$ rpki-client -vvf repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa File: 3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa (raw, json) Hash identifier: ZqT27QjOP9C+x+HxEBPLWbwm+mlgqdclma4hL/DLOAM= Subject key identifier: 32:B5:BC:98:34:73:BB:9D:0C:B6:53:B4:5D:A0:62:8D:97:6C:DB:89 Certificate issuer: /CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Certificate serial: 48070C696F1655432CB9685B5D8C137FF6544649 Authority key identifier: 4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa Signing time: Tue 04 Feb 2025 08:00:01 +0000 ROA not before: Tue 04 Feb 2025 07:55:01 +0000 ROA not after: Tue 03 Feb 2026 08:00:01 +0000 asID: 141607 IP address blocks: 223.25.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 13:41:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:07:0c:69:6f:16:55:43:2c:b9:68:5b:5d:8c:13:7f:f6:54:46:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Validity Not Before: Feb 4 07:55:01 2025 GMT Not After : Feb 3 08:00:01 2026 GMT Subject: CN=32B5BC983473BB9D0CB653B45DA0628D976CDB89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:92:8f:2b:93:53:f5:de:7f:b2:5c:51:ed:cb: 73:67:38:24:e9:ae:d9:24:2e:fb:1b:e7:65:80:44: fa:37:2f:e4:1c:b8:c4:9b:8e:95:8b:6b:97:f5:e9: 88:67:42:c5:c3:7a:5b:ab:b1:f3:d4:61:b0:be:3c: 0c:b8:c0:d8:60:e4:35:37:22:50:7b:d7:3a:30:be: 46:5b:1f:bd:ad:4f:3f:a2:8c:70:5b:59:07:c7:8b: 0e:7c:ec:ae:2f:2e:20:34:ad:72:eb:0e:7a:c2:ac: c3:c5:fe:79:64:a8:22:d7:bc:9e:f3:93:21:08:15: df:fc:1a:72:90:18:58:ee:d8:ff:4c:ee:3f:05:83: bd:9e:a5:dd:4b:79:5c:81:5d:8a:ce:da:b1:cd:36: ac:b7:7f:ec:57:38:dc:c7:22:fe:5e:b8:cf:cf:cf: fb:52:1d:46:e2:46:53:e7:45:d8:d4:25:c7:c8:63: 3f:eb:0b:9a:75:dd:9e:e9:8d:4e:8a:8e:19:06:ab: c7:c5:33:61:b3:0d:56:a5:ad:b5:c1:05:a0:5b:13: 4f:f5:c5:4c:dd:b9:b6:e0:8d:b9:56:e5:d0:f1:84: d5:1c:0f:3e:67:05:45:af:2f:19:a6:90:b8:e5:b4: 4a:d4:ff:22:bb:3b:4e:94:01:b0:22:2a:b4:a5:6d: 78:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:B5:BC:98:34:73:BB:9D:0C:B6:53:B4:5D:A0:62:8D:97:6C:DB:89 X509v3 Authority Key Identifier: keyid:4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.111.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:44:a7:b3:57:94:d3:c2:46:b1:40:e9:77:5a:d0:21:c9:2c: 12:ed:f1:78:b3:00:1b:37:bc:74:6e:94:97:49:07:70:75:4c: 2e:90:b0:d0:24:ee:77:bd:eb:d7:83:f6:6b:35:77:4d:4d:19: 32:7e:12:cb:56:d0:22:93:5d:c1:9c:f4:b7:d9:45:a6:15:ea: a9:9b:0e:2f:10:5f:9e:31:f4:0c:b0:1f:1f:f5:f1:e9:39:9a: 77:6c:38:62:3d:cd:42:2c:e5:39:6f:6c:73:15:b9:2b:35:cc: 2a:be:6a:95:3e:12:ef:f4:1d:bb:8d:f2:12:dc:d7:fa:c4:80: 39:dc:0c:5c:62:d2:98:f8:c6:10:a2:7f:28:b1:2b:02:ae:68: e4:36:07:dd:6f:26:56:ff:4f:4f:a5:d0:4f:66:fe:00:74:0f: 6e:15:d3:f4:18:c1:c4:be:6b:d6:35:d5:26:e9:89:ee:3f:96: 8c:40:64:cd:f1:1c:17:e8:7f:09:90:ae:74:b5:df:67:57:87: 16:70:7b:0a:f5:c1:13:7f:a8:d8:53:19:38:3d:29:82:d6:da: 9d:c0:0f:01:87:22:33:66:81:4c:b0:bc:25:cc:97:ba:3f:40: 0b:f4:1e:18:22:60:ba:f8:6d:84:9f:bb:c6:d3:7f:6f:5b:4f: 6f:12:36:c9 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUSAcMaW8WVUMsuWhbXYwTf/ZURkkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3 RkMzODc4NzAeFw0yNTAyMDQwNzU1MDFaFw0yNjAyMDMwODAwMDFaMDMxMTAvBgNV BAMTKDMyQjVCQzk4MzQ3M0JCOUQwQ0I2NTNCNDVEQTA2MjhEOTc2Q0RCODkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgko8rk1P13n+yXFHty3NnOCTp rtkkLvsb52WARPo3L+QcuMSbjpWLa5f16YhnQsXDelursfPUYbC+PAy4wNhg5DU3 IlB71zowvkZbH72tTz+ijHBbWQfHiw587K4vLiA0rXLrDnrCrMPF/nlkqCLXvJ7z kyEIFd/8GnKQGFju2P9M7j8Fg72epd1LeVyBXYrO2rHNNqy3f+xXONzHIv5euM/P z/tSHUbiRlPnRdjUJcfIYz/rC5p13Z7pjU6KjhkGq8fFM2GzDValrbXBBaBbE0/1 xUzdubbgjblW5dDxhNUcDz5nBUWvLxmmkLjltErU/yK7O06UAbAiKrSlbXgTAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUMrW8mDRzu50MtlO0XaBijZds24kwHwYDVR0j BBgwFoAUS/HcwLzFsaS2vlJqdf8zOX/Dh4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ZDI1NDQxOS01M2JlLTRhZDQtYmY3Zi0yOWY4OTEyNTIzZDAvMC80QkYxRENDMEJD QzVCMUE0QjZCRTUyNkE3NUZGMzMzOTdGQzM4Nzg3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3RkMz ODc4Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMTMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzYzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xlvMA0GCSqG SIb3DQEBCwUAA4IBAQB6RKezV5TTwkaxQOl3WtAhySwS7fF4swAbN7x0bpSXSQdw dUwukLDQJO53vevXg/ZrNXdNTRkyfhLLVtAik13BnPS32UWmFeqpmw4vEF+eMfQM sB8f9fHpOZp3bDhiPc1CLOU5b2xzFbkrNcwqvmqVPhLv9B27jfIS3Nf6xIA53Axc YtKY+MYQon8osSsCrmjkNgfdbyZW/09PpdBPZv4AdA9uFdP0GMHEvmvWNdUm6Ynu P5aMQGTN8RwX6H8JkK50td9nV4cWcHsK9cETf6jYUxk4PSmC1tqdwA8BhyIzZoFM sLwlzJe6P0AL9B4YImC6+G2En7vG039vW09vEjbJ -----END CERTIFICATE-----Generated at Sun Apr 6 11:03:32 2025 by rpki-client