$ rpki-client -vvf repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39362e302f32342d3234203d3e20313530393430.roa File: 3130332e3130312e39362e302f32342d3234203d3e20313530393430.roa (raw, json) Hash identifier: S5y/AAm56aWRItZwk28UKrK77+5w1nu1pwxZLQMOads= Subject key identifier: 57:AB:3B:A4:63:D3:9B:F4:5D:63:57:24:AB:BE:81:A6:B2:77:3F:27 Certificate issuer: /CN=8D7AD1F796C88BCD49E1BEC42851AFA58BD78588 Certificate serial: 0E1DCB17B452BFD2626CED304B7DCDE9AD3E996A Authority key identifier: 8D:7A:D1:F7:96:C8:8B:CD:49:E1:BE:C4:28:51:AF:A5:8B:D7:85:88 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39362e302f32342d3234203d3e20313530393430.roa Signing time: Sun 02 Feb 2025 04:02:21 +0000 ROA not before: Sun 02 Feb 2025 03:57:21 +0000 ROA not after: Sun 01 Feb 2026 04:02:21 +0000 asID: 150940 IP address blocks: 103.101.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.crl rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 19:43:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:1d:cb:17:b4:52:bf:d2:62:6c:ed:30:4b:7d:cd:e9:ad:3e:99:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D7AD1F796C88BCD49E1BEC42851AFA58BD78588 Validity Not Before: Feb 2 03:57:21 2025 GMT Not After : Feb 1 04:02:21 2026 GMT Subject: CN=57AB3BA463D39BF45D635724ABBE81A6B2773F27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:c8:66:20:b1:ac:9a:d5:f9:e8:5c:50:30:05: 35:f4:13:4d:ff:3f:c2:1f:6b:e1:8a:bf:5c:74:8a: 4b:2a:c0:7c:46:ac:c4:3e:2e:14:b1:ea:f7:d3:e4: 88:6a:64:3a:49:a3:1e:ef:aa:6c:ac:f7:d8:95:d4: 79:b1:a0:b9:c9:a6:f1:2a:3d:b7:ae:46:3e:74:dc: bd:be:15:3f:03:10:a1:18:c2:1e:76:30:05:5a:53: 19:15:0d:46:14:53:6f:c7:f0:66:64:90:f4:74:3d: 79:12:fd:08:df:93:70:10:7e:f7:21:51:da:9a:2c: 4d:3c:3a:a4:ac:d1:6b:8c:80:7f:01:ce:f8:8e:fb: 8f:b0:d4:42:c0:39:a2:c4:db:ba:97:7c:dd:bb:88: 40:9c:a4:a3:7f:12:89:4f:0d:16:73:ad:cd:4b:6a: 0c:57:03:d6:9b:9c:4c:ef:4c:b3:61:27:8c:21:d0: b4:88:9a:2e:cc:82:14:93:b7:f9:61:b8:bb:0f:d9: 31:a2:bf:f4:d4:6f:b7:a8:86:b1:06:a1:42:7d:be: 33:71:65:2f:a0:70:65:50:22:d3:c4:96:01:ae:1f: 02:92:48:11:82:d8:16:fe:4c:33:a2:44:c4:ac:4a: c8:26:64:c8:8b:f3:2b:87:90:04:c7:0e:9d:b1:5e: f3:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:AB:3B:A4:63:D3:9B:F4:5D:63:57:24:AB:BE:81:A6:B2:77:3F:27 X509v3 Authority Key Identifier: keyid:8D:7A:D1:F7:96:C8:8B:CD:49:E1:BE:C4:28:51:AF:A5:8B:D7:85:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39362e302f32342d3234203d3e20313530393430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.101.96.0/24 Signature Algorithm: sha256WithRSAEncryption 