$ rpki-client -vvf repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/3132332e3235332e3233322e302f32322d3234203d3e203137363730.roa File: 3132332e3235332e3233322e302f32322d3234203d3e203137363730.roa (raw, json) Hash identifier: vrQUHtmrpEkk/iDmbB+uHEkm7uM2w4TQx9m9dPyp6vU= Subject key identifier: 52:CF:56:8F:C7:D3:AD:2E:4C:EC:7C:D4:C4:3F:47:B4:8C:A8:2F:2B Certificate issuer: /CN=89402655017312B8CFCB367BA82966AA21E11F90 Certificate serial: 3A695C6185FD06793CF0FFEF40CB22A22E8E66D8 Authority key identifier: 89:40:26:55:01:73:12:B8:CF:CB:36:7B:A8:29:66:AA:21:E1:1F:90 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/89402655017312B8CFCB367BA82966AA21E11F90.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/3132332e3235332e3233322e302f32322d3234203d3e203137363730.roa Signing time: Sun 03 Sep 2023 18:00:00 +0000 ROA not before: Sun 03 Sep 2023 17:55:00 +0000 ROA not after: Sun 01 Sep 2024 18:00:00 +0000 asID: 17670 IP address blocks: 123.253.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/89402655017312B8CFCB367BA82966AA21E11F90.crl rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/89402655017312B8CFCB367BA82966AA21E11F90.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/89402655017312B8CFCB367BA82966AA21E11F90.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 10:20:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:69:5c:61:85:fd:06:79:3c:f0:ff:ef:40:cb:22:a2:2e:8e:66:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89402655017312B8CFCB367BA82966AA21E11F90 Validity Not Before: Sep 3 17:55:00 2023 GMT Not After : Sep 1 18:00:00 2024 GMT Subject: CN=52CF568FC7D3AD2E4CEC7CD4C43F47B48CA82F2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:5e:c5:57:19:29:99:e2:3b:15:07:64:e5:88: f9:a6:60:9c:30:f6:fc:64:59:51:7e:2c:8d:3c:e2: 19:60:3d:6e:51:75:a0:34:a0:02:a2:0a:5c:85:8a: b1:cf:59:0f:b0:a5:72:92:33:58:9c:b7:6f:45:ae: 44:33:b7:37:50:b3:68:d5:f5:d0:88:28:96:a1:ba: 78:a9:7d:98:d5:cc:3c:94:f1:2a:f3:ae:d4:ff:09: ce:f0:80:93:64:22:50:bd:17:de:22:56:09:ca:22: 1f:fb:9d:7a:aa:2d:b4:68:47:f9:e8:4a:bb:65:be: 98:40:f0:58:43:e5:da:2b:89:ab:88:f4:b6:2b:bc: 7a:e4:6b:26:59:ba:86:42:44:c9:17:92:e4:d7:b5: 1d:f9:ed:3d:0d:37:cc:6f:11:3f:ce:97:34:a0:cc: e4:b3:ba:4b:9f:d1:d3:97:41:26:5f:dc:7b:2c:24: 2f:59:25:e4:d5:41:a7:b7:84:ec:2c:9f:9a:da:f5: f2:b3:b7:a0:f5:5e:a8:c6:b3:55:d6:ce:a2:bc:ea: dc:e7:06:fa:0f:0a:4c:86:99:cb:6a:64:f5:2d:94: 3a:df:c1:ac:6d:3a:ae:3c:e4:6c:10:d4:30:d6:35: 2e:1d:75:b1:04:fb:b5:ab:35:8f:14:39:fc:d8:c2: b0:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:CF:56:8F:C7:D3:AD:2E:4C:EC:7C:D4:C4:3F:47:B4:8C:A8:2F:2B X509v3 Authority Key Identifier: keyid:89:40:26:55:01:73:12:B8:CF:CB:36:7B:A8:29:66:AA:21:E1:1F:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/89402655017312B8CFCB367BA82966AA21E11F90.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/89402655017312B8CFCB367BA82966AA21E11F90.