$ rpki-client -vvf repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132312e302f32342d3234203d3e20313532343133.roa File: 3135372e32302e3132312e302f32342d3234203d3e20313532343133.roa (raw, json) Hash identifier: J+HA2voObMJkLTe14IHtv1+pBD6tmTWcTW3nQp6DPrc= Subject key identifier: 5C:3C:B4:A4:CC:C3:FE:A7:30:5F:02:24:54:A4:4C:53:02:70:97:2F Certificate issuer: /CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Certificate serial: 3B212B891738A3513E6763B3FB84EE9D203844CC Authority key identifier: D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132312e302f32342d3234203d3e20313532343133.roa Signing time: Thu 13 Feb 2025 16:44:36 +0000 ROA not before: Thu 13 Feb 2025 16:39:36 +0000 ROA not after: Thu 12 Feb 2026 16:44:36 +0000 asID: 152413 IP address blocks: 157.20.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 24 Feb 2025 00:07:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:21:2b:89:17:38:a3:51:3e:67:63:b3:fb:84:ee:9d:20:38:44:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Validity Not Before: Feb 13 16:39:36 2025 GMT Not After : Feb 12 16:44:36 2026 GMT Subject: CN=5C3CB4A4CCC3FEA7305F022454A44C530270972F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a8:be:3d:18:c1:7a:63:64:b6:e1:e8:5c:ba: 79:b0:d5:0e:75:3f:9e:30:5c:f9:e3:26:51:ce:25: cc:7c:51:35:9c:fe:7d:78:67:c5:ac:69:06:03:fe: 35:b8:4a:fa:89:84:13:f4:a4:20:05:fa:9a:f5:c6: eb:ea:5b:1d:a5:6c:62:ea:3f:8e:ac:51:c2:df:a8: c2:92:5d:c3:c9:b2:e0:b8:2c:1d:76:f5:3c:4a:b3: 7d:cb:47:0f:d1:bf:e3:3b:b3:a1:0b:76:92:1e:13: e7:f5:63:32:2c:57:42:b1:65:2c:65:63:14:10:b3: 2d:e2:6d:d9:fd:38:a8:c4:94:91:0c:11:a3:0d:1f: 03:66:87:93:8d:25:29:0b:f6:9f:60:55:0e:6f:b3: ca:b6:95:c8:a3:c7:1c:61:d0:65:3c:9c:06:12:63: d5:29:47:9d:8f:58:ba:a9:f2:3f:a8:f9:3d:b8:5b: d5:c8:f2:fa:a2:4e:f7:6c:45:c6:86:70:fe:f5:68: 32:b5:d7:a1:23:3d:4a:2c:dd:29:ff:c4:fd:fd:a8: 2f:0e:f4:f6:41:d6:ed:f3:ec:3a:1f:18:d4:37:1f: 99:c1:b8:e2:73:d6:b4:30:3a:80:7c:e2:00:eb:00: 70:a0:ef:7b:d0:4e:3f:5f:0e:e7:1b:af:5b:23:3d: 8d:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:3C:B4:A4:CC:C3:FE:A7:30:5F:02:24:54:A4:4C:53:02:70:97:2F X509v3 Authority Key Identifier: keyid:D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132312e302f32342d3234203d3e20313532343133.