58:76:c1:8d:cd:23:a6:23:5e:6a:0d:7a:d8:59:eb:22:f1:c3: 19:13:b7:03:d4:00:c1:7a:a8:69:9f:7a:46:91:41:8f:68:c9: 7d:4c:60:e8:09:df:b7:56:8a:47:35:0a:b4:d7:14:a3:e0:fa: 0c:90:c3:0a:c0:ad:80:3b:fd:4c:71:2a:1d:0c:47:a1:0e:06: fe:6c:d4:91:f7:59:1f:d2:d1:5e:d6:9a:45:25:86:46:b2:20: e4:26:00:0a:0c:e2:2d:74:bf:80:1a:d1:6c:f8:a8:6e:31:2d: 0c:a9:3e:44:6d:a6:9f:6c:95:90:a5:6e:9f:1e:f1:bf:bb:5a: 97:ee:86:16:dc:4d:8b:94:44:84:50:15:0e:95:7a:94:23:57: e1:8a:0b:c2:31:e0:bb:a8:cc:b6:99:61:8b:dc:4d:c1:69:f0: d8:ab:35:d9:72:8d:da:dc:8f:fc:cd:b4:a9:e6:23:c4:67:75: a2:70:75:29:0d:ac:c0:20:10:cb:53:72:23:83:6f:eb:f2:5f: d6:12:eb:0e:62:93:fd:a5:c1:6a:c8:a9:59:3e:ea:07:ab:ce: 70:a9:3a:2b:2a:f4:87:86:d6:b9:00:2e:48:57:42:51:e7:2a: 32:83:91:e2:db:9c:95:da:f7:c5:8f:59:0a:aa:7f:64:10:6b: 16:ae:a5:26 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUDh3LF7RSv9JibO0wS33N6a0+mWowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ3QUQxRjc5NkM4OEJDRDQ5RTFCRUM0Mjg1MUFGQTU4 QkQ3ODU4ODAeFw0yNTAyMDIwMzU3MjFaFw0yNjAyMDEwNDAyMjFaMDMxMTAvBgNV BAMTKDU3QUIzQkE0NjNEMzlCRjQ1RDYzNTcyNEFCQkU4MUE2QjI3NzNGMjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLyGYgsaya1fnoXFAwBTX0E03/ P8Ifa+GKv1x0iksqwHxGrMQ+LhSx6vfT5IhqZDpJox7vqmys99iV1HmxoLnJpvEq PbeuRj503L2+FT8DEKEYwh52MAVaUxkVDUYUU2/H8GZkkPR0PXkS/Qjfk3AQfvch UdqaLE08OqSs0WuMgH8BzviO+4+w1ELAOaLE27qXfN27iECcpKN/EolPDRZzrc1L agxXA9abnEzvTLNhJ4wh0LSImi7MghSTt/lhuLsP2TGiv/TUb7eohrEGoUJ9vjNx ZS+gcGVQItPElgGuHwKSSBGC2Bb+TDOiRMSsSsgmZMiL8yuHkATHDp2xXvN3AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUV6s7pGPTm/RdY1ckq76BprJ3PycwHwYDVR0j BBgwFoAUjXrR95bIi81J4b7EKFGvpYvXhYgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MTU3YzlhYy01MmRiLTRkYmEtYWM3Ny04NDVlMmRkZDg4NzkvMC84RDdBRDFGNzk2 Qzg4QkNENDlFMUJFQzQyODUxQUZBNThCRDc4NTg4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEQ3QUQxRjc5NkM4OEJDRDQ5RTFCRUM0Mjg1MUFGQTU4QkQ3 ODU4OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQxNTdjOWFjLTUyZGItNGRiYS1h Yzc3LTg0NWUyZGRkODg3OS8wLzMxMzAzMzJlMzEzMDMxMmUzOTM2MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzkzNDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2VgMA0GCSqG SIb3DQEBCwUAA4IBAQBYdsGNzSOmI15qDXrYWesi8cMZE7cD1ADBeqhpn3pGkUGP aMl9TGDoCd+3VopHNQq01xSj4PoMkMMKwK2AO/1McSodDEehDgb+bNSR91kf0tFe 1ppFJYZGsiDkJgAKDOItdL+AGtFs+KhuMS0MqT5EbaafbJWQpW6fHvG/u1qX7oYW 3E2LlESEUBUOlXqUI1fhigvCMeC7qMy2mWGL3E3BafDYqzXZco3a3I/8zbSp5iPE Z3WicHUpDazAIBDLU3Ijg2/r8l/WEusOYpP9pcFqyKlZPuoHq85wqTorKvSHhta5 AC5IV0JR5yoyg5Hi25yV2vfFj1kKqn9kEGsWrqUm -----END CERTIFICATE-----Generated at Sun Apr 6 18:10:56 2025 by rpki-client