$ rpki-client -vvf repo-rpki.idnic.net/repo/2e6bbe4d-3a2b-4e1b-a1aa-593610b3dec9/0/3130332e3132392e36302e302f32342d3234203d3e20313338303538.roa File: 3130332e3132392e36302e302f32342d3234203d3e20313338303538.roa (raw, json) Hash identifier: IW8bQszHsJQaspCBHwRuV25Qt9b0hSoRJR3AAA3IqeI= Subject key identifier: 73:DE:50:FF:B5:A5:9C:E0:2F:96:8A:45:22:05:5E:F3:AD:44:9F:6F Certificate issuer: /CN=477C72D3EF66E3FE6923E38128D2757CBB2ABE05 Certificate serial: 17A95D79EFA0DBFD1886B61B5D8A9A8426760839 Authority key identifier: 47:7C:72:D3:EF:66:E3:FE:69:23:E3:81:28:D2:75:7C:BB:2A:BE:05 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/477C72D3EF66E3FE6923E38128D2757CBB2ABE05.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2e6bbe4d-3a2b-4e1b-a1aa-593610b3dec9/0/3130332e3132392e36302e302f32342d3234203d3e20313338303538.roa Signing time: Wed 17 Apr 2024 10:02:04 +0000 ROA not before: Wed 17 Apr 2024 09:57:04 +0000 ROA not after: Wed 16 Apr 2025 10:02:04 +0000 asID: 138058 IP address blocks: 103.129.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2e6bbe4d-3a2b-4e1b-a1aa-593610b3dec9/0/477C72D3EF66E3FE6923E38128D2757CBB2ABE05.crl rsync://repo-rpki.idnic.net/repo/2e6bbe4d-3a2b-4e1b-a1aa-593610b3dec9/0/477C72D3EF66E3FE6923E38128D2757CBB2ABE05.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/477C72D3EF66E3FE6923E38128D2757CBB2ABE05.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 23 Feb 2025 01:26:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:a9:5d:79:ef:a0:db:fd:18:86:b6:1b:5d:8a:9a:84:26:76:08:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=477C72D3EF66E3FE6923E38128D2757CBB2ABE05 Validity Not Before: Apr 17 09:57:04 2024 GMT Not After : Apr 16 10:02:04 2025 GMT Subject: CN=73DE50FFB5A59CE02F968A4522055EF3AD449F6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:b7:57:2e:89:b6:24:d9:6f:d0:95:ce:d4:2d: 12:9f:cf:21:e7:51:cd:23:50:4b:86:97:f4:41:ee: d7:62:e2:f2:bd:c8:15:68:42:b2:6c:c8:55:e5:02: 2f:f3:3a:bf:d9:c1:1e:0b:88:ee:c8:54:01:04:89: 9c:11:86:ec:37:16:ed:92:74:b6:33:4c:e7:ba:87: e9:f8:7c:ab:c7:45:08:fa:e8:2f:ba:e7:d0:27:4f: e0:0d:2c:93:f2:31:b2:63:4f:71:06:46:3c:da:b3: 25:35:4c:ae:a0:cf:37:53:13:8d:4f:b4:31:0a:33: fd:89:5b:a5:8b:1c:a6:70:8e:da:3f:7c:72:a4:b2: 4d:0e:26:85:53:f7:dd:d8:82:4b:9e:d0:2d:95:91: 99:c8:28:0d:7b:43:fe:10:54:85:99:01:42:4a:b3: 66:be:f1:33:dc:83:4d:76:5a:f3:c2:be:1f:cd:1f: 9f:45:19:4b:b1:29:cd:69:e5:52:08:b9:cd:12:1e: 7a:1c:c9:a6:a9:0d:0e:04:74:19:9f:0c:b3:96:f9: f5:88:08:6d:bf:31:dc:5c:93:ac:1e:a1:c9:f3:34: ca:d1:a4:ce:56:28:a6:1e:f8:18:3f:a4:71:28:fa: 36:d8:bf:4b:c8:c0:03:4c:3f:cc:68:7c:c6:8e:d0: aa:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:DE:50:FF:B5:A5:9C:E0:2F:96:8A:45:22:05:5E:F3:AD:44:9F:6F X509v3 Authority Key Identifier: keyid:47:7C:72:D3:EF:66:E3:FE:69:23:E3:81:28:D2:75:7C:BB:2A:BE:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2e6bbe4d-3a2b-4e1b-a1aa-593610b3dec9/0/477C72D3EF66E3FE6923E38128D2757CBB2ABE05.