$ rpki-client -vvf repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/3136302e32322e3130312e302f32342d3234203d3e20313532383039.roa File: 3136302e32322e3130312e302f32342d3234203d3e20313532383039.roa (raw, json) Hash identifier: mizXQiZMhSS2dg4DmWjoCSbZiybtKsfGNPxNOZ0yF9I= Subject key identifier: 33:BA:9A:9A:41:C9:B6:34:88:E0:C7:13:6F:12:38:D7:96:C0:CF:7A Certificate issuer: /CN=DCD5207AC33E109E31052BBB7F811DBF6DA180BB Certificate serial: 41D411CEC15DF9C02F775D5B87A287689EE47255 Authority key identifier: DC:D5:20:7A:C3:3E:10:9E:31:05:2B:BB:7F:81:1D:BF:6D:A1:80:BB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/3136302e32322e3130312e302f32342d3234203d3e20313532383039.roa Signing time: Fri 10 Jan 2025 03:18:31 +0000 ROA not before: Fri 10 Jan 2025 03:13:31 +0000 ROA not after: Fri 09 Jan 2026 03:18:31 +0000 asID: 152809 IP address blocks: 160.22.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.crl rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 01:20:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:d4:11:ce:c1:5d:f9:c0:2f:77:5d:5b:87:a2:87:68:9e:e4:72:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DCD5207AC33E109E31052BBB7F811DBF6DA180BB Validity Not Before: Jan 10 03:13:31 2025 GMT Not After : Jan 9 03:18:31 2026 GMT Subject: CN=33BA9A9A41C9B63488E0C7136F1238D796C0CF7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f1:19:1b:25:ca:02:30:c6:c2:d2:9a:aa:23: 71:62:bb:6c:65:5d:5b:1f:b4:c1:62:3c:03:4b:4a: 4a:4b:3f:7a:2d:50:a3:05:8f:bf:a3:24:4f:57:45: 2c:d2:22:c2:93:66:39:11:91:f4:ba:22:4d:69:f4: 1f:bb:cc:f9:5d:b9:2f:5c:f6:7a:7d:73:7a:30:51: 01:7f:b6:84:b5:e7:02:70:9f:11:0a:3a:80:73:b4: 42:ce:e8:11:23:ef:09:ff:cc:0a:38:b1:d1:e6:fc: 89:8f:d5:b4:03:55:fd:4c:0d:02:e5:9e:9a:00:1c: 87:46:ad:3b:37:bc:d8:fb:32:b0:46:7d:a9:07:ca: 7b:89:23:92:8e:cf:05:38:41:c2:10:08:02:b7:52: 4e:b5:dd:ab:71:64:ab:b6:ef:76:99:bf:3d:78:af: b3:38:bc:92:e2:73:63:f0:36:52:79:f9:88:9e:64: d5:97:e3:30:2e:dd:cb:0b:f7:8b:07:af:1b:40:f6: e4:dd:8f:94:74:30:73:e5:83:65:6e:37:0e:48:90: 45:94:d4:1c:37:ed:54:49:e2:d5:81:52:34:be:71: fc:eb:04:a0:8a:05:75:ef:52:00:04:9f:4e:05:51: 6f:f7:46:93:69:0b:42:f6:79:0a:be:c2:e4:d2:3e: 98:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:BA:9A:9A:41:C9:B6:34:88:E0:C7:13:6F:12:38:D7:96:C0:CF:7A X509v3 Authority Key Identifier: keyid:DC:D5:20:7A:C3:3E:10:9E:31:05:2B:BB:7F:81:1D:BF:6D:A1:80:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/3136302e32322e3130312e302f32342d3234203d3e20313532383039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.101.0/24 Signature Algorithm: sha256WithRSAEncryption