$ rpki-client -vvf repo-rpki.idnic.net/repo/538c621d-05bc-4bcd-9657-cdf33860f21a/0/3230322e38332e3132302e302f32322d3234203d3e20313331373435.roa File: 3230322e38332e3132302e302f32322d3234203d3e20313331373435.roa (raw, json) Hash identifier: Ctn9Yisa6OnP3ScXQT5GVDtbqvcEhdIPhnJD0xSvFz0= Subject key identifier: 8B:4C:03:98:DC:CF:DF:C3:3E:87:BA:EB:42:88:F0:A0:EE:95:DD:9C Certificate issuer: /CN=A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A Certificate serial: 61909BFBA076C517905CAC10A69E0EBF1611D350 Authority key identifier: A6:6E:6F:78:7B:7D:E2:EA:2F:F1:C1:9F:30:DF:E2:21:5B:0B:EB:4A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/538c621d-05bc-4bcd-9657-cdf33860f21a/0/3230322e38332e3132302e302f32322d3234203d3e20313331373435.roa Signing time: Mon 02 Jun 2025 01:03:12 +0000 ROA not before: Mon 02 Jun 2025 00:58:12 +0000 ROA not after: Mon 01 Jun 2026 01:03:12 +0000 asID: 131745 IP address blocks: 202.83.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/538c621d-05bc-4bcd-9657-cdf33860f21a/0/A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A.crl rsync://repo-rpki.idnic.net/repo/538c621d-05bc-4bcd-9657-cdf33860f21a/0/A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:41:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:90:9b:fb:a0:76:c5:17:90:5c:ac:10:a6:9e:0e:bf:16:11:d3:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A Validity Not Before: Jun 2 00:58:12 2025 GMT Not After : Jun 1 01:03:12 2026 GMT Subject: CN=8B4C0398DCCFDFC33E87BAEB4288F0A0EE95DD9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:05:ae:f9:ac:56:24:66:4d:7d:fd:11:37:7b: 34:78:3b:68:26:c5:fd:7a:f6:a2:9b:b6:cb:d0:45: 9a:e8:76:89:bb:b2:34:83:81:f5:d5:bd:09:e1:8a: 69:e1:36:ba:cc:51:71:be:75:53:3f:31:ef:68:d8: a9:1a:32:59:a4:1d:92:ca:ff:df:31:a4:82:a1:44: 3d:35:92:21:fe:ac:1a:58:7d:22:15:53:93:9d:37: 79:89:36:bf:f7:e9:bb:4f:8d:3f:87:c4:76:c1:a4: 1e:d6:84:43:f3:8d:f0:67:2b:43:a8:a2:81:3f:be: ee:c4:51:72:ff:10:54:21:a0:ab:95:ef:9e:a8:60: aa:23:89:44:3f:fd:9c:38:cf:fa:59:e2:49:85:29: 81:45:cc:55:a1:0f:cc:bc:15:04:6e:b1:96:45:d3: 6c:f9:6f:4b:41:30:cf:c2:4b:18:1c:ed:5d:e9:29: 39:fc:dd:72:7b:6c:18:1b:5c:d0:c6:9e:9a:30:c3: 1f:78:b0:26:33:37:9a:e6:d5:97:d0:b9:57:77:eb: 91:61:55:10:ac:56:22:43:49:66:c5:8b:ec:24:ed: d5:10:7f:b7:fe:98:06:59:11:62:19:b4:f4:de:7b: f4:24:95:84:58:ca:38:74:1b:fc:59:d2:0e:3e:92: 2c:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:4C:03:98:DC:CF:DF:C3:3E:87:BA:EB:42:88:F0:A0:EE:95:DD:9C X509v3 Authority Key Identifier: keyid:A6:6E:6F:78:7B:7D:E2:EA:2F:F1:C1:9F:30:DF:E2:21:5B:0B:EB:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/538c621d-05bc-4bcd-9657-cdf33860f21a/0/A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A66E6F787B7DE2EA2FF1C19F30DFE2215B0BEB4A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/538c621d-05bc-4bcd-9657-cdf33860f21a/0/3230322e38332e3132302e302f32322d3234203d3e20313331373435.