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/477C72D3EF66E3FE6923E38128D2757CBB2ABE05.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2e6bbe4d-3a2b-4e1b-a1aa-593610b3dec9/0/3130332e3132392e36302e302f32342d3234203d3e20313338303538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.60.0/24 Signature Algorithm: sha256WithRSAEncryption c2:bc:6e:eb:19:ec:e4:a8:e1:8d:30:77:6d:d2:30:da:ce:6c: b3:44:ad:8c:c0:99:6c:b5:33:a5:34:cf:d8:bc:35:35:8d:71: a1:67:fb:8e:b3:de:7d:89:cf:1c:4b:0c:e6:c4:cf:ce:8c:52: bf:ce:a5:cd:e1:66:49:4d:c4:62:41:94:0a:ed:19:84:2c:fd: 48:4c:7e:3e:8e:a3:bd:53:1b:c0:66:e3:95:2e:59:85:48:b4: 93:19:57:61:44:38:2c:7b:38:05:ba:c7:58:af:e6:13:d5:32: 2b:67:21:a0:14:c6:14:20:24:bf:98:d5:e7:d1:83:db:a7:d8: 64:9a:ed:bd:7b:c7:ce:03:90:67:6c:e7:26:c1:39:9f:2b:a1: 63:6f:da:18:4f:50:1b:3c:00:7b:54:34:c5:d3:52:7a:a2:2e: 9b:26:65:c2:74:05:3d:df:d9:51:99:46:8e:af:70:f2:a6:5b: a7:7e:05:5e:07:7d:48:68:58:e8:54:41:29:58:5f:92:1b:65: f4:c2:45:c7:48:4c:c2:f9:46:48:52:8e:6a:90:71:22:64:03: a8:e6:aa:d9:81:a9:5c:8e:dd:53:e6:d0:74:4c:26:cf:17:9b: 22:0c:ec:f4:60:7a:79:ae:d9:3a:75:b8:22:7f:4b:4b:ba:7d: a2:45:c2:66 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUF6ldee+g2/0YhrYbXYqahCZ2CDkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDc3QzcyRDNFRjY2RTNGRTY5MjNFMzgxMjhEMjc1N0NC QjJBQkUwNTAeFw0yNDA0MTcwOTU3MDRaFw0yNTA0MTYxMDAyMDRaMDMxMTAvBgNV BAMTKDczREU1MEZGQjVBNTlDRTAyRjk2OEE0NTIyMDU1RUYzQUQ0NDlGNkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDst1cuibYk2W/Qlc7ULRKfzyHn Uc0jUEuGl/RB7tdi4vK9yBVoQrJsyFXlAi/zOr/ZwR4LiO7IVAEEiZwRhuw3Fu2S dLYzTOe6h+n4fKvHRQj66C+659AnT+ANLJPyMbJjT3EGRjzasyU1TK6gzzdTE41P tDEKM/2JW6WLHKZwjto/fHKksk0OJoVT993Ygkue0C2VkZnIKA17Q/4QVIWZAUJK s2a+8TPcg012WvPCvh/NH59FGUuxKc1p5VIIuc0SHnocyaapDQ4EdBmfDLOW+fWI CG2/Mdxck6weocnzNMrRpM5WKKYe+Bg/pHEo+jbYv0vIwANMP8xofMaO0Kp9AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUc95Q/7WlnOAvlopFIgVe861En28wHwYDVR0j BBgwFoAUR3xy0+9m4/5pI+OBKNJ1fLsqvgUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ZTZiYmU0ZC0zYTJiLTRlMWItYTFhYS01OTM2MTBiM2RlYzkvMC80NzdDNzJEM0VG NjZFM0ZFNjkyM0UzODEyOEQyNzU3Q0JCMkFCRTA1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDc3QzcyRDNFRjY2RTNGRTY5MjNFMzgxMjhEMjc1N0NCQjJB QkUwNS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJlNmJiZTRkLTNhMmItNGUxYi1h MWFhLTU5MzYxMGIzZGVjOS8wLzMxMzAzMzJlMzEzMjM5MmUzNjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ4E8MA0GCSqG SIb3DQEBCwUAA4IBAQDCvG7rGezkqOGNMHdt0jDazmyzRK2MwJlstTOlNM/YvDU1 jXGhZ/uOs959ic8cSwzmxM/OjFK/zqXN4WZJTcRiQZQK7RmELP1ITH4+jqO9UxvA ZuOVLlmFSLSTGVdhRDgsezgFusdYr+YT1TIrZyGgFMYUICS/mNXn0YPbp9hkmu29 e8fOA5BnbOcmwTmfK6Fjb9oYT1AbPAB7VDTF01J6oi6bJmXCdAU939lRmUaOr3Dy plunfgVeB31IaFjoVEEpWF+SG2X0wkXHSEzC+UZIUo5qkHEiZAOo5qrZgalcjt1T 5tB0TCbPF5siDOz0YHp5rtk6dbgif0tLun2iRcJm -----END CERTIFICATE-----Generated at Fri Feb 21 11:10:02 2025 by rpki-client