$ rpki-client -vvf repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/323430343a633030303a323a3a2f34382d3438203d3e203435313437.roa File: 323430343a633030303a323a3a2f34382d3438203d3e203435313437.roa (raw, json) Hash identifier: rQFsMGCQEHJJMckDIGHDcTDPuhRijvh+HvphhEcUCSw= Subject key identifier: 8F:1E:A6:B9:B4:59:D5:48:68:9B:50:A2:0C:AA:EA:08:2B:17:91:BE Certificate issuer: /CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Certificate serial: 509D34C8223D80CD0B5B82EF220BDB6EF5C007F2 Authority key identifier: F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer Subject info access: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/323430343a633030303a323a3a2f34382d3438203d3e203435313437.roa Signing time: Sun 29 Sep 2024 14:00:00 +0000 ROA not before: Sun 29 Sep 2024 13:55:00 +0000 ROA not after: Sun 28 Sep 2025 14:00:00 +0000 asID: 45147 IP address blocks: 2404:c000:2::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.crl rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:9d:34:c8:22:3d:80:cd:0b:5b:82:ef:22:0b:db:6e:f5:c0:07:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Validity Not Before: Sep 29 13:55:00 2024 GMT Not After : Sep 28 14:00:00 2025 GMT Subject: CN=8F1EA6B9B459D548689B50A20CAAEA082B1791BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:0e:56:2c:99:af:d9:a3:42:84:22:7f:8e:8e: 75:17:65:64:f9:74:ce:a2:9f:e5:a4:e5:35:e7:cd: e8:f7:24:72:c6:4e:68:52:78:37:f4:9f:69:fa:1d: 9f:59:d9:18:b9:18:5e:35:ac:e7:53:3f:47:f4:ec: fa:96:ff:bb:e8:8d:b6:d8:c6:0c:78:40:4f:38:84: 66:55:54:5f:41:b6:8c:a7:b8:8f:51:94:54:20:d4: 4d:c2:c9:26:79:26:06:67:eb:85:a8:06:c6:4f:81: 10:95:49:38:27:ac:fc:09:c9:4d:00:3e:5e:18:90: f4:e4:11:78:73:91:ae:71:50:33:fd:99:fc:f7:79: 29:97:89:e4:df:71:0e:a4:37:cc:0c:c9:f0:03:b1: d4:e1:26:44:b5:ef:87:2c:30:59:c1:71:42:80:6a: 43:62:5c:44:48:42:84:4c:8d:84:3a:bf:69:94:ec: f5:08:91:e1:96:c0:fe:70:45:d2:38:92:66:97:5b: 1e:b9:02:7f:2c:09:2d:87:81:bd:52:22:fb:d9:46: b6:6c:f0:8a:e4:fa:64:a2:1e:02:c7:aa:6a:1d:6c: 98:c0:05:fc:4b:74:20:74:e3:6a:11:bc:61:f8:fa: c5:88:86:ba:5f:82:8c:3e:24:77:9a:15:c0:df:df: 83:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:1E:A6:B9:B4:59:D5:48:68:9B:50:A2:0C:AA:EA:08:2B:17:91:BE X509v3 Authority Key Identifier: keyid:F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/323430343a633030303a323a3a2f34382d3438203d3e203435313437.