$ rpki-client -vvf repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3131392e34372e38382e302f32342d3234203d3e203338353237.roa File: 3131392e34372e38382e302f32342d3234203d3e203338353237.roa (raw, json) Hash identifier: gaK9TNDkDAX6rLbicLT8NaMu8dPZqEuVmgkAb8uim8M= Subject key identifier: 5C:E8:3A:51:26:2F:6E:F2:3D:87:D9:AD:EA:61:E4:ED:AA:2F:CF:FF Certificate issuer: /CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Certificate serial: 1FD9357AA7F47E1DAA8F93C2A7F8F092A6B99075 Authority key identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject info access: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3131392e34372e38382e302f32342d3234203d3e203338353237.roa Signing time: Wed 15 Jan 2025 11:00:02 +0000 ROA not before: Wed 15 Jan 2025 10:55:02 +0000 ROA not after: Wed 14 Jan 2026 11:00:02 +0000 asID: 38527 IP address blocks: 119.47.88.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 23:13:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:d9:35:7a:a7:f4:7e:1d:aa:8f:93:c2:a7:f8:f0:92:a6:b9:90:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Validity Not Before: Jan 15 10:55:02 2025 GMT Not After : Jan 14 11:00:02 2026 GMT Subject: CN=5CE83A51262F6EF23D87D9ADEA61E4EDAA2FCFFF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:df:68:1d:99:4b:6a:52:b0:0d:51:91:8b:4d: 12:ff:04:ee:37:54:37:18:b1:d4:98:f0:bc:fb:db: 50:2c:d4:55:0d:18:5c:28:22:45:a9:30:25:2f:ac: cc:fc:b9:9f:da:3b:ea:62:4f:7f:d9:38:b6:c3:6b: 7e:9c:92:5a:12:67:26:83:1f:0a:dc:d1:8b:a9:ea: 20:4e:16:f9:00:2f:06:3a:e2:a2:9d:be:10:02:08: 17:63:62:a6:ff:b2:8e:fb:4a:61:07:f8:9e:fb:14: d5:a4:7a:c7:24:8e:23:ca:16:a3:15:da:58:79:18: fd:c7:c3:a6:31:1f:76:35:0e:94:8d:8d:e2:54:70: b2:c4:12:b3:fc:c7:0b:51:30:e9:e0:82:93:4d:9a: f0:35:63:0e:d9:7a:6f:76:59:7e:35:e6:e3:95:ea: 74:98:ea:a1:66:fb:fc:af:03:31:2d:5e:a5:18:57: 21:89:a0:0f:eb:27:58:e0:30:51:f8:75:b8:16:41: eb:74:c1:ad:f3:86:64:a6:6e:76:96:44:ba:f5:2a: 8e:f5:b3:1f:e6:d1:90:93:fa:8d:f5:1b:4a:e4:2d: ea:a1:11:bb:7a:bb:15:ac:c4:89:7b:d4:31:23:5c: f9:4d:46:c3:83:f8:64:12:7f:7b:81:50:d0:97:91: f2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:E8:3A:51:26:2F:6E:F2:3D:87:D9:AD:EA:61:E4:ED:AA:2F:CF:FF X509v3 Authority Key Identifier: keyid:22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3131392e34372e38382e302f32342d3234203d3e203338353237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 119.47.88.0/24 Signature Algorithm: sha256WithRSAEncryption 84:83:1c:74:e6:22:92:db:33:cf:e3:9a:4e:9c:0e:ec:de:92: 