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.83.120.0/22 Signature Algorithm: sha256WithRSAEncryption 59:2c:4e:18:40:9d:c6:54:ac:b2:ce:39:40:e5:ba:ab:c6:ff: be:13:21:9c:b0:12:3c:b1:0f:f5:8c:d2:c8:25:f3:35:8e:69: 92:40:47:c4:f9:26:ef:cf:7e:ce:fd:0c:bf:16:dd:3d:7c:8f: 38:5c:f9:05:8b:91:51:7f:a7:21:eb:ee:60:13:95:fb:38:21: 9d:4c:20:11:b7:a7:f5:9c:b6:d2:5b:a3:da:f6:89:75:f5:ca: 16:d9:00:d5:c7:22:b9:ac:f0:e5:fd:3b:f2:4c:a4:1f:e5:e7: 59:54:d4:a5:52:fc:9c:d3:e7:03:5d:ea:13:cc:66:1e:68:49: c0:67:14:7a:d2:d1:6c:2c:0c:75:7e:5f:53:4d:0d:e5:f8:1d: 3d:3b:fb:4f:17:37:30:25:9a:3e:08:ae:1e:f5:5e:6c:26:ba: ac:af:a5:90:27:b1:b3:c9:13:c2:81:83:9e:91:7d:96:59:ba: a1:50:f3:8f:61:48:74:f4:10:20:27:e2:a8:a5:2d:a6:8d:97: 95:38:79:e1:c8:3b:6c:af:19:0f:9f:78:44:79:15:2d:e3:36: b0:0c:ce:52:04:10:be:d6:79:64:3a:e0:9e:ff:da:6e:56:8f: ed:43:31:7d:a8:54:5d:fc:cb:ba:81:d0:c8:49:f6:a3:e4:df: 0b:85:25:20 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUYZCb+6B2xReQXKwQpp4OvxYR01AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTY2RTZGNzg3QjdERTJFQTJGRjFDMTlGMzBERkUyMjE1 QjBCRUI0QTAeFw0yNTA2MDIwMDU4MTJaFw0yNjA2MDEwMTAzMTJaMDMxMTAvBgNV BAMTKDhCNEMwMzk4RENDRkRGQzMzRTg3QkFFQjQyODhGMEEwRUU5NUREOUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvBa75rFYkZk19/RE3ezR4O2gm xf169qKbtsvQRZrodom7sjSDgfXVvQnhimnhNrrMUXG+dVM/Me9o2KkaMlmkHZLK /98xpIKhRD01kiH+rBpYfSIVU5OdN3mJNr/36btPjT+HxHbBpB7WhEPzjfBnK0Oo ooE/vu7EUXL/EFQhoKuV756oYKojiUQ//Zw4z/pZ4kmFKYFFzFWhD8y8FQRusZZF 02z5b0tBMM/CSxgc7V3pKTn83XJ7bBgbXNDGnpowwx94sCYzN5rm1ZfQuVd365Fh VRCsViJDSWbFi+wk7dUQf7f+mAZZEWIZtPTee/QklYRYyjh0G/xZ0g4+kizpAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUi0wDmNzP38M+h7rrQojwoO6V3ZwwHwYDVR0j BBgwFoAUpm5veHt94uov8cGfMN/iIVsL60owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 MzhjNjIxZC0wNWJjLTRiY2QtOTY1Ny1jZGYzMzg2MGYyMWEvMC9BNjZFNkY3ODdC N0RFMkVBMkZGMUMxOUYzMERGRTIyMTVCMEJFQjRBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQTY2RTZGNzg3QjdERTJFQTJGRjFDMTlGMzBERkUyMjE1QjBC RUI0QS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzUzOGM2MjFkLTA1YmMtNGJjZC05 NjU3LWNkZjMzODYwZjIxYS8wLzMyMzAzMjJlMzgzMzJlMzEzMjMwMmUzMDJmMzIz MjJkMzIzNDIwM2QzZTIwMzEzMzMxMzczNDM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCylN4MA0GCSqG SIb3DQEBCwUAA4IBAQBZLE4YQJ3GVKyyzjlA5bqrxv++EyGcsBI8sQ/1jNLIJfM1 jmmSQEfE+Sbvz37O/Qy/Ft09fI84XPkFi5FRf6ch6+5gE5X7OCGdTCARt6f1nLbS W6Pa9ol19coW2QDVxyK5rPDl/TvyTKQf5edZVNSlUvyc0+cDXeoTzGYeaEnAZxR6 0tFsLAx1fl9TTQ3l+B09O/tPFzcwJZo+CK4e9V5sJrqsr6WQJ7GzyRPCgYOekX2W WbqhUPOPYUh09BAgJ+KopS2mjZeVOHnhyDtsrxkPn3hEeRUt4zawDM5SBBC+1nlk OuCe/9puVo/tQzF9qFRd/Mu6gdDISfaj5N8LhSUg -----END CERTIFICATE-----Generated at Fri Jun 6 16:50:39 2025 by rpki-client