$ rpki-client -vvf repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa File: 3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa (raw, json) Hash identifier: mtxUuoBWjsUwdIjXZpNi9bHZl2ZJW5TeiOYPZBEVbaM= Subject key identifier: 14:2C:4E:A0:71:EC:A7:1B:DA:86:08:B2:B6:C3:07:57:8D:58:09:0E Certificate issuer: /CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Certificate serial: 4C3FB3AA15970E38104F03017FAD0BC281866787 Authority key identifier: D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa Signing time: Thu 13 Feb 2025 16:43:56 +0000 ROA not before: Thu 13 Feb 2025 16:38:56 +0000 ROA not after: Thu 12 Feb 2026 16:43:56 +0000 asID: 152413 IP address blocks: 157.20.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 22:17:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:3f:b3:aa:15:97:0e:38:10:4f:03:01:7f:ad:0b:c2:81:86:67:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Validity Not Before: Feb 13 16:38:56 2025 GMT Not After : Feb 12 16:43:56 2026 GMT Subject: CN=142C4EA071ECA71BDA8608B2B6C307578D58090E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ac:0b:d0:d5:77:73:7b:9b:b6:e9:94:11:01: f9:05:b8:b3:33:df:47:b9:6d:af:3b:48:4f:0f:be: 25:f0:e9:9b:e9:2b:a4:cc:91:f7:98:d1:d9:9c:bf: dd:f8:36:67:57:20:81:d1:71:d3:71:7a:34:db:81: d9:40:d0:64:ce:4d:6d:5b:0f:ce:c7:5f:d9:da:42: a7:22:36:ff:54:da:a0:d2:dd:0a:2b:8a:3f:77:90: aa:f6:9e:5b:bb:28:cd:89:71:e1:a8:bc:8d:44:83: 4c:ae:5a:21:37:3e:3a:dd:32:2e:50:bf:a2:7d:4a: 8a:0a:08:b0:ef:af:d2:54:d6:56:f4:9e:fb:76:fb: d1:e3:b4:2e:de:fc:de:2f:71:a7:f6:67:0c:8b:53: 36:41:6b:5f:5c:6b:f9:ce:41:37:88:19:e8:2e:02: c8:d6:da:e7:16:9e:ec:ab:68:e3:e5:bf:6a:fb:a6: c2:65:c7:38:64:11:9a:10:ef:9f:e4:5c:c8:80:0a: cf:36:2e:e2:c7:e4:91:99:a4:45:e8:57:3e:4d:55: 37:76:8e:a3:69:87:c2:bf:5a:13:73:b4:be:12:5e: 4d:48:ec:c2:69:3a:6b:57:2e:c4:e8:e7:f8:77:66: dc:70:1a:e2:25:ff:8a:53:9c:cb:f3:d8:94:d3:2e: 62:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:2C:4E:A0:71:EC:A7:1B:DA:86:08:B2:B6:C3:07:57:8D:58:09:0E X509v3 Authority Key Identifier: keyid:D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.120.0/24 Signature Algorithm: sha256WithRSAEncryption 38:60:70:24:b7:e4:05:0d:04:8a:c0:71:4f:91:bc:dc:36:aa: 40:c0:4e:f6:80:af:fd:da:e1:a1:5e:32:44:af:87:fe:96:6d: f2:df:3a:6d:91:42:41:d4:1e:af:8d:1e:6f:d6:b0:e8:dc:6d: 88:5a:25:23:a3:dc:1a:15:33:ba:1c:4e:1d:67:57:22:26:7e: 8a:21:f9:5e:fc:f5:39:e9:a4:74:14:a3:d3:4e:ac:15:08:0f: c4:ea:4b:e6:6d:a1:c7:a9:15:a0:26:d1:f4:f6:84:47:6c:70: 52:56:61:15:1f:7f:85:2e:dc:fe:25:47:97:76:5f:06:cf:25: f4:9f:e0:70:3e:c7:bf:44:bb:23:14:00:9d:1a:e7:99:9d:8f: 7e:2c:19:e5:cc:be:d1:0c:1f:b1:26:96:fc:d0:f1:19:32:34: 14:0f:7e:69:fb:17:ea:4f:4a:3b:fe:32:87:73:54:5a:af:53: 91:8a:ca:66:a0:a0:8d:38:c4:75:c2:57:f6:d1:51:2c:78:7b: 75:b3:30:0c:57:94:48:49:84:9e:d9:10:4b:48:5e:f2:4c:62: 24:80:f6:88:a2:d1:81:c8:23:1d:9f:e4:83:47:29:2b:91:1b: 66:69:f8:a6:f3:6c:19:a9:ce:55:99:47:03:a3:5c:52:e0:b5: 13:ce:04:9f -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUTD+zqhWXDjgQTwMBf60LwoGGZ4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVB Q0YzMjM2ODAeFw0yNTAyMTMxNjM4NTZaFw0yNjAyMTIxNjQzNTZaMDMxMTAvBgNV BAMTKDE0MkM0RUEwNzFFQ0E3MUJEQTg2MDhCMkI2QzMwNzU3OEQ1ODA5MEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOrAvQ1Xdze5u26ZQRAfkFuLMz 30e5ba87SE8PviXw6ZvpK6TMkfeY0dmcv934NmdXIIHRcdNxejTbgdlA0GTOTW1b D87HX9naQqciNv9U2qDS3Qorij93kKr2nlu7KM2JceGovI1Eg0yuWiE3PjrdMi5Q v6J9SooKCLDvr9JU1lb0nvt2+9HjtC7e/N4vcaf2ZwyLUzZBa19ca/nOQTeIGegu AsjW2ucWnuyraOPlv2r7psJlxzhkEZoQ75/kXMiACs82LuLH5JGZpEXoVz5NVTd2 jqNph8K/WhNztL4SXk1I7MJpOmtXLsTo5/h3ZtxwGuIl/4pTnMvz2JTTLmKBAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUFCxOoHHspxvahgiytsMHV41YCQ4wHwYDVR0j BBgwFoAU14/lrocO8iH9lXdc/q/q1azzI2gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NjQ0MjYzYS04ZWUyLTRlZWMtYTgxMC01NzMzY2NhZjUxZTMvMC9ENzhGRTVBRTg3 MEVGMjIxRkQ5NTc3NUNGRUFGRUFENUFDRjMyMzY4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVBQ0Yz MjM2OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ2NDQyNjNhLThlZTItNGVlYy1h ODEwLTU3MzNjY2FmNTFlMy8wLzMxMzUzNzJlMzIzMDJlMzEzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRR4MA0GCSqG SIb3DQEBCwUAA4IBAQA4YHAkt+QFDQSKwHFPkbzcNqpAwE72gK/92uGhXjJEr4f+ lm3y3zptkUJB1B6vjR5v1rDo3G2IWiUjo9waFTO6HE4dZ1ciJn6KIfle/PU56aR0 FKPTTqwVCA/E6kvmbaHHqRWgJtH09oRHbHBSVmEVH3+FLtz+JUeXdl8GzyX0n+Bw Pse/RLsjFACdGueZnY9+LBnlzL7RDB+xJpb80PEZMjQUD35p+xfqT0o7/jKHc1Ra r1ORispmoKCNOMR1wlf20VEseHt1szAMV5RISYSe2RBLSF7yTGIkgPaIotGByCMd n+SDRykrkRtmafim82wZqc5VmUcDo1xS4LUTzgSf -----END CERTIFICATE-----Generated at Tue Apr 22 10:28:09 2025 by rpki-client