$ rpki-client -vvf repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/3230322e35392e3136372e302f32342d3234203d3e203137373237.roa File: 3230322e35392e3136372e302f32342d3234203d3e203137373237.roa (raw, json) Hash identifier: lCt2XYVIrr6po9Lkgpa5yHydv8kPHNMU8fyBCxWJC6E= Subject key identifier: 71:B3:1D:20:D8:09:D7:A6:23:36:4A:BC:81:67:34:E4:60:45:09:62 Certificate issuer: /CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Certificate serial: 6A8A2B957A80B82C8367C7EF7B2EF78F545B8140 Authority key identifier: F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer Subject info access: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/3230322e35392e3136372e302f32342d3234203d3e203137373237.roa Signing time: Sun 29 Sep 2024 09:00:04 +0000 ROA not before: Sun 29 Sep 2024 08:55:04 +0000 ROA not after: Sun 28 Sep 2025 09:00:04 +0000 asID: 17727 IP address blocks: 202.59.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.crl rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Nov 2024 09:00:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:8a:2b:95:7a:80:b8:2c:83:67:c7:ef:7b:2e:f7:8f:54:5b:81:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Validity Not Before: Sep 29 08:55:04 2024 GMT Not After : Sep 28 09:00:04 2025 GMT Subject: CN=71B31D20D809D7A623364ABC816734E460450962 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:13:b8:93:a7:64:bf:14:70:f1:b8:22:3e:05: 25:c1:e9:0d:61:95:28:eb:b9:dd:07:5c:28:9f:2d: b0:2e:47:68:9a:1e:fb:4d:eb:cf:5c:5b:2c:95:a8: 80:34:d8:68:f8:e4:96:f3:bd:dd:15:9c:fc:f4:93: 02:ca:f1:a0:6e:6b:1e:8d:84:a1:75:9a:31:e6:c9: 46:97:d1:b5:60:41:ab:ca:59:c1:f0:03:3b:97:09: b3:53:ea:37:f7:ac:91:b4:09:5f:46:21:a1:54:a6: 58:6a:d4:da:30:ed:e8:17:c2:89:60:de:15:11:96: 12:d9:47:0e:c8:25:21:f2:83:35:b8:18:10:11:e5: 5b:9a:b0:87:4c:41:a1:3c:d9:80:cb:a1:6b:ee:82: 1b:30:66:39:a4:ef:6d:0e:54:a5:02:13:db:24:1b: 46:6a:a5:16:37:23:a5:3a:d1:e9:d2:29:b4:73:36: 78:df:ac:57:f5:8b:29:71:ec:bc:24:27:46:18:7a: 5b:a5:c2:57:fb:34:1d:c8:54:17:24:49:41:80:03: d9:02:e9:89:54:3c:f4:a7:0a:26:90:7e:e8:18:ba: ed:9a:34:ec:c9:11:32:c4:d9:27:e1:18:5e:3d:b3: aa:8f:26:0b:89:04:cd:89:af:41:82:1e:e2:41:9d: 0c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:B3:1D:20:D8:09:D7:A6:23:36:4A:BC:81:67:34:E4:60:45:09:62 X509v3 Authority Key Identifier: keyid:F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/3230322e35392e3136372e302f32342d3234203d3e203137373237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.59.167.0/24 Signature Algorithm: sha256WithRSAEncryption 51:fc:10:c0:96:c4:b5:7d:94:8c:f1:24:d1:8c:38:25:fd:68: