$ rpki-client -vvf repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230352e302f32342d3234203d3e20313532343139.roa File: 3135372e32302e3230352e302f32342d3234203d3e20313532343139.roa (raw, json) Hash identifier: /NxPixPZ4/lx00vStZyB+r5pGi8T3N6pS+5lX+PZX/w= Subject key identifier: 98:69:43:0B:A0:4B:56:87:75:6F:F8:1B:F0:BF:C9:DC:95:70:2B:09 Certificate issuer: /CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B Certificate serial: 6A66FC47C6AEFDDF00345776A4C3281B0849ECD3 Authority key identifier: 77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230352e302f32342d3234203d3e20313532343139.roa Signing time: Wed 24 Apr 2024 19:08:49 +0000 ROA not before: Wed 24 Apr 2024 19:03:49 +0000 ROA not after: Wed 23 Apr 2025 19:08:49 +0000 asID: 152419 IP address blocks: 157.20.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.crl rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:66:fc:47:c6:ae:fd:df:00:34:57:76:a4:c3:28:1b:08:49:ec:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B Validity Not Before: Apr 24 19:03:49 2024 GMT Not After : Apr 23 19:08:49 2025 GMT Subject: CN=9869430BA04B5687756FF81BF0BFC9DC95702B09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:bd:44:34:14:d8:c4:c0:f0:85:0d:5b:c2:22: c3:ca:bc:fc:c9:5a:89:eb:b3:2d:ff:c3:5e:6b:fc: c4:4f:66:2c:fa:de:28:11:22:bb:5b:ef:1c:44:19: 5b:eb:2b:17:24:ad:5f:47:85:d1:7f:c4:08:d8:a6: ca:1b:2b:d8:80:ca:76:c3:e2:71:75:d1:e9:14:66: f3:d0:9f:04:68:46:12:ff:b0:d7:4b:a1:e5:19:f4: ef:08:3a:42:ef:8d:71:99:8c:c5:63:6e:0b:6d:9d: 8d:bf:32:ae:49:74:79:70:59:a1:ed:df:b5:9d:d5: f4:1a:9c:c4:ac:4a:3b:03:66:52:84:aa:09:25:11: 40:40:2b:6a:fd:a5:ec:a1:21:44:15:40:ae:9a:15: 22:4b:ab:18:71:11:3c:46:c5:0c:38:54:d4:ca:e0: 91:0a:7d:e3:38:64:0a:3a:20:9a:13:41:34:e9:03: f7:88:9c:3a:16:b7:9f:12:e5:de:3d:e2:80:a9:94: f1:a5:d3:75:1f:8b:b7:8b:1e:8d:88:39:c2:22:c3: c5:55:02:c3:3b:99:8c:31:55:ed:4f:97:d8:27:6c: 08:69:7e:4a:f3:c1:2d:a2:45:19:a1:ae:5a:27:73: e1:4a:e1:15:07:15:65:8e:ea:c2:61:08:5b:12:ec: b9:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:69:43:0B:A0:4B:56:87:75:6F:F8:1B:F0:BF:C9:DC:95:70:2B:09 X509v3 Authority Key Identifier: keyid:77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230352e302f32342d3234203d3e20313532343139.