$ rpki-client -vvf repo-rpki.idnic.net/repo/341ff3e2-76b6-4833-86b5-82f3fa4ebcb7/0/3130332e3134342e32312e302f32342d3234203d3e20313339343233.roa File: 3130332e3134342e32312e302f32342d3234203d3e20313339343233.roa (raw, json) Hash identifier: +C1/uvN7CYXfdE0s0cHFFQ7douw+zlPNc8mJpTG123o= Subject key identifier: 38:AD:73:1B:20:BD:6B:49:BE:9D:26:0C:0D:44:8F:AD:E3:73:EF:CC Certificate issuer: /CN=064A8F9FBD487AB04370A31B7D603B27E6674937 Certificate serial: 23A46F44916228C7EC598D4046A597C5F30DE4B2 Authority key identifier: 06:4A:8F:9F:BD:48:7A:B0:43:70:A3:1B:7D:60:3B:27:E6:67:49:37 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/064A8F9FBD487AB04370A31B7D603B27E6674937.cer Subject info access: rsync://repo-rpki.idnic.net/repo/341ff3e2-76b6-4833-86b5-82f3fa4ebcb7/0/3130332e3134342e32312e302f32342d3234203d3e20313339343233.roa Signing time: Fri 21 Mar 2025 08:00:00 +0000 ROA not before: Fri 21 Mar 2025 07:55:00 +0000 ROA not after: Fri 20 Mar 2026 08:00:00 +0000 asID: 139423 IP address blocks: 103.144.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/341ff3e2-76b6-4833-86b5-82f3fa4ebcb7/0/064A8F9FBD487AB04370A31B7D603B27E6674937.crl rsync://repo-rpki.idnic.net/repo/341ff3e2-76b6-4833-86b5-82f3fa4ebcb7/0/064A8F9FBD487AB04370A31B7D603B27E6674937.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/064A8F9FBD487AB04370A31B7D603B27E6674937.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 20:45:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:a4:6f:44:91:62:28:c7:ec:59:8d:40:46:a5:97:c5:f3:0d:e4:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=064A8F9FBD487AB04370A31B7D603B27E6674937 Validity Not Before: Mar 21 07:55:00 2025 GMT Not After : Mar 20 08:00:00 2026 GMT Subject: CN=38AD731B20BD6B49BE9D260C0D448FADE373EFCC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:7a:87:d0:7e:7e:fc:be:df:61:dd:22:f2:c3: aa:b5:54:11:11:d8:da:e9:93:5d:62:87:11:61:8e: 7a:7b:3b:c5:77:fd:d5:18:30:7b:2d:e1:4c:d0:a8: 0a:a5:c6:75:f1:bf:70:e9:34:6c:74:42:4e:4c:06: b9:5d:c9:c8:32:10:7e:d5:36:ed:27:1d:bd:31:ca: 83:6b:c3:92:19:27:d4:5e:38:3f:f8:4e:ad:04:8a: 2b:45:d5:2d:9e:42:32:9a:0f:81:bf:e0:ca:b0:d1: e2:cc:72:c3:ad:60:a8:ff:ee:c8:bf:9e:6f:ba:f5: 2d:f2:4c:53:0f:25:5e:89:f0:75:61:6e:77:0d:5d: 37:d7:80:22:9e:c9:a4:dc:b0:4c:5e:4f:91:70:5a: 49:32:1e:30:5e:23:a3:17:0d:91:67:d7:36:51:dd: 49:b1:00:ba:7f:01:77:14:79:a3:bf:fd:86:01:37: ed:5b:3c:b6:18:12:26:73:d1:a6:d2:71:42:23:72: 51:5d:35:18:d5:e7:06:59:4c:77:d6:79:9e:72:3a: 73:59:97:d6:16:27:90:bb:39:e3:81:50:f5:9b:79: 47:c3:19:1f:65:ad:a6:07:d8:9e:4b:c6:1d:e7:6a: f5:44:5f:ff:9e:0c:8b:7b:7b:c9:26:0c:ce:26:1b: 40:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:AD:73:1B:20:BD:6B:49:BE:9D:26:0C:0D:44:8F:AD:E3:73:EF:CC X509v3 Authority Key Identifier: keyid:06:4A:8F:9F:BD:48:7A:B0:43:70:A3:1B:7D:60:3B:27:E6:67:49:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/341ff3e2-76b6-4833-86b5-82f3fa4ebcb7/0/064A8F9FBD487AB04370A31B7D603B27E6674937.