$ rpki-client -vvf repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39362e302f32332d3233203d3e20313530393430.roa File: 3130332e3130312e39362e302f32332d3233203d3e20313530393430.roa (raw, json) Hash identifier: lwBU7RZrxpXV+tNL6ldwUUEfAC8x198/UcNXhcVqIDE= Subject key identifier: B2:B8:0D:F0:E0:77:A6:20:AD:99:23:50:3E:5A:F4:37:3C:5B:D7:A3 Certificate issuer: /CN=8D7AD1F796C88BCD49E1BEC42851AFA58BD78588 Certificate serial: 0DE357421FEF6807E148369AD439EDD4CD9C533B Authority key identifier: 8D:7A:D1:F7:96:C8:8B:CD:49:E1:BE:C4:28:51:AF:A5:8B:D7:85:88 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39362e302f32332d3233203d3e20313530393430.roa Signing time: Sun 02 Feb 2025 04:02:21 +0000 ROA not before: Sun 02 Feb 2025 03:57:21 +0000 ROA not after: Sun 01 Feb 2026 04:02:21 +0000 asID: 150940 IP address blocks: 103.101.96.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.crl rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 04:26:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:e3:57:42:1f:ef:68:07:e1:48:36:9a:d4:39:ed:d4:cd:9c:53:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D7AD1F796C88BCD49E1BEC42851AFA58BD78588 Validity Not Before: Feb 2 03:57:21 2025 GMT Not After : Feb 1 04:02:21 2026 GMT Subject: CN=B2B80DF0E077A620AD9923503E5AF4373C5BD7A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:90:6d:64:76:c9:dc:ab:ec:d4:c6:64:c4:41: db:41:8c:4b:04:a7:86:40:ae:9e:55:b5:67:e7:fc: 3b:ff:cd:d9:11:2a:94:f5:a5:db:4e:6d:6c:cd:5d: 16:14:8b:1e:b2:cb:b9:55:1c:77:88:81:2f:75:13: b1:eb:3e:8c:b6:92:76:14:68:5a:ea:67:35:d1:74: b0:70:2c:cc:b0:71:dd:6e:c8:9d:87:3e:ce:89:e1: c6:c8:80:9e:6d:0a:ba:85:bc:b7:3e:c8:db:72:1a: 28:59:05:4f:9f:32:e5:ee:cb:d4:59:87:dc:a0:c7: d1:5c:fa:47:2f:4e:18:ac:1a:c8:43:a3:d6:ea:d0: 81:26:58:f2:9d:ac:16:5e:4a:b4:91:d6:f0:3d:25: 06:01:06:f2:42:69:36:e0:83:ac:54:4c:4e:c3:2e: d7:4a:1b:fd:63:fc:0a:2d:9c:3d:e0:a5:b5:6f:7b: 35:fa:06:4a:64:6e:86:3a:7e:1d:18:33:4a:af:61: 37:d0:be:53:fc:5c:55:86:43:06:fc:14:c2:69:56: 9c:48:90:b2:53:af:50:fa:67:b8:6a:c1:9a:35:a4: 97:28:e1:51:af:32:99:dd:4e:f1:f7:e4:fc:41:87: 74:db:40:8a:37:99:c3:ad:9a:54:0f:e5:42:01:04: 45:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:B8:0D:F0:E0:77:A6:20:AD:99:23:50:3E:5A:F4:37:3C:5B:D7:A3 X509v3 Authority Key Identifier: keyid:8D:7A:D1:F7:96:C8:8B:CD:49:E1:BE:C4:28:51:AF:A5:8B:D7:85:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39362e302f32332d3233203d3e20313530393430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.101.96.0/23 Signature Algorithm: sha256WithRSAEncryption 