18:88:4b:79:29:10:25:a3:0f:1a:23:6a:bc:a9:b9:56:df:dd: 53:3d:e5:94:d7:5b:e3:40:1a:39:2c:a3:d4:9c:5e:1a:28:04: 46:3a:91:19:91:1e:33:b3:d2:e3:34:6a:47:80:7e:04:32:27: f9:2e:bd:7c:ec:07:cf:7e:2b:a8:a5:09:f8:ee:6b:9a:8b:dc: d6:a8:b9:07:75:3c:02:06:6e:dc:88:dc:76:f9:18:f2:11:b4: 41:25:9b:ed:2b:18:22:87:61:a1:43:a6:9e:9a:22:8a:95:6e: d0:53:de:b3:7f:9a:3b:36:f6:29:b0:fb:f6:42:27:2f:af:5d: 8b:33:27:50:0a:e6:95:bb:fb:fe:13:8a:3c:62:1e:b2:19:59: 9b:60:ff:6b:4c:fa:19:66:92:4c:92:82:a1:e1:7b:0c:cb:fa: c2:ca:a5:99:35:78:a5:09:96:69:3f:4a:49:3a:5b:ab:99:00: 2d:a5:0d:2b:2f:68:df:30:c8:12:c8:b6:0b:e2:37:17:56:cf: 60:0b:ef:35:21:23:c6:89:4e:38:81:a9:19:97:c3:79:49:c9: bf:16:69:83:04:5a:bc:7a:82:61:4d:d8:ea:f3:7f:22:69:78: e1:d2:5c:60 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUH9k1eqf0fh2qj5PCp/jwkqa5kHUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBD RjlBNjQ3MzAeFw0yNTAxMTUxMDU1MDJaFw0yNjAxMTQxMTAwMDJaMDMxMTAvBgNV BAMTKDVDRTgzQTUxMjYyRjZFRjIzRDg3RDlBREVBNjFFNEVEQUEyRkNGRkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE32gdmUtqUrANUZGLTRL/BO43 VDcYsdSY8Lz721As1FUNGFwoIkWpMCUvrMz8uZ/aO+piT3/ZOLbDa36ckloSZyaD Hwrc0Yup6iBOFvkALwY64qKdvhACCBdjYqb/so77SmEH+J77FNWkesckjiPKFqMV 2lh5GP3Hw6YxH3Y1DpSNjeJUcLLEErP8xwtRMOnggpNNmvA1Yw7Zem92WX415uOV 6nSY6qFm+/yvAzEtXqUYVyGJoA/rJ1jgMFH4dbgWQet0wa3zhmSmbnaWRLr1Ko71 sx/m0ZCT+o31G0rkLeqhEbt6uxWsxIl71DEjXPlNRsOD+GQSf3uBUNCXkfK9AgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUXOg6USYvbvI9h9mt6mHk7aovz/8wHwYDVR0j BBgwFoAUIo51K7+4wWs7RvPTiOztUM+aZHMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MTdlZmQyYS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMC8yMjhFNzUyQkJG QjhDMTZCM0I0NkYzRDM4OEVDRUQ1MENGOUE2NDczLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBDRjlB NjQ3My5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxN2VmZDJhLTAyYWItNDIwMi05 NzBmLWY2OTlkZmY5N2RlNS8wLzMxMzEzOTJlMzQzNzJlMzgzODJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMzMzgzNTMyMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB3L1gwDQYJKoZIhvcN AQELBQADggEBAISDHHTmIpLbM8/jmk6cDuzekhiIS3kpECWjDxojarypuVbf3VM9 5ZTXW+NAGjkso9ScXhooBEY6kRmRHjOz0uM0akeAfgQyJ/kuvXzsB89+K6ilCfju a5qL3NaouQd1PAIGbtyI3Hb5GPIRtEElm+0rGCKHYaFDpp6aIoqVbtBT3rN/mjs2 9imw+/ZCJy+vXYszJ1AK5pW7+/4TijxiHrIZWZtg/2tM+hlmkkySgqHhewzL+sLK pZk1eKUJlmk/Skk6W6uZAC2lDSsvaN8wyBLItgviNxdWz2AL7zUhI8aJTjiBqRmX w3lJyb8WaYMEWrx6gmFN2OrzfyJpeOHSXGA= -----END CERTIFICATE-----Generated at Sun Apr 6 23:54:07 2025 by rpki-client