$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa File: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (raw, json) Hash identifier: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA= Subject key identifier: EF:36:21:A9:1B:16:7F:7C:73:B9:96:D0:7D:A8:E7:C4:01:0F:38:73 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 37379117103026481719FC262D1178A5EF87351E Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa Signing time: Mon 02 Jun 2025 02:04:44 +0000 ROA not before: Mon 02 Jun 2025 01:59:44 +0000 ROA not after: Mon 01 Jun 2026 02:04:44 +0000 asID: 24532 IP address blocks: 202.129.184.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 18:39:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:37:91:17:10:30:26:48:17:19:fc:26:2d:11:78:a5:ef:87:35:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Jun 2 01:59:44 2025 GMT Not After : Jun 1 02:04:44 2026 GMT Subject: CN=EF3621A91B167F7C73B996D07DA8E7C4010F3873 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:c6:5e:90:82:42:06:c9:44:0b:c8:d0:dd:ff: 1b:f0:89:6c:09:92:2c:47:63:82:14:df:c8:05:5f: aa:9e:5e:09:2f:84:6d:55:4f:7a:75:24:a8:43:7e: 4a:f2:e9:74:d0:c4:6b:d2:a8:a9:0b:30:e2:cd:7f: 96:07:3b:87:38:15:9c:f2:2b:c7:27:d2:2d:5e:5b: 4f:52:39:7b:99:d3:6b:30:6e:e1:60:99:e2:00:66: a2:eb:1d:50:77:a2:5e:77:10:09:90:cb:e2:f5:47: 40:b3:cb:f5:85:9b:10:99:08:30:f7:e6:e7:ee:9c: fa:8b:58:a2:ff:19:dc:b1:b0:f6:20:c7:7d:b4:77: 5a:04:a8:20:ad:6e:d9:67:26:17:33:e1:89:34:af: 53:40:fe:39:e6:9c:78:29:d1:62:ec:c6:67:d1:06: 4c:c3:01:18:37:61:66:3c:c8:df:7a:4f:69:d1:7f: 06:8d:87:4c:31:04:d1:34:0d:ff:98:7a:09:8e:2e: 02:fd:3a:3b:1d:77:2c:97:25:6f:48:ef:8e:31:1e: 09:48:fe:93:74:54:20:eb:09:51:b9:c6:b1:ad:2a: 46:47:1d:ca:9e:41:54:3d:b2:1e:b6:d7:68:73:ae: c8:77:ad:1d:d6:52:2a:42:84:5a:fb:59:61:52:9a: e8:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:36:21:A9:1B:16:7F:7C:73:B9:96:D0:7D:A8:E7:C4:01:0F:38:73 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.129.184.0/22 Signature Algorithm: sha256WithRSAEncryption 8c:cd:9d:dd:7d:09:98:ec:e3:bb:30:24:14:81:f0:fd:94:5b: cb:a1:0d:c5:06:d7:30:85:b0:79:5b:ae:78:c4:38:7d:74:5b: aa:db:f5:4d:98:c7:9f:20:97:a5:05:4a:9d:69:d2:f5:86:5e: de:b9:35:e2:97:16:77:39:4a:41:c7:1b:fc:1c:49:72:9d:60: 2d:b6:94:a7:58:48:b9:96:64:ce:47:71:82:7e:fe:d2:b0:b1: a4:c4:ba:39:0c:07:42:df:b6:b0:5c:f3:22:54:d5:31:72:a2: eb:a0:4e:0c:d2:d6:fa:cf:d8:8f:8a:c2:86:89:68:1e:28:19: 90:8a:a1:f7:9a:d6:52:44:ab:d5:90:db:3c:a5:a1:67:5a:db: 75:53:0b:9e:f5:62:a9:26:1e:07:bd:03:ef:22:3d:79:1a:cb: 81:db:b5:41:4d:54:51:b9:12:1a:54:c8:cc:58:db:4e:1d:17: 2d:7f:2b:89:d6:3e:85:5a:07:0b:4f:29:4e:ec:cc:38:82:06: cc:2f:5e:d5:e7:12:45:a4:7e:60:79:5d:51:bb:e6:a4:9b:6d: 72:7a:9f:cf:ad:45:56:b7:2a:bd:45:bd:05:88:35:4f:0d:6e: 50:6b:ec:bc:1d:d2:d7:9a:29:7f:f5:20:d3:71:13:b5:7d:af: b1:c4:a9:82 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUNzeRFxAwJkgXGfwmLRF4pe+HNR4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA2MDIwMTU5NDRaFw0yNjA2MDEwMjA0NDRaMDMxMTAvBgNV BAMTKEVGMzYyMUE5MUIxNjdGN0M3M0I5OTZEMDdEQThFN0M0MDEwRjM4NzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0xl6QgkIGyUQLyNDd/xvwiWwJ kixHY4IU38gFX6qeXgkvhG1VT3p1JKhDfkry6XTQxGvSqKkLMOLNf5YHO4c4FZzy K8cn0i1eW09SOXuZ02swbuFgmeIAZqLrHVB3ol53EAmQy+L1R0Czy/WFmxCZCDD3 5ufunPqLWKL/GdyxsPYgx320d1oEqCCtbtlnJhcz4Yk0r1NA/jnmnHgp0WLsxmfR BkzDARg3YWY8yN96T2nRfwaNh0wxBNE0Df+YegmOLgL9OjsddyyXJW9I744xHglI /pN0VCDrCVG5xrGtKkZHHcqeQVQ9sh6212hzrsh3rR3WUipChFr7WWFSmuh7AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU7zYhqRsWf3xzuZbQfajnxAEPOHMwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk0M2UyZTY3LWExNzEtNGQ5ZS1h OTM1LTQwNjkwMmIxZTEzYi8wLzMyMzAzMjJlMzEzMjM5MmUzMTM4MzQyZTMwMmYz MjMyMmQzMjM0MjAzZDNlMjAzMjM0MzUzMzMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyoG4MA0GCSqG SIb3DQEBCwUAA4IBAQCMzZ3dfQmY7OO7MCQUgfD9lFvLoQ3FBtcwhbB5W654xDh9 dFuq2/VNmMefIJelBUqdadL1hl7euTXilxZ3OUpBxxv8HElynWAttpSnWEi5lmTO R3GCfv7SsLGkxLo5DAdC37awXPMiVNUxcqLroE4M0tb6z9iPisKGiWgeKBmQiqH3 mtZSRKvVkNs8paFnWtt1Uwue9WKpJh4HvQPvIj15GsuB27VBTVRRuRIaVMjMWNtO HRctfyuJ1j6FWgcLTylO7Mw4ggbML17V5xJFpH5geV1Ru+akm21yep/PrUVWtyq9 Rb0FiDVPDW5Qa+y8HdLXmil/9SDTcRO1fa+xxKmC -----END CERTIFICATE-----Generated at Thu Jun 5 18:20:50 2025 by rpki-client