$ rpki-client -vvf repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3131392e34372e39302e302f32342d3234203d3e203338353237.roa File: 3131392e34372e39302e302f32342d3234203d3e203338353237.roa (raw, json) Hash identifier: 2gYjkNpQS7rIhX41LQ5E9ZRuFubPcLm5+1qbHYEWbNU= Subject key identifier: E9:B9:7D:0F:C7:EA:B3:A0:0D:10:79:3F:2F:0B:7F:BC:26:3A:66:3D Certificate issuer: /CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Certificate serial: 4C3C123AFFB03796887531748A111D540CEB4A5F Authority key identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject info access: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3131392e34372e39302e302f32342d3234203d3e203338353237.roa Signing time: Mon 24 Feb 2025 10:13:56 +0000 ROA not before: Mon 24 Feb 2025 10:08:56 +0000 ROA not after: Mon 23 Feb 2026 10:13:56 +0000 asID: 38527 IP address blocks: 119.47.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 02:39:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:3c:12:3a:ff:b0:37:96:88:75:31:74:8a:11:1d:54:0c:eb:4a:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Validity Not Before: Feb 24 10:08:56 2025 GMT Not After : Feb 23 10:13:56 2026 GMT Subject: CN=E9B97D0FC7EAB3A00D10793F2F0B7FBC263A663D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ef:c1:1a:a7:66:13:c1:bb:a2:39:93:99:1c: 30:ba:12:af:66:0c:31:6c:ed:82:4c:4b:f3:45:bd: 2c:bb:c8:25:ec:c4:37:fb:cf:9f:8f:00:76:e0:bc: d1:dd:80:34:e5:0b:07:53:cb:b2:fc:8f:48:df:9e: fa:59:f4:25:63:21:c0:8d:dc:77:9f:b2:57:38:19: 9a:93:c3:75:71:53:ac:ce:46:bd:0e:c2:cb:52:21: 36:06:c2:84:f8:e2:2c:be:c8:71:fb:7d:70:fc:a1: 62:c8:9f:c8:cb:c8:eb:af:3d:bf:25:79:bd:0e:e1: fe:8e:b4:42:62:f3:f3:36:44:e4:09:54:63:ba:4c: 13:c9:bb:31:93:65:94:0a:71:54:6d:53:be:bb:35: 4b:05:ae:90:53:26:07:11:cc:77:15:fc:87:50:eb: a7:f9:d6:ce:fc:fa:8c:89:92:d2:1b:b7:56:02:fd: cd:49:51:82:29:dc:57:7b:ed:c7:02:4a:9d:82:08: a3:50:b2:02:cf:c4:d9:f2:7c:f4:45:ec:91:51:cb: 6f:9a:d5:6e:3f:19:95:15:b5:e3:f0:7e:cb:c9:dc: 6b:31:bf:d3:1f:93:12:c0:fd:94:04:03:09:a3:3a: e1:22:dc:4e:ac:67:e3:04:23:85:9f:4c:fe:a7:5c: 46:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:B9:7D:0F:C7:EA:B3:A0:0D:10:79:3F:2F:0B:7F:BC:26:3A:66:3D X509v3 Authority Key Identifier: keyid:22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3131392e34372e39302e302f32342d3234203d3e203338353237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 119.47.90.0/24 Signature Algorithm: sha256WithRSAEncryption c5:e4:36:19:9b:89:4b:57:6d:7f:fa:fc:64:4d:ca:f2:87:52: 