a7:16:5e:eb:93:ec:2e:a5:8a:32:87:56:25:67:2b:5c:b1:0e: 89:4c:71:77:43:41:73:72:a1:10:50:ef:42:fd:d0:93:6c:91: 68:02:39:68:5a:da:36:14:d9:f1:f7:87:86:ad:c3:03:1b:bd: 78:96:28:46:81:d2:34:7f:c3:a4:4b:70:51:c0:a9:7b:80:e3: 13:de:86:70:0b:b0:6e:cb:9a:71:95:a3:5a:84:b2:8c:81:46: 26:5c:ce:98:09:8d:60:79:37:ed:b1:1c:4d:f1:e5:be:5b:5e: b6:e7:14:b5:9c:05:74:88:47:5b:a9:70:e9:31:87:27:97:ff: 49:c1:3a:60:c6:3c:0f:b5:dd:0d:2b:41:79:81:32:d5:00:59: 2f:b3:74:ed:eb:d9:b3:ab:34:7b:12:be:22:42:5f:03:41:c5: d1:8c:6e:47:17:fc:1a:e6:7d:f0:5b:44:25:84:ec:f3:48:cb: de:53:29:5f:2f:1f:4f:93:55:00:bf:a1:bd:af:9f:a3:f8:ea: f2:00:26:5a:25:6a:ca:0f:b7:2a:90:a3:ae:b0:9a:3f:53:cc: 4e:7a:1c:06:b1:1f:ca:9d:b3:7a:9b:21:6c:cb:98:19:90:34: 23:97:f8:7d:63:84:5a:0f:ed:c9:4b:dd:1d:d8:f3:04:0a:0e: 28:cf:74:88 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUQdQRzsFd+cAvd11bh6KHaJ7kclUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRENENTIwN0FDMzNFMTA5RTMxMDUyQkJCN0Y4MTFEQkY2 REExODBCQjAeFw0yNTAxMTAwMzEzMzFaFw0yNjAxMDkwMzE4MzFaMDMxMTAvBgNV BAMTKDMzQkE5QTlBNDFDOUI2MzQ4OEUwQzcxMzZGMTIzOEQ3OTZDMENGN0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk8RkbJcoCMMbC0pqqI3Fiu2xl XVsftMFiPANLSkpLP3otUKMFj7+jJE9XRSzSIsKTZjkRkfS6Ik1p9B+7zPlduS9c 9np9c3owUQF/toS15wJwnxEKOoBztELO6BEj7wn/zAo4sdHm/ImP1bQDVf1MDQLl npoAHIdGrTs3vNj7MrBGfakHynuJI5KOzwU4QcIQCAK3Uk613atxZKu273aZvz14 r7M4vJLic2PwNlJ5+YieZNWX4zAu3csL94sHrxtA9uTdj5R0MHPlg2VuNw5IkEWU 1Bw37VRJ4tWBUjS+cfzrBKCKBXXvUgAEn04FUW/3RpNpC0L2eQq+wuTSPph1AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUM7qamkHJtjSI4McTbxI415bAz3owHwYDVR0j BBgwFoAU3NUgesM+EJ4xBSu7f4Edv22hgLswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZDhlZjExOS03ZGRmLTQ1ZTUtODYzNC0zOGI3NzI1OGNiY2MvMC9EQ0Q1MjA3QUMz M0UxMDlFMzEwNTJCQkI3RjgxMURCRjZEQTE4MEJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRENENTIwN0FDMzNFMTA5RTMxMDUyQkJCN0Y4MTFEQkY2REEx ODBCQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkOGVmMTE5LTdkZGYtNDVlNS04 NjM0LTM4Yjc3MjU4Y2JjYy8wLzMxMzYzMDJlMzIzMjJlMzEzMDMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzgzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBZlMA0GCSqG SIb3DQEBCwUAA4IBAQCnFl7rk+wupYoyh1YlZytcsQ6JTHF3Q0FzcqEQUO9C/dCT bJFoAjloWto2FNnx94eGrcMDG714lihGgdI0f8OkS3BRwKl7gOMT3oZwC7Buy5px laNahLKMgUYmXM6YCY1geTftsRxN8eW+W1625xS1nAV0iEdbqXDpMYcnl/9JwTpg xjwPtd0NK0F5gTLVAFkvs3Tt69mzqzR7Er4iQl8DQcXRjG5HF/wa5n3wW0QlhOzz SMveUylfLx9Pk1UAv6G9r5+j+OryACZaJWrKD7cqkKOusJo/U8xOehwGsR/KnbN6 myFsy5gZkDQjl/h9Y4RaD+3JS90d2PMECg4oz3SI -----END CERTIFICATE-----Generated at Fri Apr 18 00:36:27 2025 by rpki-client