$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3131392e3233352e31362e302f32302d3234203d3e203234353332.roa File: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (raw, json) Hash identifier: lTPGED6Euas+yMtjFiZeN4ZQaRI9ugutG6SYSfzJsJs= Subject key identifier: C9:A1:68:C2:70:50:38:27:9D:6C:5C:F5:FA:D0:62:32:54:5D:38:22 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 65C8739542CCEBC44512A44D92568A92EAE679C7 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3131392e3233352e31362e302f32302d3234203d3e203234353332.roa Signing time: Mon 01 Jul 2024 01:05:46 +0000 ROA not before: Mon 01 Jul 2024 01:00:46 +0000 ROA not after: Mon 30 Jun 2025 01:05:46 +0000 asID: 24532 IP address blocks: 119.235.16.0/20 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Nov 2024 06:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:c8:73:95:42:cc:eb:c4:45:12:a4:4d:92:56:8a:92:ea:e6:79:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Jul 1 01:00:46 2024 GMT Not After : Jun 30 01:05:46 2025 GMT Subject: CN=C9A168C2705038279D6C5CF5FAD06232545D3822 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ff:69:cd:d5:b4:ba:70:de:6c:b9:55:9c:57: 63:1d:62:a3:b1:8a:59:2f:46:08:11:8b:2b:18:7f: 9d:e7:4b:60:56:0e:bd:a2:a1:2d:b3:d8:f5:97:10: 14:8e:0a:e5:d7:74:18:74:e7:ae:88:d3:e4:28:87: 08:35:fd:a0:09:98:3b:cc:9e:2a:13:c6:b6:6e:a5: 74:e0:cc:b9:be:fb:65:d2:9f:a1:a6:f6:98:a6:a2: 00:b4:3a:d8:e9:24:9e:61:7e:70:3d:3b:e4:0f:d9: d5:b5:e6:3a:a5:05:d3:79:39:f5:6c:18:6b:3c:eb: c3:1b:1d:f0:4e:0b:4b:f3:f3:16:8a:84:45:c3:4d: bc:9f:7d:1f:4c:5a:68:b1:0a:59:1a:b9:d7:a3:72: e5:6c:0d:d1:4d:6c:0b:a0:3d:35:d5:db:06:70:74: dc:0d:2f:c2:49:d3:26:ef:2b:c7:84:7f:e1:bb:11: 9f:3e:19:7a:db:8e:4f:19:5b:95:3c:21:d3:bf:82: 4d:42:43:20:bb:41:ae:2e:77:6d:af:89:1f:6e:4b: 40:bb:4f:dd:14:47:14:9a:31:e9:04:16:5e:a5:6b: 91:a8:a2:da:8b:69:5b:d3:cc:36:43:ed:3b:36:bf: 72:d7:2a:d1:eb:ef:59:57:4e:09:05:12:0b:86:3d: e6:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:A1:68:C2:70:50:38:27:9D:6C:5C:F5:FA:D0:62:32:54:5D:38:22 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3131392e3233352e31362e302f32302d3234203d3e203234353332.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 119.235.16.0/20 Signature Algorithm: sha256WithRSAEncryption 0c:24:47:9c:b9:28:1d:94:b3:b2:84:fd:64:13:60:11:df:1b: 7a:db:f3:01:38:f4:8b:37:f7:b2:7a:37:fa:fb:23:c4:da:64: 40:02:e4:08:65:2f:5f:00:ac:de:1a:c9:a4:01:b8:27:8e:d0: 75:10:52:27:04:40:29:66:9b:35:3a:73:5e:53:e4:55:0f:c3: fd:d1:2e:bc:3a:26:da:7d:22:5b:dd:79:da:3b:ab:5a:12:ce: 65:3c:dd:98:93:11:ad:71:db:f0:19:3c:68:67:17:f4:d9:07: 27:82:5d:4f:de:ad:d8:26:4d:57:03:25:27:6b:6c:46:70:d6: 15:f1:b6:99:1e:b2:16:53:72:d9:fc:0d:a8:89:dc:49:48:d9: 55:6f:9f:25:4c:3f:05:b1:57:0e:c7:75:fa:25:14:0d:f5:0a: ff:85:ee:57:d3:fd:53:6f:83:81:72:fa:c5:a3:7b:54:30:2f: df:c9:c6:36:de:15:6c:2e:27:47:dc:8d:21:ba:97:e7:eb:9d: fe:e9:f1:4c:b9:d4:5a:1d:eb:f8:b6:0a:c6:33:63:e8:49:2a: 65:d7:70:0e:50:b1:de:2f:7f:23:c4:c4:b4:45:f0:40:b5:86: 09:de:c2:b0:45:58:78:ee:9f:d3:7b:fd:fd:c5:8c:dd:9d:ae: 68:bc:14:80 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUZchzlULM68RFEqRNklaKkurmeccwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNDA3MDEwMTAwNDZaFw0yNTA2MzAwMTA1NDZaMDMxMTAvBgNV BAMTKEM5QTE2OEMyNzA1MDM4Mjc5RDZDNUNGNUZBRDA2MjMyNTQ1RDM4MjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5/2nN1bS6cN5suVWcV2MdYqOx ilkvRggRiysYf53nS2BWDr2ioS2z2PWXEBSOCuXXdBh0566I0+Qohwg1/aAJmDvM nioTxrZupXTgzLm++2XSn6Gm9pimogC0OtjpJJ5hfnA9O+QP2dW15jqlBdN5OfVs GGs868MbHfBOC0vz8xaKhEXDTbyffR9MWmixClkaudejcuVsDdFNbAugPTXV2wZw dNwNL8JJ0ybvK8eEf+G7EZ8+GXrbjk8ZW5U8IdO/gk1CQyC7Qa4ud22viR9uS0C7 T90URxSaMekEFl6la5GootqLaVvTzDZD7Ts2v3LXKtHr71lXTgkFEguGPeblAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUyaFownBQOCedbFz1+tBiMlRdOCIwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk0M2UyZTY3LWExNzEtNGQ5ZS1h OTM1LTQwNjkwMmIxZTEzYi8wLzMxMzEzOTJlMzIzMzM1MmUzMTM2MmUzMDJmMzIz MDJkMzIzNDIwM2QzZTIwMzIzNDM1MzMzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHfrEDANBgkqhkiG 9w0BAQsFAAOCAQEADCRHnLkoHZSzsoT9ZBNgEd8betvzATj0izf3sno3+vsjxNpk QALkCGUvXwCs3hrJpAG4J47QdRBSJwRAKWabNTpzXlPkVQ/D/dEuvDom2n0iW915 2jurWhLOZTzdmJMRrXHb8Bk8aGcX9NkHJ4JdT96t2CZNVwMlJ2tsRnDWFfG2mR6y FlNy2fwNqIncSUjZVW+fJUw/BbFXDsd1+iUUDfUK/4XuV9P9U2+DgXL6xaN7VDAv 38nGNt4VbC4nR9yNIbqX5+ud/unxTLnUWh3r+LYKxjNj6EkqZddwDlCx3i9/I8TE tEXwQLWGCd7CsEVYeO6f03v9/cWM3Z2uaLwUgA== -----END CERTIFICATE-----Generated at Thu Nov 21 07:38:03 2024 by rpki-client on console-ams.rpki-client.org