$ rpki-client -vvf repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39372e302f32342d3234203d3e20313530393430.roa File: 3130332e3130312e39372e302f32342d3234203d3e20313530393430.roa (raw, json) Hash identifier: aTXk/DsjXzFyIklyAQb47qbqcaGolhR0lzBTP747Tls= Subject key identifier: 29:F1:4B:00:F4:A6:FD:D6:D1:5F:04:A4:11:5D:A1:EA:5A:F9:26:98 Certificate issuer: /CN=8D7AD1F796C88BCD49E1BEC42851AFA58BD78588 Certificate serial: 38049A9D162FABD6A93B1C768340F9A8F95A54A3 Authority key identifier: 8D:7A:D1:F7:96:C8:8B:CD:49:E1:BE:C4:28:51:AF:A5:8B:D7:85:88 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39372e302f32342d3234203d3e20313530393430.roa Signing time: Sun 02 Feb 2025 04:02:21 +0000 ROA not before: Sun 02 Feb 2025 03:57:21 +0000 ROA not after: Sun 01 Feb 2026 04:02:21 +0000 asID: 150940 IP address blocks: 103.101.97.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.crl rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 19:43:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:04:9a:9d:16:2f:ab:d6:a9:3b:1c:76:83:40:f9:a8:f9:5a:54:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D7AD1F796C88BCD49E1BEC42851AFA58BD78588 Validity Not Before: Feb 2 03:57:21 2025 GMT Not After : Feb 1 04:02:21 2026 GMT Subject: CN=29F14B00F4A6FDD6D15F04A4115DA1EA5AF92698 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3d:1d:b9:15:12:15:eb:88:fc:6b:c3:44:76: 04:22:5f:d7:21:17:96:b7:b9:49:81:9f:2b:17:78: 6b:18:be:28:74:3a:64:68:8a:fc:1f:85:06:3f:63: e2:4e:c3:84:91:fe:88:09:d7:1c:45:4b:e5:3e:1e: e4:89:5a:5d:6f:86:cf:4a:1c:c2:67:01:16:19:65: 48:60:e7:f9:08:c3:93:ff:6e:31:e6:62:35:eb:3c: fd:0f:50:1f:e4:65:75:b9:8e:e1:72:d0:09:8d:02: 56:13:6b:c7:b6:c8:0a:ed:1e:b7:04:91:15:9b:4d: ed:75:26:7e:cd:c9:25:3d:03:04:f7:50:e8:f6:c5: 48:db:98:b8:91:60:65:b9:df:72:ba:18:84:f6:31: 51:2a:31:20:73:a4:6e:83:2b:c7:15:ae:1c:3f:d2: cf:88:dc:77:30:9f:33:03:48:de:bb:a2:35:44:0a: cf:0a:bc:f1:52:97:4e:4c:be:ac:bb:f3:fa:ff:94: 62:64:15:3c:cf:a2:d8:9c:d3:db:6f:78:ff:1a:6f: 22:6d:67:df:4b:3a:ec:fb:0d:f6:3d:53:1a:32:78: 2b:77:3a:89:c6:21:d2:ab:41:18:68:6e:4a:6b:f9: 45:bf:83:47:dd:2c:ee:1f:f1:63:54:93:ca:57:18: ad:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F1:4B:00:F4:A6:FD:D6:D1:5F:04:A4:11:5D:A1:EA:5A:F9:26:98 X509v3 Authority Key Identifier: keyid:8D:7A:D1:F7:96:C8:8B:CD:49:E1:BE:C4:28:51:AF:A5:8B:D7:85:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8D7AD1F796C88BCD49E1BEC42851AFA58BD78588.