 +0000 ROA not before: Wed 20 Mar 2024 09:57:07 +0000 ROA not after: Wed 19 Mar 2025 10:02:07 +0000 asID: 38764 IP address blocks: 120.29.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 05:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:d7:d6:64:c2:53:d6:7c:b4:9f:e1:e7:0a:e5:cf:8e:20:43:b5:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Mar 20 09:57:07 2024 GMT Not After : Mar 19 10:02:07 2025 GMT Subject: CN=77E471AACBAA4D0ABEDE878743E2F545989DF121 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:de:92:c9:82:df:9b:81:19:a8:0e:a5:36: 87:b0:61:f0:73:3b:b4:b6:20:aa:42:31:8f:0d:34: 9e:b9:ee:ca:d6:af:ed:9e:12:1f:8a:29:01:98:41: 94:0a:dd:13:d5:48:2f:00:74:f8:41:1f:f3:b2:2c: 6c:1c:8f:7c:f3:64:fa:8e:01:99:2d:2f:6a:a7:43: f5:99:80:9e:88:3a:97:30:d1:18:6a:f1:38:21:a0: 5d:b8:5e:62:2e:a8:fc:7f:4d:19:5b:72:7a:33:9b: 0b:cd:cf:da:06:85:4f:fc:59:6b:5d:9e:4f:90:29: 28:6d:46:d0:cd:ae:0c:d6:b4:b3:79:e8:35:01:52: 42:89:0a:96:49:39:a0:8b:e8:75:4a:0c:72:57:e7: f4:da:06:3d:d9:f5:e6:79:87:bc:bb:9b:e3:da:0f: 25:40:36:f7:d8:fe:b2:60:f4:55:bc:14:ed:82:f0: a3:97:bd:6f:e4:1d:b2:62:6f:7e:79:24:91:8c:fd: 09:43:69:9f:ae:0b:32:55:36:b8:09:09:8d:12:ff: e3:ef:a4:e7:46:21:d0:14:75:27:df:0c:16:1a:9e: e0:d3:ed:db:23:6e:77:35:11:9e:bf:e6:81:83:d4: 80:03:fb:7b:60:72:e7:4c:df:c7:ea:8e:ff:ef:1a: ba:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:E4:71:AA:CB:AA:4D:0A:BE:DE:87:87:43:E2:F5:45:98:9D:F1:21 X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232382e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.228.0/24 Signature Algorithm: sha256WithRSAEncryption 79:f0:de:e1:6a:c2:f1:f5:11:d4:d8:04:22:e9:eb:ca:84:2a: 3f:a7:22:62:5c:f1:5e:93:c4:b5:0f:fd:9a:52:fe:55:da:30: f8:53:53:8f:5c:87:6c:88:05:e0:89:d0:35:b8:df:80:04:30: 7f:dd:6d:ce:b6:20:8d:51:ed:a2:9b:8a:14:6b:84:e2:cf:ed: 86:2d:8b:e7:85:f1:63:45:7f:24:95:16:29:cb:b7:55:c4:b3: 95:3e:e3:a4:9a:d8:90:82:df:1d:2b:40:cc:06:8e:6f:18:32: 85:ea:31:ff:43:96:41:30:43:d7:07:7c:ff:42:91:6c:f3:37: c5:9d:ff:95:89:06:fe:c1:bd:97:f2:4b:61:7d:ae:28:6b:55: 27:6b:c6:8b:55:dc:28:2f:c3:ae:6b:f8:64:8b:40:8a:af:cf: 7c:8c:08:9a:a8:41:56:1b:3f:14:6e:c8:c8:a8:50:b1:c4:21: 3b:62:4e:6e:15:0e:24:b2:a6:83:6f:91:9d:0f:cd:9d:fc:ad: 38:99:67:b1:98:3a:75:d2:63:0b:5e:7a:3e:9c:4a:27:12:80: 06:07:d8:7c:a9:ce:a6:30:26:c4:4d:93:b3:ef:fc:27:15:5e: ec:06:fd:85:b5:75:2c:0f:1d:3a:29:78:83:c3:35:ac:50:04: 77:02:19:b7 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUR9fWZMJT1ny0n+HnCuXPjiBDtWUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNDAzMjAwOTU3MDdaFw0yNTAzMTkxMDAyMDdaMDMxMTAvBgNV BAMTKDc3RTQ3MUFBQ0JBQTREMEFCRURFODc4NzQzRTJGNTQ1OTg5REYxMjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4kN6SyYLfm4EZqA6lNoewYfBz O7S2IKpCMY8NNJ657srWr+2eEh+KKQGYQZQK3RPVSC8AdPhBH/OyLGwcj3zzZPqO AZktL2qnQ/WZgJ6IOpcw0Rhq8TghoF24XmIuqPx/TRlbcnozmwvNz9oGhU/8WWtd nk+QKShtRtDNrgzWtLN56DUBUkKJCpZJOaCL6HVKDHJX5/TaBj3Z9eZ5h7y7m+Pa DyVANvfY/rJg9FW8FO2C8KOXvW/kHbJib355JJGM/QlDaZ+uCzJVNrgJCY0S/+Pv pOdGIdAUdSffDBYanuDT7dsjbnc1EZ6/5oGD1IAD+3tgcudM38fqjv/vGrp1AgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUd+RxqsuqTQq+3oeHQ+L1RZid8SEwHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5DANBgkqhkiG 9w0BAQsFAAOCAQEAefDe4WrC8fUR1NgEIunryoQqP6ciYlzxXpPEtQ/9mlL+Vdow +FNTj1yHbIgF4InQNbjfgAQwf91tzrYgjVHtopuKFGuE4s/thi2L54XxY0V/JJUW Kcu3VcSzlT7jpJrYkILfHStAzAaObxgyheox/0OWQTBD1wd8/0KRbPM3xZ3/lYkG /sG9l/JLYX2uKGtVJ2vGi1XcKC/Drmv4ZItAiq/PfIwImqhBVhs/FG7IyKhQscQh O2JObhUOJLKmg2+RnQ/NnfytOJlnsZg6ddJjC156PpxKJxKABgfYfKnOpjAmxE2T s+/8JxVe7Ab9hbV1LA8dOil4g8M1rFAEdwIZtw== -----END CERTIFICATE-----Generated at Fri Nov 22 08:13:03 2024 by rpki-client on console-fra.rpki-client.org