$ rpki-client -vvf repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32312e302f32342d3234203d3e203338353237.roa File: 3132342e3130392e32312e302f32342d3234203d3e203338353237.roa (raw, json) Hash identifier: JF25GsZLyzVMqdMpnO1WYlSsjR6hM621Mtm2BRDUvVE= Subject key identifier: 9A:6B:DD:AF:9D:27:1D:D6:DA:BA:2F:63:20:44:A8:1A:45:34:D6:D9 Certificate issuer: /CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Certificate serial: 79CA993183CC4BFDA0FAA0F73E475A3CCE3F7457 Authority key identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject info access: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32312e302f32342d3234203d3e203338353237.roa Signing time: Wed 15 Jan 2025 12:00:02 +0000 ROA not before: Wed 15 Jan 2025 11:55:02 +0000 ROA not after: Wed 14 Jan 2026 12:00:02 +0000 asID: 38527 IP address blocks: 124.109.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 02:39:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:ca:99:31:83:cc:4b:fd:a0:fa:a0:f7:3e:47:5a:3c:ce:3f:74:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Validity Not Before: Jan 15 11:55:02 2025 GMT Not After : Jan 14 12:00:02 2026 GMT Subject: CN=9A6BDDAF9D271DD6DABA2F632044A81A4534D6D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:bf:8d:41:7c:ca:3f:80:86:25:fe:9c:e7:7d: 21:e4:68:8f:6e:cc:5b:54:e5:00:e4:dd:0b:64:a7: 77:93:fd:74:2f:35:5c:72:9b:7f:a3:af:79:96:7d: c2:5d:81:eb:97:f2:25:89:ea:d3:92:8f:4d:56:b8: fe:a8:ea:fd:3c:26:94:53:c9:41:bd:8e:cd:20:7e: c6:57:cb:0d:95:bc:1f:c9:e6:4c:0d:d7:18:e8:5b: ec:2c:ec:0d:d2:0c:67:7c:00:f4:80:92:96:05:f3: ea:b0:49:7e:f6:db:8b:3a:1f:bd:81:cd:c7:d5:a6: 11:7c:79:c0:c4:3e:e8:81:01:db:9c:f1:b6:68:0d: 99:1c:c8:9b:d4:b0:a5:f7:d1:54:4f:12:ce:ac:0d: 82:8c:66:11:6b:ae:63:43:0f:55:1d:a4:d7:61:75: dd:6d:c6:cf:e1:e8:5b:fc:b6:33:18:a8:7b:63:69: 7a:cc:13:c4:ec:cf:df:0f:28:ea:ea:09:dd:b3:95: c3:cf:ea:36:76:b6:4a:1a:dd:54:79:ff:e6:d1:57: e7:bc:6e:c7:2d:bb:f2:69:86:d9:2f:b3:cf:57:ad: d7:e8:10:5a:bc:40:5f:10:27:e2:03:93:04:59:77: 3f:0c:04:77:c6:9d:c1:b2:ca:1a:d7:7e:95:ca:d5: 80:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:6B:DD:AF:9D:27:1D:D6:DA:BA:2F:63:20:44:A8:1A:45:34:D6:D9 X509v3 Authority Key Identifier: keyid:22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32312e302f32342d3234203d3e203338353237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 124.109.21.0/24 Signature Algorithm: sha256WithRSAEncryption cf:38:e6:b5:02:41:7a:32:e9:e0:d3:4e:08:46:b6:3f:24:43: 