$ rpki-client -vvf repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32342d3234203d3e20313532343139.roa File: 3135372e32302e3230342e302f32342d3234203d3e20313532343139.roa (raw, json) Hash identifier: HCSa3r973/Cqu65vy60YFWZHCOJrXgAcromuT75gjNM= Subject key identifier: D1:9E:E7:B7:69:D7:83:BB:A1:41:0B:2D:85:9E:50:2B:2D:AE:3C:2F Certificate issuer: /CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B Certificate serial: 03F6EA9B89C8522E4C9B21062FB5D2A9510DDE7E Authority key identifier: 77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32342d3234203d3e20313532343139.roa Signing time: Wed 24 Apr 2024 19:07:49 +0000 ROA not before: Wed 24 Apr 2024 19:02:49 +0000 ROA not after: Wed 23 Apr 2025 19:07:49 +0000 asID: 152419 IP address blocks: 157.20.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.crl rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 22:39:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:f6:ea:9b:89:c8:52:2e:4c:9b:21:06:2f:b5:d2:a9:51:0d:de:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B Validity Not Before: Apr 24 19:02:49 2024 GMT Not After : Apr 23 19:07:49 2025 GMT Subject: CN=D19EE7B769D783BBA1410B2D859E502B2DAE3C2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:6a:8e:0f:38:41:49:17:3d:49:42:e2:42:66: 44:2f:3a:cb:eb:e0:0f:37:10:d6:df:7b:2d:e8:2a: a6:e6:4a:a8:5e:38:48:97:54:b9:c3:24:35:1c:3c: 29:13:dc:3c:6b:ba:35:39:8f:d1:26:c5:f1:c9:1f: 44:46:09:7a:ee:31:dd:76:90:79:db:18:31:c4:f4: 8a:1a:92:fb:7e:ee:37:b4:1d:33:6c:2b:2a:4e:d4: b8:2c:5e:67:88:54:98:24:05:5e:07:d3:35:9a:ad: ac:c4:5d:5e:6d:e0:7d:80:1c:af:6d:3d:66:b7:24: c4:54:cd:b4:40:70:c4:da:81:8f:46:e1:d9:a0:64: 48:a4:30:80:98:58:6d:55:26:db:f6:fa:c6:fb:4a: dc:e5:a0:c2:c1:ed:a4:d7:53:9b:48:fe:8c:c4:9c: 1a:78:98:47:f7:4e:e5:4b:f0:9e:01:c0:cc:cb:6c: c2:fd:d6:c1:7d:94:20:3a:30:e3:d4:51:49:89:1d: c8:9f:08:32:11:51:a6:71:ca:e5:64:12:60:85:ae: 57:d6:aa:09:45:50:72:50:13:ae:67:e9:c5:69:14: dc:65:47:96:8a:71:71:f8:74:ca:57:43:69:f4:89: 3a:16:9c:39:9d:b5:9a:23:dc:28:90:aa:03:86:a3: 7f:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:9E:E7:B7:69:D7:83:BB:A1:41:0B:2D:85:9E:50:2B:2D:AE:3C:2F X509v3 Authority Key Identifier: keyid:77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32342d3234203d3e20313532343139.