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/3132332e3235332e3233322e302f32322d3234203d3e203137363730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 123.253.232.0/22 Signature Algorithm: sha256WithRSAEncryption 9b:14:fe:eb:a5:53:10:f7:fd:6e:12:de:fe:b3:8d:ce:28:10: 0e:4e:36:21:dd:b9:10:a7:30:5f:11:6c:e0:c0:61:ba:fd:55: 15:18:d1:97:72:9f:7e:61:88:70:c0:90:56:7b:54:91:67:2b: 5f:d6:5c:00:9e:2b:d3:11:be:09:95:17:37:8c:3a:b8:9b:e6: f4:80:46:22:fc:ce:71:a1:51:77:6e:16:50:d8:9c:d1:fd:e5: 05:dd:44:d9:e7:8d:52:76:67:9c:00:37:6a:56:7f:f2:68:00: a8:c9:78:a0:00:8c:26:f9:04:02:1e:eb:dd:cf:08:2c:3e:95: 5a:9f:85:d1:5d:6b:88:4f:fb:34:b3:06:ab:28:02:35:99:64: 7a:4f:62:99:3e:70:e7:e8:40:25:1d:aa:34:5b:f8:3f:9f:cf: 25:81:a3:76:86:61:fe:2a:67:eb:d8:7d:ff:f3:f9:02:aa:0e: f7:a4:8e:0f:ce:5d:e3:b9:e3:eb:25:d9:3a:a7:cf:a3:27:51: d9:39:fe:23:02:fa:2f:f7:fd:b5:81:97:c8:8e:45:07:d4:5d: 74:04:6f:5a:3f:f3:83:87:24:4d:bb:c7:be:de:7c:67:e5:67: 89:5b:99:0b:da:0f:8a:5d:f3:20:14:2a:c0:3e:17:08:cc:9f: 60:dd:6d:d8 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUOmlcYYX9Bnk88P/vQMsioi6OZtgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODk0MDI2NTUwMTczMTJCOENGQ0IzNjdCQTgyOTY2QUEy MUUxMUY5MDAeFw0yMzA5MDMxNzU1MDBaFw0yNDA5MDExODAwMDBaMDMxMTAvBgNV BAMTKDUyQ0Y1NjhGQzdEM0FEMkU0Q0VDN0NENEM0M0Y0N0I0OENBODJGMkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWXsVXGSmZ4jsVB2TliPmmYJww 9vxkWVF+LI084hlgPW5RdaA0oAKiClyFirHPWQ+wpXKSM1ict29FrkQztzdQs2jV 9dCIKJahunipfZjVzDyU8SrzrtT/Cc7wgJNkIlC9F94iVgnKIh/7nXqqLbRoR/no SrtlvphA8FhD5doriauI9LYrvHrkayZZuoZCRMkXkuTXtR357T0NN8xvET/OlzSg zOSzukuf0dOXQSZf3HssJC9ZJeTVQae3hOwsn5ra9fKzt6D1XqjGs1XWzqK86tzn BvoPCkyGmctqZPUtlDrfwaxtOq485GwQ1DDWNS4ddbEE+7WrNY8UOfzYwrAHAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUUs9Wj8fTrS5M7HzUxD9HtIyoLyswHwYDVR0j BBgwFoAUiUAmVQFzErjPyzZ7qClmqiHhH5AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZmIxYzgwYy00ZDZjLTQ0MDgtODk0Ny1mYmE2ZTdjNGJlN2MvMC84OTQwMjY1NTAx NzMxMkI4Q0ZDQjM2N0JBODI5NjZBQTIxRTExRjkwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODk0MDI2NTUwMTczMTJCOENGQ0IzNjdCQTgyOTY2QUEyMUUx MUY5MC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVmYjFjODBjLTRkNmMtNDQwOC04 OTQ3LWZiYTZlN2M0YmU3Yy8wLzMxMzIzMzJlMzIzNTMzMmUzMjMzMzIyZTMwMmYz MjMyMmQzMjM0MjAzZDNlMjAzMTM3MzYzNzMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCe/3oMA0GCSqG SIb3DQEBCwUAA4IBAQCbFP7rpVMQ9/1uEt7+s43OKBAOTjYh3bkQpzBfEWzgwGG6 /VUVGNGXcp9+YYhwwJBWe1SRZytf1lwAnivTEb4JlRc3jDq4m+b0gEYi/M5xoVF3 bhZQ2JzR/eUF3UTZ541SdmecADdqVn/yaACoyXigAIwm+QQCHuvdzwgsPpVan4XR XWuIT/s0swarKAI1mWR6T2KZPnDn6EAlHao0W/g/n88lgaN2hmH+Kmfr2H3/8/kC qg73pI4Pzl3juePrJdk6p8+jJ1HZOf4jAvov9/21gZfIjkUH1F10BG9aP/ODhyRN u8e+3nxn5WeJW5kL2g+KXfMgFCrAPhcIzJ9g3W3Y -----END CERTIFICATE-----Generated at Sat Jun 1 18:43:04 2024 by rpki-client on console-fra.rpki-client.org