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.205.0/24 Signature Algorithm: sha256WithRSAEncryption aa:8f:00:85:28:44:52:6a:bf:50:ef:40:a6:97:96:f0:a8:11: f0:b9:ee:ca:da:40:db:08:4c:7f:52:18:8b:e4:46:9c:90:78: 51:ac:6c:b3:4b:26:11:96:91:85:59:e6:35:f4:71:18:5d:7b: e7:70:7d:5f:ed:0c:e1:22:4a:49:16:9e:00:61:74:42:bf:f7: b0:c1:3b:7c:54:5d:f7:f1:43:01:47:b4:c4:b0:e2:a3:2b:53: 13:c6:79:cf:e2:aa:c3:e7:a7:92:1c:e1:a0:9d:21:21:1c:f1: 97:eb:22:f0:9d:44:98:1d:bf:3f:94:2a:fc:c1:01:17:e9:62: 8a:e4:d8:a4:f0:79:29:6d:92:f8:b2:a7:b3:60:48:41:e1:68: a2:eb:d5:d3:fa:76:ea:ce:a8:dc:11:ca:53:b9:8f:e0:f0:d1: 2b:2b:a6:b9:9b:bd:05:d5:13:08:b5:e0:b8:89:b9:16:ce:1b: 45:cd:73:e4:91:bd:a1:c6:49:55:1c:2a:79:36:2f:8b:77:6a: 5f:b6:11:05:45:a3:00:d6:36:a2:ad:63:cd:9f:f4:d6:0c:b6: de:42:21:50:72:a8:f8:f2:9c:84:1a:5c:4a:a0:bd:d5:0d:8b: 50:b4:ae:f3:bd:15:2c:74:0c:88:2b:4f:db:54:89:4f:ec:87: cf:04:f9:b6 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUamb8R8au/d8ANFd2pMMoGwhJ7NMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIz NEZBMkQ4QjAeFw0yNDA0MjQxOTAzNDlaFw0yNTA0MjMxOTA4NDlaMDMxMTAvBgNV BAMTKDk4Njk0MzBCQTA0QjU2ODc3NTZGRjgxQkYwQkZDOURDOTU3MDJCMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKvUQ0FNjEwPCFDVvCIsPKvPzJ Wonrsy3/w15r/MRPZiz63igRIrtb7xxEGVvrKxckrV9HhdF/xAjYpsobK9iAynbD 4nF10ekUZvPQnwRoRhL/sNdLoeUZ9O8IOkLvjXGZjMVjbgttnY2/Mq5JdHlwWaHt 37Wd1fQanMSsSjsDZlKEqgklEUBAK2r9peyhIUQVQK6aFSJLqxhxETxGxQw4VNTK 4JEKfeM4ZAo6IJoTQTTpA/eInDoWt58S5d494oCplPGl03Ufi7eLHo2IOcIiw8VV AsM7mYwxVe1Pl9gnbAhpfkrzwS2iRRmhrlonc+FK4RUHFWWO6sJhCFsS7LnFAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUmGlDC6BLVod1b/gb8L/J3JVwKwkwHwYDVR0j BBgwFoAUd6zxj1MX56IC5YPDxZwiMjT6LYswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZDgyM2JiMy01YTAxLTQ2NTgtYTc4My1mOGU4OWZhZGNmNDUvMC83N0FDRjE4RjUz MTdFN0EyMDJFNTgzQzNDNTlDMjIzMjM0RkEyRDhCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIzNEZB MkQ4Qi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkODIzYmIzLTVhMDEtNDY1OC1h NzgzLWY4ZTg5ZmFkY2Y0NS8wLzMxMzUzNzJlMzIzMDJlMzIzMDM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTNMA0GCSqG SIb3DQEBCwUAA4IBAQCqjwCFKERSar9Q70Cml5bwqBHwue7K2kDbCEx/UhiL5Eac kHhRrGyzSyYRlpGFWeY19HEYXXvncH1f7QzhIkpJFp4AYXRCv/ewwTt8VF338UMB R7TEsOKjK1MTxnnP4qrD56eSHOGgnSEhHPGX6yLwnUSYHb8/lCr8wQEX6WKK5Nik 8HkpbZL4sqezYEhB4Wii69XT+nbqzqjcEcpTuY/g8NErK6a5m70F1RMIteC4ibkW zhtFzXPkkb2hxklVHCp5Ni+Ld2pfthEFRaMA1jairWPNn/TWDLbeQiFQcqj48pyE GlxKoL3VDYtQtK7zvRUsdAyIK0/bVIlP7IfPBPm2 -----END CERTIFICATE-----Generated at Wed Nov 20 18:41:50 2024 by rpki-client on console-fra.rpki-client.org