$ rpki-client -vvf repo-rpki.idnic.net/repo/7c074cd8-2830-4eab-bdd4-a807ec5115da/0/3130332e3230392e3234392e302f32342d3234203d3e203137343430.roa File: 3130332e3230392e3234392e302f32342d3234203d3e203137343430.roa (raw, json) Hash identifier: 7Dr6u9PA6uyt0AqS+Q9EmLTfz/wKmQK5b4NV05Q8hho= Subject key identifier: 2C:AE:32:75:DC:C0:D2:7F:19:67:4C:53:8C:CC:05:46:37:28:E0:C3 Certificate issuer: /CN=66A6B60CE00F39D3D3C228024C87D2799BE570E7 Certificate serial: 17B5A4073A0C9A3AF45E50A79F3A69ED91EDE0DC Authority key identifier: 66:A6:B6:0C:E0:0F:39:D3:D3:C2:28:02:4C:87:D2:79:9B:E5:70:E7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66A6B60CE00F39D3D3C228024C87D2799BE570E7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/7c074cd8-2830-4eab-bdd4-a807ec5115da/0/3130332e3230392e3234392e302f32342d3234203d3e203137343430.roa Signing time: Fri 16 May 2025 10:00:01 +0000 ROA not before: Fri 16 May 2025 09:55:01 +0000 ROA not after: Fri 15 May 2026 10:00:01 +0000 asID: 17440 IP address blocks: 103.209.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/7c074cd8-2830-4eab-bdd4-a807ec5115da/0/66A6B60CE00F39D3D3C228024C87D2799BE570E7.crl rsync://repo-rpki.idnic.net/repo/7c074cd8-2830-4eab-bdd4-a807ec5115da/0/66A6B60CE00F39D3D3C228024C87D2799BE570E7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66A6B60CE00F39D3D3C228024C87D2799BE570E7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 10:43:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:b5:a4:07:3a:0c:9a:3a:f4:5e:50:a7:9f:3a:69:ed:91:ed:e0:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66A6B60CE00F39D3D3C228024C87D2799BE570E7 Validity Not Before: May 16 09:55:01 2025 GMT Not After : May 15 10:00:01 2026 GMT Subject: CN=2CAE3275DCC0D27F19674C538CCC05463728E0C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:44:2a:b0:88:3e:51:25:37:38:76:3e:59:47: 61:8e:21:2c:07:10:55:a1:95:9c:fa:13:0d:5f:08: 19:6c:fc:74:9d:76:cc:d3:38:fc:50:54:34:b5:2d: 3e:bc:e4:bb:c3:c9:a4:10:39:56:25:dd:1c:32:c5: 65:31:0e:85:86:c2:d2:9e:ce:a9:90:dc:36:ae:cf: d3:55:d8:4e:9a:38:fe:ac:1f:b3:d2:00:46:4d:52: 89:74:6d:b3:9c:10:29:1f:32:05:bc:31:63:d8:9e: 06:0c:72:ac:19:91:fb:c6:b7:e4:71:79:0f:5f:6e: 7e:77:86:9d:58:cf:4a:09:8e:b4:a1:c9:d2:2b:13: 12:59:12:d9:ea:af:96:39:e5:83:30:a3:74:4b:92: ae:05:7d:1b:dc:0c:0f:21:5c:f1:96:e5:b6:ac:92: a7:ea:31:69:fa:8b:1a:b4:94:a2:d6:6a:1a:6b:b9: e2:a3:18:95:cd:08:f3:52:db:50:7c:d1:53:41:d8: 17:49:89:4a:5a:fc:c8:fe:86:98:a6:a4:90:89:86: 41:1b:1b:35:02:61:4e:12:e8:84:94:4c:87:e8:21: 8e:4c:75:33:f3:c2:57:df:ba:4d:e2:f6:43:4a:d1: 53:a6:42:05:b1:dc:08:4d:04:20:64:1a:25:34:0a: 40:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:AE:32:75:DC:C0:D2:7F:19:67:4C:53:8C:CC:05:46:37:28:E0:C3 X509v3 Authority Key Identifier: keyid:66:A6:B6:0C:E0:0F:39:D3:D3:C2:28:02:4C:87:D2:79:9B:E5:70:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/7c074cd8-2830-4eab-bdd4-a807ec5115da/0/66A6B60CE00F39D3D3C228024C87D2799BE570E7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66A6B60CE00F39D3D3C228024C87D2799BE570E7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7c074cd8-2830-4eab-bdd4-a807ec5115da/0/3130332e3230392e3234392e302f32342d3234203d3e203137343430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.209.249.