$ rpki-client -vvf repo-rpki.idnic.net/repo/88788a8b-541b-4cbf-bab9-8dc377bc1284/0/323030313a6466343a663930303a3a2f34382d3438203d3e20313337333531.roa File: 323030313a6466343a663930303a3a2f34382d3438203d3e20313337333531.roa (raw, json) Hash identifier: b4NjxQmSbJ+wk760b/yGVrpvatI7XP4yXIQB6LdeYtw= Subject key identifier: 2D:AC:9F:AA:C3:69:59:B2:DF:31:DD:39:8D:01:F9:BC:27:8A:CE:F1 Certificate issuer: /CN=8208317A24AB4CD828CD8855F81F3EF2B53CC681 Certificate serial: 3DF9991ADE8503A02A6058C7F5701D8A9D6B1CE0 Authority key identifier: 82:08:31:7A:24:AB:4C:D8:28:CD:88:55:F8:1F:3E:F2:B5:3C:C6:81 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8208317A24AB4CD828CD8855F81F3EF2B53CC681.cer Subject info access: rsync://repo-rpki.idnic.net/repo/88788a8b-541b-4cbf-bab9-8dc377bc1284/0/323030313a6466343a663930303a3a2f34382d3438203d3e20313337333531.roa Signing time: Wed 12 Mar 2025 17:00:02 +0000 ROA not before: Wed 12 Mar 2025 16:55:02 +0000 ROA not after: Wed 11 Mar 2026 17:00:02 +0000 asID: 137351 IP address blocks: 2001:df4:f900::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/88788a8b-541b-4cbf-bab9-8dc377bc1284/0/8208317A24AB4CD828CD8855F81F3EF2B53CC681.crl rsync://repo-rpki.idnic.net/repo/88788a8b-541b-4cbf-bab9-8dc377bc1284/0/8208317A24AB4CD828CD8855F81F3EF2B53CC681.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8208317A24AB4CD828CD8855F81F3EF2B53CC681.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 04:34:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:f9:99:1a:de:85:03:a0:2a:60:58:c7:f5:70:1d:8a:9d:6b:1c:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8208317A24AB4CD828CD8855F81F3EF2B53CC681 Validity Not Before: Mar 12 16:55:02 2025 GMT Not After : Mar 11 17:00:02 2026 GMT Subject: CN=2DAC9FAAC36959B2DF31DD398D01F9BC278ACEF1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:09:53:19:f2:ba:d7:a6:e6:4e:ce:6a:bf:b0: 3b:b3:99:4f:28:33:71:96:83:01:17:95:1d:2a:29: 87:39:25:73:9b:34:8f:e0:b2:5a:54:27:0b:a5:90: a3:e3:c9:69:f8:5a:82:f6:5a:fb:6e:7a:e1:e9:3c: 36:41:2b:43:9c:d8:6d:67:5f:14:67:d4:8d:b3:4b: a9:a7:1f:2c:be:bc:13:de:41:b1:16:ca:f0:d2:53: 8b:76:f5:6a:5d:b9:31:4f:e4:dd:12:ed:0d:7d:75: bd:98:6e:99:ef:5f:e6:dc:29:46:93:ff:47:ad:d3: 3f:ef:bb:84:f1:b9:23:85:ca:27:54:09:19:1e:d8: a5:11:c1:2b:4c:1c:95:d3:c1:39:dd:30:01:a1:f9: 21:bb:5c:7c:0a:f8:62:45:4b:f9:2d:6a:3e:1e:2c: 0b:60:a7:d4:05:70:e5:04:1b:e6:b4:9f:7e:60:1e: 37:d2:59:6f:f6:71:ac:5f:55:7f:8d:4a:33:07:54: 25:91:80:73:08:f5:1b:fd:40:18:51:42:c5:94:3a: 5a:82:37:01:a4:ad:32:e9:82:94:05:7e:60:b9:53: bf:f1:d5:8b:0b:da:3e:47:9d:bc:82:11:d2:18:51: 54:31:ae:e2:2a:fd:c7:16:08:02:84:5a:9f:9b:91: 17:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:AC:9F:AA:C3:69:59:B2:DF:31:DD:39:8D:01:F9:BC:27:8A:CE:F1 X509v3 Authority Key Identifier: keyid:82:08:31:7A:24:AB:4C:D8:28:CD:88:55:F8:1F:3E:F2:B5:3C:C6:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/88788a8b-541b-4cbf-bab9-8dc377bc1284/0/8208317A24AB4CD828CD8855F81F3EF2B53CC681.