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/064A8F9FBD487AB04370A31B7D603B27E6674937.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/341ff3e2-76b6-4833-86b5-82f3fa4ebcb7/0/3130332e3134342e32312e302f32342d3234203d3e20313339343233.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.144.21.0/24 Signature Algorithm: sha256WithRSAEncryption 34:c2:b9:75:b1:96:57:ae:08:02:2f:db:23:4f:61:1c:63:a7: 6b:c9:ef:b5:29:ff:9a:ac:58:21:15:43:09:6e:31:67:af:d0: 86:15:3f:c2:d8:17:81:7c:ba:c0:76:de:a8:7f:2b:79:6d:57: c9:e0:03:92:47:11:70:ea:6e:44:4b:19:f7:ba:23:8b:36:27: b6:13:a4:5e:f0:d2:3f:95:21:ca:8e:44:15:c8:f1:11:f0:e3: 53:59:14:19:52:15:00:5d:06:e4:c8:23:ab:8b:16:df:a0:f6: 20:eb:bb:0a:4d:de:79:83:1c:61:06:8c:86:78:4a:ee:2c:04: 33:68:4e:24:bf:3b:8e:49:9e:f0:27:31:df:1a:05:b3:6f:de: b1:d9:ac:2a:62:5f:be:9f:c0:2f:a6:97:55:07:46:91:24:29: 72:63:de:eb:69:9f:8a:3e:f2:66:97:63:69:1d:af:c5:93:0d: 0e:01:f0:92:dd:dc:1a:f4:05:76:75:f7:e9:e7:cb:89:ed:ff: a4:b8:da:ef:99:92:d2:ca:42:6c:12:a0:d1:67:4e:bb:2d:bd: 8e:af:c2:9e:7b:d9:a8:41:fc:81:be:ec:71:37:c5:a9:bf:b5: d3:17:2e:7f:8d:15:e3:f7:84:9a:e9:2f:3b:5f:ee:a8:74:1f: 72:bd:a7:34 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUI6RvRJFiKMfsWY1ARqWXxfMN5LIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDY0QThGOUZCRDQ4N0FCMDQzNzBBMzFCN0Q2MDNCMjdF NjY3NDkzNzAeFw0yNTAzMjEwNzU1MDBaFw0yNjAzMjAwODAwMDBaMDMxMTAvBgNV BAMTKDM4QUQ3MzFCMjBCRDZCNDlCRTlEMjYwQzBENDQ4RkFERTM3M0VGQ0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyeofQfn78vt9h3SLyw6q1VBER 2Nrpk11ihxFhjnp7O8V3/dUYMHst4UzQqAqlxnXxv3DpNGx0Qk5MBrldycgyEH7V Nu0nHb0xyoNrw5IZJ9ReOD/4Tq0EiitF1S2eQjKaD4G/4Mqw0eLMcsOtYKj/7si/ nm+69S3yTFMPJV6J8HVhbncNXTfXgCKeyaTcsExeT5FwWkkyHjBeI6MXDZFn1zZR 3UmxALp/AXcUeaO//YYBN+1bPLYYEiZz0abScUIjclFdNRjV5wZZTHfWeZ5yOnNZ l9YWJ5C7OeOBUPWbeUfDGR9lraYH2J5Lxh3navVEX/+eDIt7e8kmDM4mG0BhAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUOK1zGyC9a0m+nSYMDUSPreNz78wwHwYDVR0j BBgwFoAUBkqPn71IerBDcKMbfWA7J+ZnSTcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z NDFmZjNlMi03NmI2LTQ4MzMtODZiNS04MmYzZmE0ZWJjYjcvMC8wNjRBOEY5RkJE NDg3QUIwNDM3MEEzMUI3RDYwM0IyN0U2Njc0OTM3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMDY0QThGOUZCRDQ4N0FCMDQzNzBBMzFCN0Q2MDNCMjdFNjY3 NDkzNy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM0MWZmM2UyLTc2YjYtNDgzMy04 NmI1LTgyZjNmYTRlYmNiNy8wLzMxMzAzMzJlMzEzNDM0MmUzMjMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM5MzQzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5AVMA0GCSqG SIb3DQEBCwUAA4IBAQA0wrl1sZZXrggCL9sjT2EcY6drye+1Kf+arFghFUMJbjFn r9CGFT/C2BeBfLrAdt6ofyt5bVfJ4AOSRxFw6m5ESxn3uiOLNie2E6Re8NI/lSHK jkQVyPER8ONTWRQZUhUAXQbkyCOrixbfoPYg67sKTd55gxxhBoyGeEruLAQzaE4k vzuOSZ7wJzHfGgWzb96x2awqYl++n8AvppdVB0aRJClyY97raZ+KPvJml2NpHa/F kw0OAfCS3dwa9AV2dffp58uJ7f+kuNrvmZLSykJsEqDRZ067Lb2Or8Kee9moQfyB vuxxN8Wpv7XTFy5/jRXj94Sa6S87X+6odB9yvac0 -----END CERTIFICATE-----Generated at Sun Apr 6 10:45:56 2025 by rpki-client