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.204.0/24 Signature Algorithm: sha256WithRSAEncryption 29:9f:52:59:38:0d:8f:53:89:76:8a:74:20:eb:3e:1d:ab:17: 1c:43:e9:58:b6:ea:ff:43:f5:a6:bd:70:61:eb:0e:e1:a5:72: 9c:bb:13:f5:a1:3f:2a:6a:34:84:62:c4:bc:4a:df:7e:0f:e5: a8:14:37:ed:61:af:88:9a:2c:e0:20:95:3f:6b:33:e9:85:5b: 0c:fa:f5:6c:d4:2d:0a:78:a3:0a:25:da:03:a7:86:b0:c1:34: 12:2e:0c:54:c4:84:a9:91:85:78:7a:ab:f5:5f:00:7b:d8:30: 69:49:db:d6:3c:5c:8a:f5:79:ef:52:a1:54:1f:89:40:96:5f: 5c:29:44:ab:6c:91:10:97:c8:8f:31:a7:2a:c6:54:19:20:f8: b1:fd:e1:35:66:b0:ef:8b:36:46:ec:19:20:c2:ff:fa:80:af: f7:90:a1:cd:c8:aa:ff:58:76:3d:df:f0:95:b2:57:72:fc:d5: 9c:7c:ab:b0:78:a3:75:62:1d:68:a9:d0:63:cd:97:1d:b4:8d: 8b:6c:f7:e2:90:95:f9:0f:13:8f:56:b4:ad:49:5f:9b:cd:44: bd:55:69:b3:f4:fa:9c:b4:af:d3:81:82:0a:10:6b:49:35:95: c0:b5:35:3b:a5:91:ce:67:cb:79:fa:e6:de:fd:71:21:ef:63: 3b:81:a4:8a -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUA/bqm4nIUi5MmyEGL7XSqVEN3n4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIz NEZBMkQ4QjAeFw0yNDA0MjQxOTAyNDlaFw0yNTA0MjMxOTA3NDlaMDMxMTAvBgNV BAMTKEQxOUVFN0I3NjlENzgzQkJBMTQxMEIyRDg1OUU1MDJCMkRBRTNDMkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpao4POEFJFz1JQuJCZkQvOsvr 4A83ENbfey3oKqbmSqheOEiXVLnDJDUcPCkT3DxrujU5j9EmxfHJH0RGCXruMd12 kHnbGDHE9Ioakvt+7je0HTNsKypO1LgsXmeIVJgkBV4H0zWarazEXV5t4H2AHK9t PWa3JMRUzbRAcMTagY9G4dmgZEikMICYWG1VJtv2+sb7StzloMLB7aTXU5tI/ozE nBp4mEf3TuVL8J4BwMzLbML91sF9lCA6MOPUUUmJHcifCDIRUaZxyuVkEmCFrlfW qglFUHJQE65n6cVpFNxlR5aKcXH4dMpXQ2n0iToWnDmdtZoj3CiQqgOGo3+PAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU0Z7nt2nXg7uhQQsthZ5QKy2uPC8wHwYDVR0j BBgwFoAUd6zxj1MX56IC5YPDxZwiMjT6LYswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZDgyM2JiMy01YTAxLTQ2NTgtYTc4My1mOGU4OWZhZGNmNDUvMC83N0FDRjE4RjUz MTdFN0EyMDJFNTgzQzNDNTlDMjIzMjM0RkEyRDhCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIzNEZB MkQ4Qi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkODIzYmIzLTVhMDEtNDY1OC1h NzgzLWY4ZTg5ZmFkY2Y0NS8wLzMxMzUzNzJlMzIzMDJlMzIzMDM0MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTMMA0GCSqG SIb3DQEBCwUAA4IBAQApn1JZOA2PU4l2inQg6z4dqxccQ+lYtur/Q/WmvXBh6w7h pXKcuxP1oT8qajSEYsS8St9+D+WoFDftYa+ImizgIJU/azPphVsM+vVs1C0KeKMK JdoDp4awwTQSLgxUxISpkYV4eqv1XwB72DBpSdvWPFyK9XnvUqFUH4lAll9cKUSr bJEQl8iPMacqxlQZIPix/eE1ZrDvizZG7Bkgwv/6gK/3kKHNyKr/WHY93/CVsldy /NWcfKuweKN1Yh1oqdBjzZcdtI2LbPfikJX5DxOPVrStSV+bzUS9VWmz9PqctK/T gYIKEGtJNZXAtTU7pZHOZ8t5+ube/XEh72M7gaSK -----END CERTIFICATE-----Generated at Fri Nov 22 19:41:54 2024 by rpki-client on console-fra.rpki-client.org