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8208317A24AB4CD828CD8855F81F3EF2B53CC681.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/88788a8b-541b-4cbf-bab9-8dc377bc1284/0/323030313a6466343a663930303a3a2f34382d3438203d3e20313337333531.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:f900::/48 Signature Algorithm: sha256WithRSAEncryption 95:bd:ff:e5:65:82:29:31:2e:67:65:31:50:a7:c8:85:5e:5d: f3:61:73:6f:d2:3b:62:54:c2:f3:0f:31:34:9b:af:f3:a3:b3: f8:b5:97:32:97:8b:0c:8c:78:7d:56:1d:54:51:1b:3b:ba:a0: 77:26:ec:38:21:95:33:b2:00:da:e1:50:d0:8c:b8:16:4c:f8: 9f:cd:28:93:df:87:24:94:b7:3d:7e:d0:20:05:c1:c4:ef:fb: 9a:a2:b9:d7:e7:49:c4:b2:ad:6e:5b:5b:a4:15:dd:99:d2:87: 5e:12:fe:f7:be:df:de:7d:73:d8:99:ec:c8:5e:98:c4:17:0d: 5c:35:2e:92:bb:59:34:d2:fa:fa:c1:62:b4:8e:84:f1:12:f4: 67:2b:51:1b:3d:08:64:30:21:10:8c:82:64:c1:f1:8b:04:4c: c4:bd:66:04:f7:a4:80:a2:d6:80:9b:b2:70:87:6e:89:2d:a8: e2:94:3a:1c:74:7f:26:96:58:2c:9b:79:3f:6e:3d:54:c5:16: d8:e5:3d:64:f2:3d:c8:45:55:88:e9:fb:80:e0:bf:70:a1:73: 74:b5:57:da:a4:c2:7d:aa:89:d0:69:da:6a:8b:48:e3:05:89: 36:3b:28:9d:23:53:09:58:5d:a1:be:63:df:84:2d:d3:74:33: 63:ee:99:c0 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUPfmZGt6FA6AqYFjH9XAdip1rHOAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIwODMxN0EyNEFCNENEODI4Q0Q4ODU1RjgxRjNFRjJC NTNDQzY4MTAeFw0yNTAzMTIxNjU1MDJaFw0yNjAzMTExNzAwMDJaMDMxMTAvBgNV BAMTKDJEQUM5RkFBQzM2OTU5QjJERjMxREQzOThEMDFGOUJDMjc4QUNFRjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQCVMZ8rrXpuZOzmq/sDuzmU8o M3GWgwEXlR0qKYc5JXObNI/gslpUJwulkKPjyWn4WoL2WvtueuHpPDZBK0Oc2G1n XxRn1I2zS6mnHyy+vBPeQbEWyvDSU4t29WpduTFP5N0S7Q19db2YbpnvX+bcKUaT /0et0z/vu4TxuSOFyidUCRke2KURwStMHJXTwTndMAGh+SG7XHwK+GJFS/ktaj4e LAtgp9QFcOUEG+a0n35gHjfSWW/2caxfVX+NSjMHVCWRgHMI9Rv9QBhRQsWUOlqC NwGkrTLpgpQFfmC5U7/x1YsL2j5HnbyCEdIYUVQxruIq/ccWCAKEWp+bkRdRAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQULayfqsNpWbLfMd05jQH5vCeKzvEwHwYDVR0j BBgwFoAUgggxeiSrTNgozYhV+B8+8rU8xoEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ODc4OGE4Yi01NDFiLTRjYmYtYmFiOS04ZGMzNzdiYzEyODQvMC84MjA4MzE3QTI0 QUI0Q0Q4MjhDRDg4NTVGODFGM0VGMkI1M0NDNjgxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIwODMxN0EyNEFCNENEODI4Q0Q4ODU1RjgxRjNFRjJCNTND QzY4MS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg4Nzg4YThiLTU0MWItNGNiZi1i YWI5LThkYzM3N2JjMTI4NC8wLzMyMzAzMDMxM2E2NDY2MzQzYTY2MzkzMDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM3MzMzNTMxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 9PkAMA0GCSqGSIb3DQEBCwUAA4IBAQCVvf/lZYIpMS5nZTFQp8iFXl3zYXNv0jti VMLzDzE0m6/zo7P4tZcyl4sMjHh9Vh1UURs7uqB3Juw4IZUzsgDa4VDQjLgWTPif zSiT34cklLc9ftAgBcHE7/uaornX50nEsq1uW1ukFd2Z0odeEv73vt/efXPYmezI XpjEFw1cNS6Su1k00vr6wWK0joTxEvRnK1EbPQhkMCEQjIJkwfGLBEzEvWYE96SA otaAm7Jwh26JLajilDocdH8mllgsm3k/bj1UxRbY5T1k8j3IRVWI6fuA4L9woXN0 tVfapMJ9qonQadpqi0jjBYk2OyidI1MJWF2hvmPfhC3TdDNj7pnA -----END CERTIFICATE-----Generated at Sun Apr 6 17:54:12 2025 by rpki-client