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4157c9ac-52db-4dba-ac77-845e2ddd8879/0/3130332e3130312e39372e302f32342d3234203d3e20313530393430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.101.97.0/24 Signature Algorithm: sha256WithRSAEncryption ba:a0:7a:e9:e7:51:4a:04:3f:10:e7:b2:e2:a3:37:98:69:19: 95:1f:04:77:ec:a5:95:d8:98:a0:d2:f3:08:f8:66:5b:82:33: 64:b9:be:37:ef:40:5d:aa:86:5e:25:6a:ab:f5:26:9f:69:d0: de:5f:ee:dc:b4:f9:09:f5:7e:b8:02:9c:b4:f5:41:f3:93:5d: 45:9d:c5:3d:75:c7:80:94:11:6a:36:7a:f5:f8:3e:60:06:d0: f3:42:cd:9f:37:4c:0b:e6:12:29:ec:de:1f:5b:1d:4b:1b:47: b5:be:28:69:94:2f:26:a6:1c:7e:a5:ba:1c:d6:78:fc:c6:f0: d1:91:aa:46:aa:b1:6b:87:d6:e2:e0:a7:ba:0e:b6:34:0c:d9: e1:dd:26:53:11:53:39:93:b5:e9:af:3a:b3:3e:17:8f:e6:47: 6d:f1:0e:ec:81:fa:ec:01:09:9e:9c:d8:c0:f1:f3:3a:15:55: 24:41:85:7f:ce:67:dc:43:3c:41:fa:d0:ab:47:a8:72:88:da: cc:84:df:2c:78:25:f0:68:5e:40:21:0d:09:17:2c:ca:45:6a: 05:de:a0:1d:a2:14:a4:cd:25:4d:8a:87:3f:28:97:93:9f:f6: 92:ff:d3:e4:42:48:89:eb:bd:37:a2:89:9e:61:dd:75:64:d9: 05:8c:1f:24 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUOASanRYvq9apOxx2g0D5qPlaVKMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ3QUQxRjc5NkM4OEJDRDQ5RTFCRUM0Mjg1MUFGQTU4 QkQ3ODU4ODAeFw0yNTAyMDIwMzU3MjFaFw0yNjAyMDEwNDAyMjFaMDMxMTAvBgNV BAMTKDI5RjE0QjAwRjRBNkZERDZEMTVGMDRBNDExNURBMUVBNUFGOTI2OTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpPR25FRIV64j8a8NEdgQiX9ch F5a3uUmBnysXeGsYvih0OmRoivwfhQY/Y+JOw4SR/ogJ1xxFS+U+HuSJWl1vhs9K HMJnARYZZUhg5/kIw5P/bjHmYjXrPP0PUB/kZXW5juFy0AmNAlYTa8e2yArtHrcE kRWbTe11Jn7NySU9AwT3UOj2xUjbmLiRYGW533K6GIT2MVEqMSBzpG6DK8cVrhw/ 0s+I3HcwnzMDSN67ojVECs8KvPFSl05Mvqy78/r/lGJkFTzPotic09tveP8abyJt Z99LOuz7DfY9UxoyeCt3OonGIdKrQRhobkpr+UW/g0fdLO4f8WNUk8pXGK3dAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUKfFLAPSm/dbRXwSkEV2h6lr5JpgwHwYDVR0j BBgwFoAUjXrR95bIi81J4b7EKFGvpYvXhYgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MTU3YzlhYy01MmRiLTRkYmEtYWM3Ny04NDVlMmRkZDg4NzkvMC84RDdBRDFGNzk2 Qzg4QkNENDlFMUJFQzQyODUxQUZBNThCRDc4NTg4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEQ3QUQxRjc5NkM4OEJDRDQ5RTFCRUM0Mjg1MUFGQTU4QkQ3 ODU4OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQxNTdjOWFjLTUyZGItNGRiYS1h Yzc3LTg0NWUyZGRkODg3OS8wLzMxMzAzMzJlMzEzMDMxMmUzOTM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzkzNDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2VhMA0GCSqG SIb3DQEBCwUAA4IBAQC6oHrp51FKBD8Q57LiozeYaRmVHwR37KWV2Jig0vMI+GZb gjNkub4370BdqoZeJWqr9SafadDeX+7ctPkJ9X64Apy09UHzk11FncU9dceAlBFq Nnr1+D5gBtDzQs2fN0wL5hIp7N4fWx1LG0e1vihplC8mphx+pboc1nj8xvDRkapG qrFrh9bi4Ke6DrY0DNnh3SZTEVM5k7XprzqzPheP5kdt8Q7sgfrsAQmenNjA8fM6 FVUkQYV/zmfcQzxB+tCrR6hyiNrMhN8seCXwaF5AIQ0JFyzKRWoF3qAdohSkzSVN ioc/KJeTn/aS/9PkQkiJ6703oomeYd11ZNkFjB8k -----END CERTIFICATE-----Generated at Sun Apr 6 22:33:05 2025 by rpki-client