86:76:fb:b3:91:01:bd:89:40:3a:40:d0:8c:b4:5d:e4:5e:05: 1a:b1:9f:9c:f7:61:2d:da:56:5c:16:6a:87:e3:3d:d8:8e:a5: 2f:50:9d:06:aa:8a:85:5c:c3:cd:49:cb:f3:61:64:8c:00:b7: 88:84:59:52:da:90:ae:83:f0:6b:d3:f0:92:1a:6e:cf:a0:0a: 33:a0:c9:3f:ac:59:29:14:95:77:c4:76:6b:7e:6a:92:22:14: 7c:c4:66:28:9b:7d:8d:de:ef:e7:94:1c:b3:2b:34:b7:04:ae: 04:7a:c6:65:20:d3:9d:b6:1a:43:01:be:e9:de:0d:e8:6f:24: 93:e8:23:6d:2e:66:e6:f6:6d:ae:3b:f2:49:7c:b0:39:d6:7f: ed:65:e4:f6:6f:5a:30:2c:82:1f:61:d8:33:55:10:52:e4:15: fe:57:0e:c9:2f:29:26:b2:ad:ae:1a:00:a2:f4:1f:29:ff:a5: 51:4e:8b:da:dd:c4:0a:06:cf:6c:8a:2e:92:81:3d:1c:de:cf: bd:d0:5e:cc:55:ce:49:fe:96:29:6a:2b:de:f8:4e:d8:1d:bf: ce:f2:79:c7:c0:31:32:65:79:b0:7d:ed:82:5a:e6:71:d1:19: b4:2d:d1:41 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUecqZMYPMS/2g+qD3PkdaPM4/dFcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBD RjlBNjQ3MzAeFw0yNTAxMTUxMTU1MDJaFw0yNjAxMTQxMjAwMDJaMDMxMTAvBgNV BAMTKDlBNkJEREFGOUQyNzFERDZEQUJBMkY2MzIwNDRBODFBNDUzNEQ2RDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVv41BfMo/gIYl/pznfSHkaI9u zFtU5QDk3Qtkp3eT/XQvNVxym3+jr3mWfcJdgeuX8iWJ6tOSj01WuP6o6v08JpRT yUG9js0gfsZXyw2VvB/J5kwN1xjoW+ws7A3SDGd8APSAkpYF8+qwSX7224s6H72B zcfVphF8ecDEPuiBAduc8bZoDZkcyJvUsKX30VRPEs6sDYKMZhFrrmNDD1UdpNdh dd1txs/h6Fv8tjMYqHtjaXrME8Tsz98PKOrqCd2zlcPP6jZ2tkoa3VR5/+bRV+e8 bsctu/Jphtkvs89XrdfoEFq8QF8QJ+IDkwRZdz8MBHfGncGyyhrXfpXK1YCLAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUmmvdr50nHdbaui9jIESoGkU01tkwHwYDVR0j BBgwFoAUIo51K7+4wWs7RvPTiOztUM+aZHMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MTdlZmQyYS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMC8yMjhFNzUyQkJG QjhDMTZCM0I0NkYzRDM4OEVDRUQ1MENGOUE2NDczLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBDRjlB NjQ3My5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxN2VmZDJhLTAyYWItNDIwMi05 NzBmLWY2OTlkZmY5N2RlNS8wLzMxMzIzNDJlMzEzMDM5MmUzMjMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM1MzIzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHxtFTANBgkqhkiG 9w0BAQsFAAOCAQEAzzjmtQJBejLp4NNOCEa2PyRDhnb7s5EBvYlAOkDQjLRd5F4F GrGfnPdhLdpWXBZqh+M92I6lL1CdBqqKhVzDzUnL82FkjAC3iIRZUtqQroPwa9Pw khpuz6AKM6DJP6xZKRSVd8R2a35qkiIUfMRmKJt9jd7v55Qcsys0twSuBHrGZSDT nbYaQwG+6d4N6G8kk+gjbS5m5vZtrjvySXywOdZ/7WXk9m9aMCyCH2HYM1UQUuQV /lcOyS8pJrKtrhoAovQfKf+lUU6L2t3ECgbPbIoukoE9HN7PvdBezFXOSf6WKWor 3vhO2B2/zvJ5x8AxMmV5sH3tglrmcdEZtC3RQQ== -----END CERTIFICATE-----Generated at Mon Apr 7 02:22:10 2025 by rpki-client