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:06:97:c9:fe:c3:43:fc:b7:b8:c6:20:50:f3:98:e7:6b:76: 25:60:d8:e3:71:5e:a9:62:76:35:81:d6:8a:f3:51:bd:d9:08: 15:ee:7d:75:fd:42:b6:2b:58:7d:77:48:34:2b:09:dc:54:26: 1b:f9:5e:ff:e6:6e:95:c5:45:9f:52:9e:5a:02:1c:a4:8a:20: e8:32:21:26:ba:f2:a3:21:68:e1:3d:de:e9:e4:67:03:c1:84: d3:c0:85:86:61:1a:df:de:90:8c:48:da:d6:6c:08:fc:20:1a: 02:ae:0d:0a:a9:dd:87:b7:b1:93:08:2c:bd:e4:3d:34:b3:af: b6:b0:71:49:51:66:8e:4e:72:8a:a1:3c:59:53:8d:af:9c:b2: 32:eb:1b:62:63:be:8d:1c:66:3e:b5:43:86:c4:bd:58:07:25: 92:4c:05:13:45:57:ce:99:2e:5b:58:44:e1:bc:18:f7:62:98: 46:ae:4c:a0:a8:db:ff:02:43:42:4b:e7:e7:04:9f:ec:82:1e: 4a:a3:f7:52:cd:ee:6f:d4:5e:46:7e:64:67:25:72:6f:1c:8d: e4:b0:b4:fd:85:18:60:86:2a:f2:4b:ef:e3:a3:11:a9:38:c7: a4:a9:4e:85:6b:b8:0e:7f:4b:03:49:56:d2:39:b8:1f:1e:e6: 6e:d1:0a:bb -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUF7WkBzoMmjr0XlCnnzpp7ZHt4NwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjZBNkI2MENFMDBGMzlEM0QzQzIyODAyNEM4N0QyNzk5 QkU1NzBFNzAeFw0yNTA1MTYwOTU1MDFaFw0yNjA1MTUxMDAwMDFaMDMxMTAvBgNV BAMTKDJDQUUzMjc1RENDMEQyN0YxOTY3NEM1MzhDQ0MwNTQ2MzcyOEUwQzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcRCqwiD5RJTc4dj5ZR2GOISwH EFWhlZz6Ew1fCBls/HSddszTOPxQVDS1LT685LvDyaQQOVYl3RwyxWUxDoWGwtKe zqmQ3Dauz9NV2E6aOP6sH7PSAEZNUol0bbOcECkfMgW8MWPYngYMcqwZkfvGt+Rx eQ9fbn53hp1Yz0oJjrShydIrExJZEtnqr5Y55YMwo3RLkq4FfRvcDA8hXPGW5bas kqfqMWn6ixq0lKLWahprueKjGJXNCPNS21B80VNB2BdJiUpa/Mj+hpimpJCJhkEb GzUCYU4S6ISUTIfoIY5MdTPzwlffuk3i9kNK0VOmQgWx3AhNBCBkGiU0CkA/AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQULK4yddzA0n8ZZ0xTjMwFRjco4MMwHwYDVR0j BBgwFoAUZqa2DOAPOdPTwigCTIfSeZvlcOcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 YzA3NGNkOC0yODMwLTRlYWItYmRkNC1hODA3ZWM1MTE1ZGEvMC82NkE2QjYwQ0Uw MEYzOUQzRDNDMjI4MDI0Qzg3RDI3OTlCRTU3MEU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjZBNkI2MENFMDBGMzlEM0QzQzIyODAyNEM4N0QyNzk5QkU1 NzBFNy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjMDc0Y2Q4LTI4MzAtNGVhYi1i ZGQ0LWE4MDdlYzUxMTVkYS8wLzMxMzAzMzJlMzIzMDM5MmUzMjM0MzkyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMTM3MzQzNDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9H5MA0GCSqG SIb3DQEBCwUAA4IBAQA+BpfJ/sND/Le4xiBQ85jna3YlYNjjcV6pYnY1gdaK81G9 2QgV7n11/UK2K1h9d0g0KwncVCYb+V7/5m6VxUWfUp5aAhykiiDoMiEmuvKjIWjh Pd7p5GcDwYTTwIWGYRrf3pCMSNrWbAj8IBoCrg0Kqd2Ht7GTCCy95D00s6+2sHFJ UWaOTnKKoTxZU42vnLIy6xtiY76NHGY+tUOGxL1YByWSTAUTRVfOmS5bWEThvBj3 YphGrkygqNv/AkNCS+fnBJ/sgh5Ko/dSze5v1F5GfmRnJXJvHI3ksLT9hRhghiry S+/joxGpOMekqU6Fa7gOf0sDSVbSObgfHuZu0Qq7 -----END CERTIFICATE-----Generated at Mon Jun 9 03:00:01 2025 by rpki-client