$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/36362e39362e3232352e302f32342d3234203d3e203633383539.roa File: 36362e39362e3232352e302f32342d3234203d3e203633383539.roa (raw, json) Hash identifier: YEdXv83hvcHqfxohgas1MMDjVQUMpOLCegBwBc0urVA= Subject key identifier: 0E:C0:06:D1:EE:0A:31:CD:E6:C1:95:4B:12:D2:C2:B7:EF:76:3F:A2 Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Certificate serial: 4D201B6B31922845F3F1237035BC1462AE2C997E Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/36362e39362e3232352e302f32342d3234203d3e203633383539.roa Signing time: Sun 11 Aug 2024 07:00:02 +0000 ROA not before: Sun 11 Aug 2024 06:55:02 +0000 ROA not after: Sun 10 Aug 2025 07:00:02 +0000 asID: 63859 IP address blocks: 66.96.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:20:1b:6b:31:92:28:45:f3:f1:23:70:35:bc:14:62:ae:2c:99:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Validity Not Before: Aug 11 06:55:02 2024 GMT Not After : Aug 10 07:00:02 2025 GMT Subject: CN=0EC006D1EE0A31CDE6C1954B12D2C2B7EF763FA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f6:91:a9:18:47:76:3b:76:58:0a:4d:9a:47: 87:9e:48:1f:f1:7f:14:bf:d6:f8:da:89:3f:1f:9a: b6:33:0a:dc:ed:92:6f:1a:b1:c7:60:9d:57:8e:3d: e1:42:51:a0:74:89:53:41:aa:a7:79:22:d6:07:44: af:27:10:3b:3e:d9:8c:1a:db:2b:24:32:30:16:ca: f5:75:ba:b4:16:d1:90:b7:53:93:08:a9:ef:45:83: fd:43:e5:d3:eb:41:bd:00:d2:e4:01:3b:bd:9b:26: 6e:05:41:bc:40:58:d8:f7:42:c2:e4:34:b6:0e:28: 4f:a0:10:f3:1a:55:47:a9:f2:a3:78:08:dd:22:3a: 17:1d:3f:ce:c8:fe:87:57:59:db:a8:e6:b9:f4:34: bb:d1:1f:8e:d7:b4:a1:b9:9f:35:9a:0a:99:9e:d7: 9b:96:fc:af:98:db:b5:3b:ca:bb:55:e8:db:90:f4: 91:46:c7:79:7e:10:ce:28:21:95:91:31:a2:d9:b3: 02:b7:be:39:7b:0f:57:32:7a:77:b3:75:6c:c4:c2: eb:7d:a6:cc:f7:65:0a:ea:38:14:01:0a:d6:c2:95: 1a:20:4f:ea:a8:fc:09:c1:b3:51:bf:56:e9:a7:3b: d2:b8:2a:9f:67:db:7f:f2:2c:10:f1:a3:96:02:b8: 95:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:C0:06:D1:EE:0A:31:CD:E6:C1:95:4B:12:D2:C2:B7:EF:76:3F:A2 X509v3 Authority Key Identifier: keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/36362e39362e3232352e302f32342d3234203d3e203633383539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.96.225.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:77:c3:2e:de:df:8c:c7:f1:6b:a0:8f:5d:ab:9a:df:bf:ff: 59:7d:cc:01:80:b6:04:19:00:cd:23:58:43:6a:b5:1e:da:31: 55:04:37:62:27:06:6d:41:e7:ad:e1:e7:35:e2:f6:a5:6d:90: 27:69:d8:38:df:ef:f4:1d:76:03:f4:ed:90:00:87:1f:53:ae: 29:fb:bf:72:f7:07:a0:29:1b:1c:d0:24:da:ea:28:c3:26:3a: de:98:ff:bb:55:60:df:4b:24:68:79:9e:f8:42:45:12:3a:5c: 73:55:db:e3:7d:88:c8:4c:a6:23:56:22:bf:b2:a3:60:fa:7b: 8e:6f:f5:28:cf:c9:09:87:90:f5:fb:4e:af:9f:00:9b:69:34: 12:47:a8:e8:a2:d2:25:39:62:5e:ef:85:f5:ad:f2:91:79:fb: 50:16:72:9b:39:f8:f9:7d:08:1c:de:45:61:2b:f7:f0:95:a5: a9:ff:28:7e:df:8b:7c:2c:3e:15:69:01:6e:6a:78:03:88:17: 0e:8e:98:86:84:b7:91:f7:d5:6a:f2:bb:43:ac:6e:0e:d0:e5: 8e:df:11:96:01:34:4e:88:f3:78:72:ce:b0:a8:7f:17:01:ef: de:88:05:64:bf:87:61:ab:87:13:43:79:f4:c1:2f:74:bd:53: 65:c9:59:09 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUTSAbazGSKEXz8SNwNbwUYq4smX4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0 NzBFOEZDRjAeFw0yNDA4MTEwNjU1MDJaFw0yNTA4MTAwNzAwMDJaMDMxMTAvBgNV BAMTKDBFQzAwNkQxRUUwQTMxQ0RFNkMxOTU0QjEyRDJDMkI3RUY3NjNGQTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc9pGpGEd2O3ZYCk2aR4eeSB/x fxS/1vjaiT8fmrYzCtztkm8ascdgnVeOPeFCUaB0iVNBqqd5ItYHRK8nEDs+2Ywa 2yskMjAWyvV1urQW0ZC3U5MIqe9Fg/1D5dPrQb0A0uQBO72bJm4FQbxAWNj3QsLk NLYOKE+gEPMaVUep8qN4CN0iOhcdP87I/odXWduo5rn0NLvRH47XtKG5nzWaCpme 15uW/K+Y27U7yrtV6NuQ9JFGx3l+EM4oIZWRMaLZswK3vjl7D1cyenezdWzEwut9 psz3ZQrqOBQBCtbClRogT+qo/AnBs1G/VumnO9K4Kp9n23/yLBDxo5YCuJX/AgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUDsAG0e4KMc3mwZVLEtLCt+92P6IwHwYDVR0j BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF OEZDRi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04 NTk4LWI3Y2QxMDEzNDNjYS8xLzM2MzYyZTM5MzYyZTMyMzIzNTJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDM2MzMzODM1Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABCYOEwDQYJKoZIhvcN AQELBQADggEBAHp3wy7e34zH8Wugj12rmt+//1l9zAGAtgQZAM0jWENqtR7aMVUE N2InBm1B563h5zXi9qVtkCdp2Djf7/QddgP07ZAAhx9Trin7v3L3B6ApGxzQJNrq KMMmOt6Y/7tVYN9LJGh5nvhCRRI6XHNV2+N9iMhMpiNWIr+yo2D6e45v9SjPyQmH kPX7Tq+fAJtpNBJHqOii0iU5Yl7vhfWt8pF5+1AWcps5+Pl9CBzeRWEr9/CVpan/ KH7fi3wsPhVpAW5qeAOIFw6OmIaEt5H31Wryu0Osbg7Q5Y7fEZYBNE6I83hyzrCo fxcB796IBWS/h2GrhxNDefTBL3S9U2XJWQk= -----END CERTIFICATE-----Generated at Wed Nov 20 16:08:08 2024 by rpki-client on console-fra.rpki-client.org