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:c000:2::/48 Signature Algorithm: sha256WithRSAEncryption 24:20:18:fd:3d:26:17:ed:4a:4c:6a:03:ad:3c:0b:2d:07:23: bb:c0:0b:51:eb:34:e3:e6:3e:3c:9f:88:9f:d0:8a:3d:38:1b: dd:e6:a8:63:f9:80:52:29:d3:69:39:2b:9f:d0:4e:71:3d:c7: 02:b3:37:14:3f:85:be:81:32:cf:f5:ed:6e:db:e1:a1:45:fe: 13:a0:27:64:48:0b:57:dc:62:9e:eb:c5:d0:56:2c:7b:75:f0: d4:fc:cf:d8:fc:74:29:e5:b4:e4:08:07:5d:f4:75:bc:75:5a: 5d:d5:c9:fc:72:de:e9:8e:90:ef:de:04:98:09:9c:dc:8c:c6: 20:e4:25:05:8f:7a:83:07:c3:46:ed:3e:47:39:6c:f6:10:77: 2d:1b:42:17:e3:84:51:98:28:d4:34:4a:37:5b:72:ed:a7:d3: 7e:e4:16:b2:7a:ff:4c:7d:c5:a5:ef:db:6a:f0:de:ec:a8:7e: 7e:c5:dc:f5:73:a2:f1:f7:5c:31:dc:9b:d2:7f:ee:22:4b:a8: 18:05:c5:6a:ba:3f:fc:84:a1:51:e7:6e:7e:8a:74:28:94:24: 98:87:45:77:ca:b0:1b:64:8c:b7:6b:81:78:24:86:7c:2a:7d: e6:ca:ab:f4:6d:fa:43:d6:76:41:7b:da:29:1d:06:7d:e1:f0: 7c:1c:fa:82 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUUJ00yCI9gM0LW4LvIgvbbvXAB/IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjM5OUExQTBDMThGRThEQkRBMjNDRTIxNzVFMENCMjNE NjdENjUxMTAeFw0yNDA5MjkxMzU1MDBaFw0yNTA5MjgxNDAwMDBaMDMxMTAvBgNV BAMTKDhGMUVBNkI5QjQ1OUQ1NDg2ODlCNTBBMjBDQUFFQTA4MkIxNzkxQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDlYsma/Zo0KEIn+OjnUXZWT5 dM6in+Wk5TXnzej3JHLGTmhSeDf0n2n6HZ9Z2Ri5GF41rOdTP0f07PqW/7vojbbY xgx4QE84hGZVVF9BtoynuI9RlFQg1E3CySZ5JgZn64WoBsZPgRCVSTgnrPwJyU0A Pl4YkPTkEXhzka5xUDP9mfz3eSmXieTfcQ6kN8wMyfADsdThJkS174csMFnBcUKA akNiXERIQoRMjYQ6v2mU7PUIkeGWwP5wRdI4kmaXWx65An8sCS2Hgb1SIvvZRrZs 8Irk+mSiHgLHqmodbJjABfxLdCB042oRvGH4+sWIhrpfgow+JHeaFcDf34NBAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUjx6mubRZ1Uhom1CiDKrqCCsXkb4wHwYDVR0j BBgwFoAU85mhoMGP6NvaI84hdeDLI9Z9ZREwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 MzVmN2EyZi03MjVlLTQzOTktODY5YS00YjFmY2YyYzZhMGMvMC9GMzk5QTFBMEMx OEZFOERCREEyM0NFMjE3NUUwQ0IyM0Q2N0Q2NTExLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRjM5OUExQTBDMThGRThEQkRBMjNDRTIxNzVFMENCMjNENjdE NjUxMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNWY3YTJmLTcyNWUtNDM5OS04 NjlhLTRiMWZjZjJjNmEwYy8wLzMyMzQzMDM0M2E2MzMwMzAzMDNhMzIzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzNDM1MzEzNDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJATAAAACMA0G CSqGSIb3DQEBCwUAA4IBAQAkIBj9PSYX7UpMagOtPAstByO7wAtR6zTj5j48n4if 0Io9OBvd5qhj+YBSKdNpOSuf0E5xPccCszcUP4W+gTLP9e1u2+GhRf4ToCdkSAtX 3GKe68XQVix7dfDU/M/Y/HQp5bTkCAdd9HW8dVpd1cn8ct7pjpDv3gSYCZzcjMYg 5CUFj3qDB8NG7T5HOWz2EHctG0IX44RRmCjUNEo3W3Ltp9N+5Bayev9MfcWl79tq 8N7sqH5+xdz1c6Lx91wx3JvSf+4iS6gYBcVquj/8hKFR525+inQolCSYh0V3yrAb ZIy3a4F4JIZ8Kn3myqv0bfpD1nZBe9opHQZ94fB8HPqC -----END CERTIFICATE-----Generated at Mon Nov 25 18:43:02 2024 by rpki-client on console-ams.rpki-client.org