$ rpki-client -vvf repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa File: 3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa (raw, json) Hash identifier: mBt52f39yB2WTMjY8yTiBWW7j1vK6aWMbOkMPXZ1lgU= Subject key identifier: FC:F0:10:4B:A6:F0:2D:18:5F:5F:A1:DD:BD:D8:00:18:36:F8:C2:E2 Certificate issuer: /CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B Certificate serial: 33BE1BFC253ADE7EC4E7CE8DE80B7D7C5A8403E8 Authority key identifier: 77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa Signing time: Wed 08 Jan 2025 10:59:22 +0000 ROA not before: Wed 08 Jan 2025 10:54:22 +0000 ROA not after: Wed 07 Jan 2026 10:59:22 +0000 asID: 152419 IP address blocks: 157.20.204.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.crl rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 05:27:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:be:1b:fc:25:3a:de:7e:c4:e7:ce:8d:e8:0b:7d:7c:5a:84:03:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B Validity Not Before: Jan 8 10:54:22 2025 GMT Not After : Jan 7 10:59:22 2026 GMT Subject: CN=FCF0104BA6F02D185F5FA1DDBDD8001836F8C2E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a1:44:b7:6c:d3:93:ba:b9:86:18:9e:df:63: b6:75:27:de:75:dd:20:28:ac:f9:c2:47:d3:74:b9: c5:1d:71:9f:c1:58:99:77:06:fb:32:a2:5c:5b:c3: ed:82:dc:ec:61:69:7d:51:2b:ec:42:33:03:b3:f8: 0c:fb:5a:b6:f6:e4:8c:e1:86:23:a5:71:95:18:ea: 4e:3f:b9:5d:5d:44:65:88:d3:fd:4f:6b:e6:11:c2: 2d:5a:78:99:c5:3f:1e:d9:15:45:f6:66:67:20:81: f8:71:ed:7a:72:9d:01:92:6c:b2:1b:36:8e:93:db: c1:f5:71:8d:b5:c0:76:5e:47:9b:2d:6d:bc:4d:0e: 34:ed:20:a7:d8:9b:be:d4:73:5d:49:69:ba:65:b3: 24:16:61:92:28:0c:11:88:7b:19:45:14:70:5e:69: 96:88:42:12:b9:dc:5d:b4:ef:16:70:af:c6:04:a4: d5:50:7f:b3:2b:9b:34:5e:9d:3d:95:66:1c:a1:9c: 89:45:aa:06:b4:fb:9e:56:9b:d6:99:68:3b:d0:f2: b8:a2:5c:b3:f7:a8:db:e2:b3:52:25:08:64:73:8a: c9:7f:f3:f8:9e:40:d8:56:0e:1e:9a:fa:1f:bb:fd: 0b:48:b0:1d:8f:4d:7a:10:10:5b:06:a4:ac:74:41: 11:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:F0:10:4B:A6:F0:2D:18:5F:5F:A1:DD:BD:D8:00:18:36:F8:C2:E2 X509v3 Authority Key Identifier: keyid:77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.204.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:ba:58:c7:0b:b4:94:21:17:bc:04:84:c9:7d:c5:10:f1:f2: e1:3c:02:f2:84:4c:3f:24:e1:6c:27:a7:0c:d6:25:5f:5c:f9: 81:8a:f0:98:ec:dc:34:3b:2f:c5:45:2b:42:e2:60:14:04:2b: a2:f3:04:9e:5a:76:2b:0a:d4:0c:c8:ca:4b:1e:06:d1:48:42: 0d:95:63:0a:ac:dd:8b:22:46:6a:90:18:da:76:0e:95:39:40: ac:02:d3:4d:e1:38:44:7c:4d:41:ba:98:28:8e:98:e4:46:71: d6:21:5e:ed:f2:20:3b:d8:18:bc:6d:a1:87:96:6d:13:be:7d: 47:ac:0e:2d:c6:fd:20:4e:88:c5:c7:27:19:03:3c:4e:36:2b: 76:34:17:a0:e1:c8:01:b3:d2:eb:7f:f4:78:fe:7c:e9:75:c7: af:23:6d:a7:99:8c:b7:5d:94:1e:cf:80:95:3f:5f:45:fc:13: d9:4b:93:40:f0:0c:3c:e1:ee:65:54:8d:5d:ca:25:90:2d:9e: 46:9c:7b:6d:d1:e6:4b:06:92:54:5a:12:48:56:51:f6:c9:b1: 5f:07:a5:69:06:44:08:4a:9f:1d:23:b3:c3:5d:77:1a:e1:78: 1b:47:8c:d0:61:91:9a:6d:d7:62:8b:d3:ae:c5:f7:d7:68:f5: 0b:5f:b9:d3 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUM74b/CU63n7E586N6At9fFqEA+gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIz NEZBMkQ4QjAeFw0yNTAxMDgxMDU0MjJaFw0yNjAxMDcxMDU5MjJaMDMxMTAvBgNV BAMTKEZDRjAxMDRCQTZGMDJEMTg1RjVGQTFEREJERDgwMDE4MzZGOEMyRTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFoUS3bNOTurmGGJ7fY7Z1J951 3SAorPnCR9N0ucUdcZ/BWJl3Bvsyolxbw+2C3OxhaX1RK+xCMwOz+Az7Wrb25Izh hiOlcZUY6k4/uV1dRGWI0/1Pa+YRwi1aeJnFPx7ZFUX2Zmcggfhx7XpynQGSbLIb No6T28H1cY21wHZeR5stbbxNDjTtIKfYm77Uc11JabplsyQWYZIoDBGIexlFFHBe aZaIQhK53F207xZwr8YEpNVQf7MrmzRenT2VZhyhnIlFqga0+55Wm9aZaDvQ8rii XLP3qNvis1IlCGRzisl/8/ieQNhWDh6a+h+7/QtIsB2PTXoQEFsGpKx0QRGPAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU/PAQS6bwLRhfX6HdvdgAGDb4wuIwHwYDVR0j BBgwFoAUd6zxj1MX56IC5YPDxZwiMjT6LYswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZDgyM2JiMy01YTAxLTQ2NTgtYTc4My1mOGU4OWZhZGNmNDUvMC83N0FDRjE4RjUz MTdFN0EyMDJFNTgzQzNDNTlDMjIzMjM0RkEyRDhCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIzNEZB MkQ4Qi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkODIzYmIzLTVhMDEtNDY1OC1h NzgzLWY4ZTg5ZmFkY2Y0NS8wLzMxMzUzNzJlMzIzMDJlMzIzMDM0MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRTMMA0GCSqG SIb3DQEBCwUAA4IBAQB8uljHC7SUIRe8BITJfcUQ8fLhPALyhEw/JOFsJ6cM1iVf XPmBivCY7Nw0Oy/FRStC4mAUBCui8wSeWnYrCtQMyMpLHgbRSEINlWMKrN2LIkZq kBjadg6VOUCsAtNN4ThEfE1BupgojpjkRnHWIV7t8iA72Bi8baGHlm0Tvn1HrA4t xv0gTojFxycZAzxONit2NBeg4cgBs9Lrf/R4/nzpdcevI22nmYy3XZQez4CVP19F /BPZS5NA8Aw84e5lVI1dyiWQLZ5GnHtt0eZLBpJUWhJIVlH2ybFfB6VpBkQISp8d I7PDXXca4XgbR4zQYZGabddii9OuxffXaPULX7nT -----END CERTIFICATE-----Generated at Fri Apr 18 20:15:46 2025 by rpki-client