$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa File: 3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa (raw, json) Hash identifier: 3TU0ZY/kyeUSky37zsvNRU2Lw2o0cSyqr21uRrNOcGk= Subject key identifier: 04:3D:D7:1C:57:60:10:70:63:5E:53:8C:B7:81:49:16:EA:FA:4D:2A Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Certificate serial: 56D9E50B5680505E742FA0103ED8DFD2BEFCECAC Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa Signing time: Sun 10 Sep 2023 10:00:04 +0000 ROA not before: Sun 10 Sep 2023 09:55:04 +0000 ROA not after: Sun 08 Sep 2024 10:00:04 +0000 asID: 63859 IP address blocks: 158.140.168.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 17:02:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:d9:e5:0b:56:80:50:5e:74:2f:a0:10:3e:d8:df:d2:be:fc:ec:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Validity Not Before: Sep 10 09:55:04 2023 GMT Not After : Sep 8 10:00:04 2024 GMT Subject: CN=043DD71C57601070635E538CB7814916EAFA4D2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d0:66:6b:cc:83:f1:c8:32:40:38:37:23:a4: 26:71:87:c7:c6:df:b9:66:9f:7c:ee:1e:22:a1:c5: ed:4e:94:4f:a1:a9:4e:7f:62:bf:29:33:83:1d:25: a6:c4:01:94:c4:d3:75:91:81:6d:38:c1:43:0d:63: 53:71:24:cd:11:05:d5:83:74:7f:33:3e:8a:a1:1c: 13:ae:95:a1:cf:f5:ba:6c:91:f4:2b:4a:7c:80:15: e5:c4:3c:da:0f:3a:09:5b:f0:dd:26:2a:cc:6f:d5: b3:d8:66:a9:c3:28:1c:ca:8f:0e:cd:10:af:b5:57: 37:85:10:8d:22:1c:d4:42:98:c7:e2:cc:56:cb:48: b2:02:8c:e0:bb:5d:42:dd:ed:16:c9:c2:65:64:2a: 88:11:68:31:a4:36:a1:06:f4:43:b4:54:18:f3:ec: 8f:f6:39:5b:43:ee:3f:f7:97:22:11:3d:23:0e:8a: 93:52:6d:55:60:09:cb:e5:0f:f4:66:f6:99:cb:d2: e3:8e:7e:43:7d:5e:8b:18:ce:12:00:a3:9d:f1:bf: 9d:7e:c2:14:19:ae:82:d4:d9:71:43:31:a8:b6:70: 41:99:09:6b:cf:20:d0:48:4e:05:dc:87:a9:9c:9c: 61:6d:1f:46:b3:63:40:78:ee:8c:54:5c:e8:71:7b: 1d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:3D:D7:1C:57:60:10:70:63:5E:53:8C:B7:81:49:16:EA:FA:4D:2A X509v3 Authority Key Identifier: keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.140.168.0/24 Signature Algorithm: sha256WithRSAEncryption 30:0e:65:b1:bb:11:b0:ce:4a:8c:ca:0f:3d:83:fb:f1:35:e4: e9:47:a4:b9:e2:f2:cc:1b:b4:ac:be:00:f0:bb:11:d8:4a:a7: f8:20:a1:9c:0e:bc:f8:4c:58:eb:24:cc:3d:84:1f:10:77:8e: bf:eb:8e:1e:44:93:cf:21:33:ab:98:a9:10:ac:96:67:d3:65: a2:a8:dd:2e:7a:ee:e1:5a:5c:52:55:b8:f5:ce:08:8f:e6:5c: 2f:fa:26:42:de:f7:49:37:15:9d:e5:35:1b:fe:9e:e5:b3:fe: db:93:bb:33:1b:c6:51:80:7e:ee:23:49:5d:08:7c:6d:15:a9: e3:29:ae:7b:31:21:70:92:78:36:ff:1f:8f:c7:f0:c0:a8:08: ed:e4:60:79:48:f7:b8:da:45:c9:be:81:cc:33:12:0b:42:b2: df:b1:b7:91:95:e9:db:e4:6a:49:28:e3:b5:95:33:47:df:d4: 76:24:98:44:ae:a6:d3:07:5f:ae:b2:78:ca:7a:de:f3:3a:9b: 4f:f1:35:bd:c3:f8:17:7a:1a:dc:49:4e:28:68:18:ba:64:27: dd:90:d5:30:2e:a5:59:1c:7b:64:86:ea:d2:2a:fa:82:2f:00: d9:16:38:af:36:fa:be:6f:35:9c:dc:23:c4:a4:c1:aa:53:fb: f9:7b:0c:3a -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUVtnlC1aAUF50L6AQPtjf0r787KwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0 NzBFOEZDRjAeFw0yMzA5MTAwOTU1MDRaFw0yNDA5MDgxMDAwMDRaMDMxMTAvBgNV BAMTKDA0M0RENzFDNTc2MDEwNzA2MzVFNTM4Q0I3ODE0OTE2RUFGQTREMkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk0GZrzIPxyDJAODcjpCZxh8fG 37lmn3zuHiKhxe1OlE+hqU5/Yr8pM4MdJabEAZTE03WRgW04wUMNY1NxJM0RBdWD dH8zPoqhHBOulaHP9bpskfQrSnyAFeXEPNoPOglb8N0mKsxv1bPYZqnDKBzKjw7N EK+1VzeFEI0iHNRCmMfizFbLSLICjOC7XULd7RbJwmVkKogRaDGkNqEG9EO0VBjz 7I/2OVtD7j/3lyIRPSMOipNSbVVgCcvlD/Rm9pnL0uOOfkN9XosYzhIAo53xv51+ whQZroLU2XFDMai2cEGZCWvPINBITgXch6mcnGFtH0azY0B47oxUXOhxex1bAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUBD3XHFdgEHBjXlOMt4FJFur6TSowHwYDVR0j BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04 NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM2MzgyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnoyoMA0GCSqG SIb3DQEBCwUAA4IBAQAwDmWxuxGwzkqMyg89g/vxNeTpR6S54vLMG7SsvgDwuxHY Sqf4IKGcDrz4TFjrJMw9hB8Qd46/644eRJPPITOrmKkQrJZn02WiqN0ueu7hWlxS Vbj1zgiP5lwv+iZC3vdJNxWd5TUb/p7ls/7bk7szG8ZRgH7uI0ldCHxtFanjKa57 MSFwkng2/x+Px/DAqAjt5GB5SPe42kXJvoHMMxILQrLfsbeRlenb5GpJKOO1lTNH 39R2JJhErqbTB1+usnjKet7zOptP8TW9w/gXehrcSU4oaBi6ZCfdkNUwLqVZHHtk hurSKvqCLwDZFjivNvq+bzWc3CPEpMGqU/v5eww6 -----END CERTIFICATE-----Generated at Sun May 5 00:13:44 2024 by rpki-client on console-ams.rpki-client.org