02:84:dc:6b:ac:9b:b5:6b:85:93:11:79:9d:8b:f0:18:01:39: 59:18:d6:f7:f3:0f:4a:0b:03:36:ec:30:c5:79:d5:39:34:fb: 75:ed:56:6a:0e:d0:04:67:dc:07:11:ef:44:a5:0a:d7:f9:7a: 22:cc:6c:ab:4d:2a:a5:c8:ed:cc:87:fb:c4:0f:22:b0:4e:be: a8:da:fd:97:d8:1d:b8:4e:c0:f9:dd:06:1a:0e:03:d0:c2:c4: 6b:59:7c:ca:ea:ef:82:18:86:3c:09:ce:a4:72:77:0a:c6:c1: a1:5e:ac:94:fe:d2:37:18:d0:07:74:95:77:54:6f:15:25:fa: 2e:a7:44:6d:ac:7e:bd:6c:d3:c2:f0:1c:56:3c:59:f0:e5:6a: 05:21:8a:bc:14:0a:6f:03:e5:4c:8d:c9:bd:19:29:5b:59:16: ef:7d:10:8f:86:ac:0d:50:f8:8e:e4:25:cd:f2:2f:64:10:a7: b1:34:e4:c4:a0:1f:d5:d2:48:1f:b0:32:6e:cd:23:fc:15:6f: d7:a8:3d:f4:ab:06:7c:d1:cc:49:89:a6:38:f7:c8:69:cb:c3: 1a:b8:ea:d9:44:64:c2:7d:ee:81:c5:70:a0:60:a0:58:55:00: 4e:a7:3e:ca:43:ee:94:23:5e:2c:a4:9a:47:31:b9:c2:de:1e: 4a:cc:e9:f2 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUDeNXQh/vaAfhSDaa1Dnt1M2cUzswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ3QUQxRjc5NkM4OEJDRDQ5RTFCRUM0Mjg1MUFGQTU4 QkQ3ODU4ODAeFw0yNTAyMDIwMzU3MjFaFw0yNjAyMDEwNDAyMjFaMDMxMTAvBgNV BAMTKEIyQjgwREYwRTA3N0E2MjBBRDk5MjM1MDNFNUFGNDM3M0M1QkQ3QTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWkG1kdsncq+zUxmTEQdtBjEsE p4ZArp5VtWfn/Dv/zdkRKpT1pdtObWzNXRYUix6yy7lVHHeIgS91E7HrPoy2knYU aFrqZzXRdLBwLMywcd1uyJ2HPs6J4cbIgJ5tCrqFvLc+yNtyGihZBU+fMuXuy9RZ h9ygx9Fc+kcvThisGshDo9bq0IEmWPKdrBZeSrSR1vA9JQYBBvJCaTbgg6xUTE7D LtdKG/1j/AotnD3gpbVvezX6BkpkboY6fh0YM0qvYTfQvlP8XFWGQwb8FMJpVpxI kLJTr1D6Z7hqwZo1pJco4VGvMpndTvH35PxBh3TbQIo3mcOtmlQP5UIBBEXbAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUsrgN8OB3piCtmSNQPlr0Nzxb16MwHwYDVR0j BBgwFoAUjXrR95bIi81J4b7EKFGvpYvXhYgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MTU3YzlhYy01MmRiLTRkYmEtYWM3Ny04NDVlMmRkZDg4NzkvMC84RDdBRDFGNzk2 Qzg4QkNENDlFMUJFQzQyODUxQUZBNThCRDc4NTg4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEQ3QUQxRjc5NkM4OEJDRDQ5RTFCRUM0Mjg1MUFGQTU4QkQ3 ODU4OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQxNTdjOWFjLTUyZGItNGRiYS1h Yzc3LTg0NWUyZGRkODg3OS8wLzMxMzAzMzJlMzEzMDMxMmUzOTM2MmUzMDJmMzIz MzJkMzIzMzIwM2QzZTIwMzEzNTMwMzkzNDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ2VgMA0GCSqG SIb3DQEBCwUAA4IBAQAChNxrrJu1a4WTEXmdi/AYATlZGNb38w9KCwM27DDFedU5 NPt17VZqDtAEZ9wHEe9EpQrX+XoizGyrTSqlyO3Mh/vEDyKwTr6o2v2X2B24TsD5 3QYaDgPQwsRrWXzK6u+CGIY8Cc6kcncKxsGhXqyU/tI3GNAHdJV3VG8VJfoup0Rt rH69bNPC8BxWPFnw5WoFIYq8FApvA+VMjcm9GSlbWRbvfRCPhqwNUPiO5CXN8i9k EKexNOTEoB/V0kgfsDJuzSP8FW/XqD30qwZ80cxJiaY498hpy8MauOrZRGTCfe6B xXCgYKBYVQBOpz7KQ+6UI14spJpHMbnC3h5KzOny -----END CERTIFICATE-----Generated at Tue Apr 8 15:57:25 2025 by rpki-client