$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231362e302f32312d3234203d3e203137363731.roa File: 3230322e35382e3231362e302f32312d3234203d3e203137363731.roa (raw, json) Hash identifier: o7MQIpgAqLDibBg9CXwAkrwP0AUOc+SR1c18RIspqaM= Subject key identifier: 31:1A:BD:B0:1D:DF:0B:D4:D9:CD:AD:AC:E5:C1:1C:5F:53:50:2B:C6 Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25 Certificate serial: 67B8C37307FA91CF4C8BCEA13F14985515B8A99A Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231362e302f32312d3234203d3e203137363731.roa Signing time: Sat 17 May 2025 12:02:05 +0000 ROA not before: Sat 17 May 2025 11:57:05 +0000 ROA not after: Sat 16 May 2026 12:02:05 +0000 asID: 17671 IP address blocks: 202.58.216.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 04:38:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:b8:c3:73:07:fa:91:cf:4c:8b:ce:a1:3f:14:98:55:15:b8:a9:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25 Validity Not Before: May 17 11:57:05 2025 GMT Not After : May 16 12:02:05 2026 GMT Subject: CN=311ABDB01DDF0BD4D9CDADACE5C11C5F53502BC6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:45:6f:e8:b6:a3:95:1f:73:16:4c:b0:6e:64: d7:72:0a:0f:d2:ae:54:4a:ef:da:59:42:14:72:b2: 54:10:3c:ef:9d:37:74:a4:85:99:8c:fc:14:7e:8b: 95:e6:6d:d3:6f:ef:d1:93:2e:aa:5f:1e:2f:c9:12: 03:a2:28:1d:e0:78:f8:25:29:0e:01:a4:db:4f:9a: 56:ad:a3:c2:76:22:47:c3:8e:02:f0:f1:17:95:a7: d7:24:71:57:d9:61:4b:08:ad:b4:1d:af:7a:ee:d7: 5c:63:ce:c3:ea:b3:b2:aa:d2:35:63:0c:08:64:92: 85:d7:94:d7:23:15:80:65:d4:5e:51:6f:ba:ef:8b: 96:1c:18:85:c3:5f:ac:73:f5:b0:52:58:b7:ba:59: de:f3:6f:ae:8a:de:40:91:58:b0:c8:1c:42:8f:4c: 6d:1a:a2:75:70:09:e9:77:be:7b:76:54:7e:ef:62: 63:ca:15:f4:80:6d:d2:fa:9b:23:6f:c8:dd:56:ce: 6b:a7:52:22:03:fb:d2:2e:f4:af:0e:7d:0a:c7:1e: 3b:ce:34:54:88:cd:e3:df:2f:15:74:bc:ff:2d:06: e9:02:af:ba:53:66:bf:6c:97:21:db:a0:3d:52:f3: e3:ec:03:c2:0e:07:4f:02:bd:5d:59:af:49:fa:29: b3:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:1A:BD:B0:1D:DF:0B:D4:D9:CD:AD:AC:E5:C1:1C:5F:53:50:2B:C6 X509v3 Authority Key Identifier: keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231362e302f32312d3234203d3e203137363731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.58.216.0/21 Signature Algorithm: sha256WithRSAEncryption 18:da:ae:4b:01:dd:2a:73:e6:9f:55:64:0d:a8:c2:cf:b4:4b: e9:d2:1c:38:af:26:e2:7b:38:69:4e:f1:9a:fe:25:a2:a6:9f: db:4d:e4:8b:a5:ca:73:06:bf:57:f1:db:0b:0e:4a:7b:db:6f: 0c:65:83:43:61:f2:09:e2:eb:b6:96:74:7f:c2:0d:4f:e9:ee: 0f:97:aa:1f:d3:47:9e:b4:0d:7c:74:d9:64:74:96:f3:9a:e0: 11:40:42:a7:6c:e3:f2:49:e4:5b:6f:60:0a:35:29:cb:37:ea: 7c:dc:ca:da:d7:0b:f3:2c:a8:26:59:88:85:6c:27:a2:a9:94: 4b:c6:52:88:18:8a:f6:fc:ab:49:fc:00:4d:b8:9e:09:7f:31: 57:b9:f9:be:2b:fc:ef:77:94:46:10:98:d0:25:27:81:b7:41: 5d:f5:85:65:65:87:f6:97:8d:58:30:ff:26:47:49:38:1d:fa: 1c:30:20:42:34:ea:82:bd:49:d3:99:e0:e7:d2:46:75:4a:07: de:bb:52:64:82:ae:57:d1:8f:26:1e:77:45:01:db:b8:b7:28: 13:e5:6a:84:87:5b:57:14:af:fa:5e:5c:32:86:60:f8:83:a2: 63:1e:14:ba:0f:d5:6c:3f:9c:1b:4e:11:c1:01:d2:d5:c7:c3: 58:b0:59:67 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUZ7jDcwf6kc9Mi86hPxSYVRW4qZowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw NTY0QUIyNTAeFw0yNTA1MTcxMTU3MDVaFw0yNjA1MTYxMjAyMDVaMDMxMTAvBgNV BAMTKDMxMUFCREIwMURERjBCRDREOUNEQURBQ0U1QzExQzVGNTM1MDJCQzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhRW/otqOVH3MWTLBuZNdyCg/S rlRK79pZQhRyslQQPO+dN3SkhZmM/BR+i5XmbdNv79GTLqpfHi/JEgOiKB3gePgl KQ4BpNtPmlato8J2IkfDjgLw8ReVp9ckcVfZYUsIrbQdr3ru11xjzsPqs7Kq0jVj DAhkkoXXlNcjFYBl1F5Rb7rvi5YcGIXDX6xz9bBSWLe6Wd7zb66K3kCRWLDIHEKP TG0aonVwCel3vnt2VH7vYmPKFfSAbdL6myNvyN1WzmunUiID+9Iu9K8OfQrHHjvO NFSIzePfLxV0vP8tBukCr7pTZr9slyHboD1S8+PsA8IOB08CvV1Zr0n6KbNrAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUMRq9sB3fC9TZza2s5cEcX1NQK8YwHwYDVR0j BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0 QUIyNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzODJlMzIzMTM2MmUzMDJmMzIz MTJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8o62DANBgkqhkiG 9w0BAQsFAAOCAQEAGNquSwHdKnPmn1VkDajCz7RL6dIcOK8m4ns4aU7xmv4loqaf 203ki6XKcwa/V/HbCw5Ke9tvDGWDQ2HyCeLrtpZ0f8INT+nuD5eqH9NHnrQNfHTZ ZHSW85rgEUBCp2zj8knkW29gCjUpyzfqfNzK2tcL8yyoJlmIhWwnoqmUS8ZSiBiK 9vyrSfwATbieCX8xV7n5viv873eURhCY0CUngbdBXfWFZWWH9peNWDD/JkdJOB36 HDAgQjTqgr1J05ng59JGdUoH3rtSZIKuV9GPJh53RQHbuLcoE+VqhIdbVxSv+l5c MoZg+IOiYx4Uug/VbD+cG04RwQHS1cfDWLBZZw== -----END CERTIFICATE-----Generated at Fri Jun 6 16:51:21 2025 by rpki-client