a0:ae:74:a6:74:01:0d:7b:25:af:83:36:5b:d8:ab:1d:d7:b0: 08:2d:53:15:3f:c6:66:45:26:76:a2:09:46:4d:1b:2a:2b:91: de:06:61:25:fe:31:69:26:db:cf:eb:7c:41:a7:c2:1e:4b:c9: b8:eb:c6:19:e2:3a:f9:3d:f3:0d:25:71:cd:a7:fd:63:5e:d1: bc:16:4d:a5:2b:df:0c:5b:a3:8c:9e:8c:31:8e:87:e1:bd:a4: f2:8a:44:33:6c:d2:13:46:02:7f:f5:56:09:68:99:c7:70:2b: b4:f6:0e:9a:62:1e:48:f2:75:a4:85:fd:2d:a8:27:14:e1:82: cc:92:59:86:de:fc:7b:ba:73:20:3e:e5:ad:01:79:80:b0:50: 8c:96:e0:bc:3d:b3:5f:b1:2f:da:61:9f:25:56:e6:c1:a7:80: f5:31:af:e8:03:f8:35:dd:01:3b:89:a6:58:5a:2d:6c:45:15: da:7c:46:9a:77:2e:d5:ee:73:c1:b6:01:53:d6:71:a7:e8:ae: 30:55:bf:c9:ae:cb:fd:4a:38:66:0f:96:16:41:e2:e7:81:32: ca:a6:db:b4:5a:f3:dd:7b:fa:09:74:3c:34:f5:50:29:87:41: 53:db:60:27 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUaoorlXqAuCyDZ8fvey73j1RbgUAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjM5OUExQTBDMThGRThEQkRBMjNDRTIxNzVFMENCMjNE NjdENjUxMTAeFw0yNDA5MjkwODU1MDRaFw0yNTA5MjgwOTAwMDRaMDMxMTAvBgNV BAMTKDcxQjMxRDIwRDgwOUQ3QTYyMzM2NEFCQzgxNjczNEU0NjA0NTA5NjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxE7iTp2S/FHDxuCI+BSXB6Q1h lSjrud0HXCifLbAuR2iaHvtN689cWyyVqIA02Gj45Jbzvd0VnPz0kwLK8aBuax6N hKF1mjHmyUaX0bVgQavKWcHwAzuXCbNT6jf3rJG0CV9GIaFUplhq1Now7egXwolg 3hURlhLZRw7IJSHygzW4GBAR5VuasIdMQaE82YDLoWvughswZjmk720OVKUCE9sk G0ZqpRY3I6U60enSKbRzNnjfrFf1iylx7LwkJ0YYelulwlf7NB3IVBckSUGAA9kC 6YlUPPSnCiaQfugYuu2aNOzJETLE2SfhGF49s6qPJguJBM2Jr0GCHuJBnQx3AgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUcbMdINgJ16YjNkq8gWc05GBFCWIwHwYDVR0j BBgwFoAU85mhoMGP6NvaI84hdeDLI9Z9ZREwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 MzVmN2EyZi03MjVlLTQzOTktODY5YS00YjFmY2YyYzZhMGMvMC9GMzk5QTFBMEMx OEZFOERCREEyM0NFMjE3NUUwQ0IyM0Q2N0Q2NTExLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRjM5OUExQTBDMThGRThEQkRBMjNDRTIxNzVFMENCMjNENjdE NjUxMS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNWY3YTJmLTcyNWUtNDM5OS04 NjlhLTRiMWZjZjJjNmEwYy8wLzMyMzAzMjJlMzUzOTJlMzEzNjM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNzM3MzIzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo7pzANBgkqhkiG 9w0BAQsFAAOCAQEAUfwQwJbEtX2UjPEk0Yw4Jf1ooK50pnQBDXslr4M2W9irHdew CC1TFT/GZkUmdqIJRk0bKiuR3gZhJf4xaSbbz+t8QafCHkvJuOvGGeI6+T3zDSVx zaf9Y17RvBZNpSvfDFujjJ6MMY6H4b2k8opEM2zSE0YCf/VWCWiZx3ArtPYOmmIe SPJ1pIX9LagnFOGCzJJZht78e7pzID7lrQF5gLBQjJbgvD2zX7Ev2mGfJVbmwaeA 9TGv6AP4Nd0BO4mmWFotbEUV2nxGmncu1e5zwbYBU9Zxp+iuMFW/ya7L/Uo4Zg+W FkHi54EyyqbbtFrz3Xv6CXQ8NPVQKYdBU9tgJw== -----END CERTIFICATE-----Generated at Thu Nov 21 11:07:51 2024 by rpki-client on console-ams.rpki-client.org