62:68:59:60:45:7f:a8:48:b2:2b:4d:b8:22:6d:68:47:2f:eb: e2:82:1e:1d:58:e3:11:9b:9b:4d:92:da:db:1b:d0:2f:91:d7: 36:5b:c8:27:e4:f5:59:a8:e1:9e:cb:56:b2:52:08:b5:9f:d2: 06:66:b4:16:ba:e9:bf:7a:38:e3:4f:75:b1:00:6d:59:45:75: 1a:d1:26:05:4d:ae:d0:3e:9a:d5:ad:29:d5:a6:99:1a:d1:e5: 46:6a:43:c1:f9:b8:25:51:72:0e:e8:56:2b:66:af:5a:97:f3: cc:0f:4d:d7:7f:6d:d3:5b:9c:59:82:00:ca:f7:72:0e:b9:6f: a6:3e:8e:e6:b8:a6:03:45:4f:e2:88:42:78:62:b2:4a:47:2a: 8f:36:f2:1e:bf:f7:a5:2c:1c:4d:86:40:3e:6a:0d:97:ab:60: 75:85:00:ef:4f:f6:c0:e8:6c:49:44:69:6d:b0:11:ac:08:48: c7:6d:db:a0:27:ba:43:1d:eb:08:14:48:c8:fa:5d:5e:4b:2c: d2:5a:26:f1:41:9d:36:ca:44:05:ab:26:ff:92:4d:e5:31:18: 46:0e:c3:70:39:c5:42:06:6c:97:d4:e8:c2:e3:67:20:4f:40: 5e:93:cf:d8 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUTDwSOv+wN5aIdTF0ihEdVAzrSl8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBD RjlBNjQ3MzAeFw0yNTAyMjQxMDA4NTZaFw0yNjAyMjMxMDEzNTZaMDMxMTAvBgNV BAMTKEU5Qjk3RDBGQzdFQUIzQTAwRDEwNzkzRjJGMEI3RkJDMjYzQTY2M0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt78Eap2YTwbuiOZOZHDC6Eq9m DDFs7YJMS/NFvSy7yCXsxDf7z5+PAHbgvNHdgDTlCwdTy7L8j0jfnvpZ9CVjIcCN 3Hefslc4GZqTw3VxU6zORr0OwstSITYGwoT44iy+yHH7fXD8oWLIn8jLyOuvPb8l eb0O4f6OtEJi8/M2ROQJVGO6TBPJuzGTZZQKcVRtU767NUsFrpBTJgcRzHcV/IdQ 66f51s78+oyJktIbt1YC/c1JUYIp3Fd77ccCSp2CCKNQsgLPxNnyfPRF7JFRy2+a 1W4/GZUVtePwfsvJ3Gsxv9MfkxLA/ZQEAwmjOuEi3E6sZ+MEI4WfTP6nXEZtAgMB AAGjggIwMIICLDAdBgNVHQ4EFgQU6bl9D8fqs6ANEHk/Lwt/vCY6Zj0wHwYDVR0j BBgwFoAUIo51K7+4wWs7RvPTiOztUM+aZHMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MTdlZmQyYS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMC8yMjhFNzUyQkJG QjhDMTZCM0I0NkYzRDM4OEVDRUQ1MENGOUE2NDczLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBDRjlB NjQ3My5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxN2VmZDJhLTAyYWItNDIwMi05 NzBmLWY2OTlkZmY5N2RlNS8wLzMxMzEzOTJlMzQzNzJlMzkzMDJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMzMzgzNTMyMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB3L1owDQYJKoZIhvcN AQELBQADggEBAMXkNhmbiUtXbX/6/GRNyvKHUmJoWWBFf6hIsitNuCJtaEcv6+KC Hh1Y4xGbm02S2tsb0C+R1zZbyCfk9Vmo4Z7LVrJSCLWf0gZmtBa66b96OONPdbEA bVlFdRrRJgVNrtA+mtWtKdWmmRrR5UZqQ8H5uCVRcg7oVitmr1qX88wPTdd/bdNb nFmCAMr3cg65b6Y+jua4pgNFT+KIQnhiskpHKo828h6/96UsHE2GQD5qDZerYHWF AO9P9sDobElEaW2wEawISMdt26AnukMd6wgUSMj6XV5LLNJaJvFBnTbKRAWrJv+S TeUxGEYOw3A5xUIGbJfU6MLjZyBPQF6Tz9g= -----END CERTIFICATE-----Generated at Mon Apr 7 02:19:54 2025 by rpki-client