$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa File: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (raw, json) Hash identifier: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ= Subject key identifier: 00:C5:68:35:AB:0C:86:FF:A6:0C:95:E9:82:A2:D0:12:1C:84:78:D6 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 311E77B3691E859E636124F27BCC1612593B8035 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa Signing time: Mon 02 Jun 2025 02:04:45 +0000 ROA not before: Mon 02 Jun 2025 01:59:45 +0000 ROA not after: Mon 01 Jun 2026 02:04:45 +0000 asID: 24532 IP address blocks: 103.245.180.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 18:39:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:1e:77:b3:69:1e:85:9e:63:61:24:f2:7b:cc:16:12:59:3b:80:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Jun 2 01:59:45 2025 GMT Not After : Jun 1 02:04:45 2026 GMT Subject: CN=00C56835AB0C86FFA60C95E982A2D0121C8478D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:d3:63:b9:fb:7e:2a:69:87:2e:ab:fa:ae:56: ea:59:ea:1a:43:40:f2:7b:8b:9c:7f:8a:ca:0a:48: 00:49:61:d6:34:3a:21:57:66:22:bd:30:54:97:3b: 60:2a:f6:98:00:a9:e4:56:7e:80:c8:0a:70:e3:c7: 4b:80:a9:28:57:cb:4d:34:b3:fc:fa:b6:16:c0:9c: 48:41:7f:76:b4:ac:3a:45:c2:fd:d4:51:7d:f4:d8: 97:d3:7b:e3:7a:62:9a:e8:d2:0a:9a:22:67:ff:79: fb:a4:25:66:9b:d7:8d:a2:1d:18:9c:48:79:05:97: 7e:a5:b8:61:0f:90:39:78:36:19:6c:12:61:e8:46: d6:9e:24:77:1e:a9:4d:30:3a:bf:d7:84:3d:f3:77: 42:79:44:10:f5:63:87:d2:25:a0:2e:a7:a7:8d:45: 93:dd:1a:61:56:00:04:f7:63:51:11:33:08:a3:98: 08:a7:b6:24:94:0f:75:25:81:5a:7f:20:59:d5:ac: 7e:29:49:cd:d5:ce:2c:28:00:f8:57:52:70:53:db: a8:eb:88:73:29:95:a6:55:bc:39:d8:b2:10:52:02: 2a:37:a2:ca:8c:66:e4:a0:5b:d6:88:e9:7f:43:65: fb:18:bd:0d:90:5d:c9:aa:bb:aa:5c:e3:a7:71:06: 95:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:C5:68:35:AB:0C:86:FF:A6:0C:95:E9:82:A2:D0:12:1C:84:78:D6 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.245.180.0/22 Signature Algorithm: sha256WithRSAEncryption 36:fa:d6:55:b8:e9:26:d2:07:7d:a8:0c:58:10:a0:4e:cf:67: 2e:ce:7a:b4:89:24:8c:81:fc:7a:d9:92:f4:47:b0:a3:be:3a: c9:04:59:8a:41:7d:d2:ff:36:b6:c3:70:dd:3d:a5:06:35:06: b2:37:2e:ea:d1:4f:60:94:e7:f8:96:c2:9b:e4:eb:13:01:04: ab:cc:c3:d8:de:ba:f8:42:a9:72:73:18:44:e4:57:dc:c5:3e: fb:71:5a:d0:d9:12:8e:db:03:e9:60:0e:eb:0a:4f:bd:e6:7a: 0f:0a:d7:62:c7:82:a0:98:6f:31:41:93:bb:20:c1:90:96:70: f9:74:54:0b:d4:63:d6:3f:40:9b:17:37:54:5b:d1:6e:a7:86: c3:52:cb:fc:33:18:ab:d1:11:d4:ea:b3:52:f9:07:37:05:74: 47:73:88:24:9e:f6:21:79:92:96:7b:c9:4a:9e:4d:bb:e7:43: 71:d9:0b:c7:40:4f:1c:f3:bc:87:7e:dd:39:ca:af:ca:01:d1: 34:28:5c:8a:05:17:1b:d8:ef:b1:26:af:16:78:86:6a:77:ae: d3:ba:f8:30:05:62:d2:c8:33:c8:f8:e6:f9:c1:b4:8c:60:70: 35:7e:b5:9a:49:82:d8:e6:97:5c:16:e0:0d:28:96:eb:f5:6a: db:47:2a:91 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUMR53s2kehZ5jYSTye8wWElk7gDUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA2MDIwMTU5NDVaFw0yNjA2MDEwMjA0NDVaMDMxMTAvBgNV BAMTKDAwQzU2ODM1QUIwQzg2RkZBNjBDOTVFOTgyQTJEMDEyMUM4NDc4RDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp02O5+34qaYcuq/quVupZ6hpD QPJ7i5x/isoKSABJYdY0OiFXZiK9MFSXO2Aq9pgAqeRWfoDICnDjx0uAqShXy000 s/z6thbAnEhBf3a0rDpFwv3UUX302JfTe+N6Ypro0gqaImf/efukJWab142iHRic SHkFl36luGEPkDl4NhlsEmHoRtaeJHceqU0wOr/XhD3zd0J5RBD1Y4fSJaAup6eN RZPdGmFWAAT3Y1ERMwijmAintiSUD3UlgVp/IFnVrH4pSc3VziwoAPhXUnBT26jr iHMplaZVvDnYshBSAio3osqMZuSgW9aI6X9DZfsYvQ2QXcmqu6pc46dxBpW9AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUAMVoNasMhv+mDJXpgqLQEhyEeNYwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk0M2UyZTY3LWExNzEtNGQ5ZS1h OTM1LTQwNjkwMmIxZTEzYi8wLzMxMzAzMzJlMzIzNDM1MmUzMTM4MzAyZTMwMmYz MjMyMmQzMjM0MjAzZDNlMjAzMjM0MzUzMzMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ/W0MA0GCSqG SIb3DQEBCwUAA4IBAQA2+tZVuOkm0gd9qAxYEKBOz2cuznq0iSSMgfx62ZL0R7Cj vjrJBFmKQX3S/za2w3DdPaUGNQayNy7q0U9glOf4lsKb5OsTAQSrzMPY3rr4Qqly cxhE5FfcxT77cVrQ2RKO2wPpYA7rCk+95noPCtdix4KgmG8xQZO7IMGQlnD5dFQL 1GPWP0CbFzdUW9Fup4bDUsv8Mxir0RHU6rNS+Qc3BXRHc4gknvYheZKWe8lKnk27 50Nx2QvHQE8c87yHft05yq/KAdE0KFyKBRcb2O+xJq8WeIZqd67TuvgwBWLSyDPI +Ob5wbSMYHA1frWaSYLY5pdcFuANKJbr9WrbRyqR -----END CERTIFICATE-----Generated at Thu Jun 5 18:30:41 2025 by rpki-client