$ rpki-client -vvf repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130372e302f32342d3234203d3e20313439373138.roa File: 3232332e32352e3130372e302f32342d3234203d3e20313439373138.roa (raw, json) Hash identifier: DrBIeEQt6yULPW0r6792EagtEDf0ZZCsQyk/153rumY= Subject key identifier: 0E:6D:A7:12:92:61:58:1E:74:95:9F:A5:8E:AA:4B:AE:1F:17:91:04 Certificate issuer: /CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Certificate serial: 0CE39FA14E6906DB4C011FA302245BEB91624E07 Authority key identifier: 4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130372e302f32342d3234203d3e20313439373138.roa Signing time: Fri 28 Feb 2025 23:00:01 +0000 ROA not before: Fri 28 Feb 2025 22:55:01 +0000 ROA not after: Fri 27 Feb 2026 23:00:01 +0000 asID: 149718 IP address blocks: 223.25.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 20:32:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:e3:9f:a1:4e:69:06:db:4c:01:1f:a3:02:24:5b:eb:91:62:4e:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Validity Not Before: Feb 28 22:55:01 2025 GMT Not After : Feb 27 23:00:01 2026 GMT Subject: CN=0E6DA7129261581E74959FA58EAA4BAE1F179104 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:32:a3:45:a8:53:44:48:b7:dc:88:e7:f5:b2: fe:52:33:d7:b5:52:de:21:09:b0:d8:6f:27:4d:81: 69:5f:b7:1b:ab:e4:87:42:f1:14:96:e6:46:16:9d: c8:0b:04:23:6c:63:f2:94:e6:8d:a2:d9:f8:e7:38: 50:e6:99:df:94:80:49:7b:5b:42:a6:5f:ea:fc:91: c6:c3:e2:5e:c2:a2:d1:66:ba:d2:a1:e2:0b:9e:e9: 0c:d0:66:d5:fd:f6:88:5b:32:2c:0f:31:b9:b0:2d: 75:c4:f2:aa:c2:ca:be:6a:17:8f:c4:51:18:c9:7f: cf:ab:82:4c:48:c8:3d:a1:16:f2:0d:75:9e:43:fe: 7c:a0:72:fa:b5:da:f2:64:2f:22:0c:4a:9f:84:12: 64:1d:5f:d1:ca:30:3b:90:91:d0:01:c7:45:62:17: 2f:dd:9b:7d:ab:63:86:fb:df:e3:7b:a5:98:a7:7a: dd:8e:66:c0:0d:63:6c:ee:6b:b6:90:55:06:46:15: 5c:ff:04:9c:35:67:bd:71:ef:d4:9c:63:b9:4b:fd: ad:af:96:60:43:43:b3:86:ec:be:bf:11:3a:8c:01: 4e:b0:7c:cf:3e:f5:6d:4b:5d:73:41:0e:89:74:12: b2:ef:81:32:7b:55:f4:67:bb:48:42:70:59:bc:4f: a9:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:6D:A7:12:92:61:58:1E:74:95:9F:A5:8E:AA:4B:AE:1F:17:91:04 X509v3 Authority Key Identifier: keyid:4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130372e302f32342d3234203d3e20313439373138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.107.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:d4:94:08:43:99:7d:f8:25:fc:2f:e8:da:f3:24:cb:c4:57: 11:52:bc:6a:e8:e8:af:ca:69:27:1e:b7:85:21:50:d7:af:f6: 4d:1d:40:ac:ad:e0:19:27:bf:39:9c:26:f5:04:4d:eb:d7:c4: 2f:05:94:29:84:1c:00:14:e7:43:0b:12:89:b9:38:1b:9d:ae: 3d:21:ed:a7:dc:dd:5e:44:aa:6b:83:bb:f4:9c:49:ef:e9:a3: 51:bf:7a:a9:72:89:85:7a:e2:c4:8c:ea:ba:b4:d0:c7:22:b5: a0:39:cd:49:71:0f:29:50:ed:41:f4:6e:1c:f9:75:0f:28:27: 66:c6:8e:2a:51:33:77:1b:30:55:28:bd:8e:e4:12:1d:ee:cc: 8c:7b:86:e3:0a:19:09:5a:58:e9:a9:8e:9f:61:b6:97:b9:37: 15:f3:43:76:a1:c3:d0:ad:c4:7b:b1:0b:30:41:b7:b4:77:60: d9:c3:d9:4f:e1:8b:a1:1f:30:19:c1:8e:19:4b:a9:67:b3:03: 05:81:9e:a9:6c:60:94:7d:5b:3a:96:93:05:d6:d9:e6:b2:7e: 2c:d8:4f:5d:b5:3c:1e:c6:3b:ef:0b:6b:ed:47:db:b5:de:ad: 81:1a:b5:f9:9b:39:2b:83:25:bb:20:df:0e:c3:7d:76:16:4f: b6:21:97:bc -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUDOOfoU5pBttMAR+jAiRb65FiTgcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3 RkMzODc4NzAeFw0yNTAyMjgyMjU1MDFaFw0yNjAyMjcyMzAwMDFaMDMxMTAvBgNV BAMTKDBFNkRBNzEyOTI2MTU4MUU3NDk1OUZBNThFQUE0QkFFMUYxNzkxMDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNMqNFqFNESLfciOf1sv5SM9e1 Ut4hCbDYbydNgWlftxur5IdC8RSW5kYWncgLBCNsY/KU5o2i2fjnOFDmmd+UgEl7 W0KmX+r8kcbD4l7CotFmutKh4gue6QzQZtX99ohbMiwPMbmwLXXE8qrCyr5qF4/E URjJf8+rgkxIyD2hFvINdZ5D/nygcvq12vJkLyIMSp+EEmQdX9HKMDuQkdABx0Vi Fy/dm32rY4b73+N7pZinet2OZsANY2zua7aQVQZGFVz/BJw1Z71x79ScY7lL/a2v lmBDQ7OG7L6/ETqMAU6wfM8+9W1LXXNBDol0ErLvgTJ7VfRnu0hCcFm8T6lBAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUDm2nEpJhWB50lZ+ljqpLrh8XkQQwHwYDVR0j BBgwFoAUS/HcwLzFsaS2vlJqdf8zOX/Dh4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ZDI1NDQxOS01M2JlLTRhZDQtYmY3Zi0yOWY4OTEyNTIzZDAvMC80QkYxRENDMEJD QzVCMUE0QjZCRTUyNkE3NUZGMzMzOTdGQzM4Nzg3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3RkMz ODc4Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMDM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNDM5MzczMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xlrMA0GCSqG SIb3DQEBCwUAA4IBAQAr1JQIQ5l9+CX8L+ja8yTLxFcRUrxq6OivymknHreFIVDX r/ZNHUCsreAZJ785nCb1BE3r18QvBZQphBwAFOdDCxKJuTgbna49Ie2n3N1eRKpr g7v0nEnv6aNRv3qpcomFeuLEjOq6tNDHIrWgOc1JcQ8pUO1B9G4c+XUPKCdmxo4q UTN3GzBVKL2O5BId7syMe4bjChkJWljpqY6fYbaXuTcV80N2ocPQrcR7sQswQbe0 d2DZw9lP4YuhHzAZwY4ZS6lnswMFgZ6pbGCUfVs6lpMF1tnmsn4s2E9dtTwexjvv C2vtR9u13q2BGrX5mzkrgyW7IN8Ow312Fk+2IZe8 -----END CERTIFICATE-----Generated at Thu Apr 10 05:14:15 2025 by rpki-client