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.121.0/24 Signature Algorithm: sha256WithRSAEncryption 5a:32:df:39:9c:d8:64:79:d8:b6:e1:2c:04:33:be:ad:47:a7: 44:b6:7e:12:21:39:e7:37:2d:86:8e:f2:4a:5a:49:00:d6:bd: 19:a0:3a:ee:9f:d2:87:c3:80:9c:85:7e:3c:92:6c:a0:96:df: ac:d2:e2:d3:0c:8e:a8:79:a8:45:89:90:ec:fa:73:72:c1:b9: 75:29:ea:a0:2e:69:c2:22:7e:10:da:6b:47:9c:8f:3b:ca:8c: f6:62:ed:57:d6:20:05:a1:56:63:7c:17:80:74:28:af:db:6c: 06:ce:21:ef:cb:53:60:63:9c:49:f5:59:fe:14:64:f5:db:12: 8e:34:95:93:09:f9:c8:9f:f6:32:22:f6:e4:0e:cf:2d:20:2b: 94:d0:0e:2d:c1:6c:c9:40:bc:7b:39:77:67:7b:30:cc:77:ea: 98:18:89:a2:39:c7:3f:e1:80:e9:34:61:b8:62:12:ca:87:38: 9b:d5:38:b3:75:37:a6:2f:34:ad:cf:24:44:82:b8:0f:55:98: f1:db:20:48:01:12:91:b2:53:7e:53:78:e2:a9:20:23:56:0e: 0c:63:82:71:69:13:95:78:53:d9:dd:0c:41:f0:e2:b5:e3:af: 3a:20:39:a4:e1:ef:b4:e2:39:dc:2f:76:82:da:a6:78:87:1d: 6f:c5:95:4e -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUOyEriRc4o1E+Z2Oz+4TunSA4RMwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVB Q0YzMjM2ODAeFw0yNTAyMTMxNjM5MzZaFw0yNjAyMTIxNjQ0MzZaMDMxMTAvBgNV BAMTKDVDM0NCNEE0Q0NDM0ZFQTczMDVGMDIyNDU0QTQ0QzUzMDI3MDk3MkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDqL49GMF6Y2S24ehcunmw1Q51 P54wXPnjJlHOJcx8UTWc/n14Z8WsaQYD/jW4SvqJhBP0pCAF+pr1xuvqWx2lbGLq P46sUcLfqMKSXcPJsuC4LB129TxKs33LRw/Rv+M7s6ELdpIeE+f1YzIsV0KxZSxl YxQQsy3ibdn9OKjElJEMEaMNHwNmh5ONJSkL9p9gVQ5vs8q2lcijxxxh0GU8nAYS Y9UpR52PWLqp8j+o+T24W9XI8vqiTvdsRcaGcP71aDK116EjPUos3Sn/xP39qC8O 9PZB1u3z7DofGNQ3H5nBuOJz1rQwOoB84gDrAHCg73vQTj9fDucbr1sjPY1TAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUXDy0pMzD/qcwXwIkVKRMUwJwly8wHwYDVR0j BBgwFoAU14/lrocO8iH9lXdc/q/q1azzI2gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NjQ0MjYzYS04ZWUyLTRlZWMtYTgxMC01NzMzY2NhZjUxZTMvMC9ENzhGRTVBRTg3 MEVGMjIxRkQ5NTc3NUNGRUFGRUFENUFDRjMyMzY4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVBQ0Yz MjM2OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ2NDQyNjNhLThlZTItNGVlYy1h ODEwLTU3MzNjY2FmNTFlMy8wLzMxMzUzNzJlMzIzMDJlMzEzMjMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRR5MA0GCSqG SIb3DQEBCwUAA4IBAQBaMt85nNhkedi24SwEM76tR6dEtn4SITnnNy2GjvJKWkkA 1r0ZoDrun9KHw4CchX48kmyglt+s0uLTDI6oeahFiZDs+nNywbl1KeqgLmnCIn4Q 2mtHnI87yoz2Yu1X1iAFoVZjfBeAdCiv22wGziHvy1NgY5xJ9Vn+FGT12xKONJWT CfnIn/YyIvbkDs8tICuU0A4twWzJQLx7OXdnezDMd+qYGImiOcc/4YDpNGG4YhLK hzib1TizdTemLzStzyREgrgPVZjx2yBIARKRslN+U3jiqSAjVg4MY4JxaROVeFPZ 3QxB8OK14686IDmk4e+04jncL3aC2qZ4hx1vxZVO -----END CERTIFICATE-----Generated at Sat Feb 22 04:58:16 2025 by rpki-client