$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/34332e3232392e3230342e302f32322d3234203d3e203234353332.roa File: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (raw, json) Hash identifier: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ= Subject key identifier: A4:9C:FA:F7:D3:B5:76:E5:91:D8:A0:EF:B3:68:FF:D1:E6:F8:BD:4A Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 164FD9D1115BB74239AF289A8498FB0A56A51CFA Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/34332e3232392e3230342e302f32322d3234203d3e203234353332.roa Signing time: Mon 02 Jun 2025 02:04:44 +0000 ROA not before: Mon 02 Jun 2025 01:59:44 +0000 ROA not after: Mon 01 Jun 2026 02:04:44 +0000 asID: 24532 IP address blocks: 43.229.204.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 18:39:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:4f:d9:d1:11:5b:b7:42:39:af:28:9a:84:98:fb:0a:56:a5:1c:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Jun 2 01:59:44 2025 GMT Not After : Jun 1 02:04:44 2026 GMT Subject: CN=A49CFAF7D3B576E591D8A0EFB368FFD1E6F8BD4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:56:7e:63:3e:b8:f2:38:01:59:a2:60:06:51: b4:eb:54:8a:68:d3:b8:79:5a:30:c4:e0:55:45:83: 5f:c9:e6:27:fe:b6:e5:bb:47:8e:87:25:50:78:64: a4:e9:43:21:2a:b3:62:2f:6b:07:00:31:23:89:ea: 88:0f:3a:7d:d5:6b:46:38:f2:cc:5c:f1:cc:50:c6: 58:90:c3:af:89:e3:96:a9:66:23:86:6a:42:38:44: 75:49:6c:f2:89:cf:32:7c:52:0b:cd:22:74:58:2d: 0a:88:ab:7a:3f:1c:71:b2:67:2e:91:14:77:47:ea: 48:c1:11:b6:c3:60:52:a8:19:17:63:30:e4:c2:11: e9:6d:b1:a5:c0:d8:c0:17:2a:ac:db:b6:00:76:3d: 04:eb:7c:ff:31:e6:b5:87:5c:2a:41:bb:ef:c9:42: a7:b0:95:46:51:3d:c5:7d:8e:78:36:6a:83:ea:7b: e9:36:6a:36:e3:8e:35:33:d2:39:bc:de:bb:d8:86: 7c:ff:58:6f:bf:83:55:18:93:d9:19:15:8b:5d:f4: 9d:9d:99:59:18:8f:02:c3:52:14:53:4a:46:44:84: 16:50:44:26:2c:64:03:c3:45:d5:6a:69:f7:84:7f: 7d:e6:04:54:c7:e0:a8:0d:08:52:c6:9c:65:a4:30: 13:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:9C:FA:F7:D3:B5:76:E5:91:D8:A0:EF:B3:68:FF:D1:E6:F8:BD:4A X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/34332e3232392e3230342e302f32322d3234203d3e203234353332.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.229.204.0/22 Signature Algorithm: sha256WithRSAEncryption b1:00:51:aa:12:cc:86:16:a3:9f:f1:03:b9:8e:5d:61:e6:2d: aa:cf:47:15:5e:be:46:cf:04:e8:1d:da:50:aa:2a:e0:7f:e3: 20:90:19:9f:21:0d:77:1c:8c:3d:32:74:49:a0:36:31:55:21: 1e:45:be:66:20:ae:bb:07:dc:fe:2c:7b:ee:b2:09:70:b0:09: 56:34:4f:bb:b0:da:3b:ff:c7:17:a0:a3:f6:bf:c1:4e:c7:b0: 94:4b:6d:fa:be:06:8c:c6:91:d1:ee:ba:d8:ba:cb:82:6b:a5: 04:dc:d0:8c:bd:97:7d:30:58:91:09:b8:6d:5a:53:5c:2a:c7: 75:79:49:9d:a3:ca:21:96:ca:16:ab:fb:63:9c:ea:0f:be:6e: 1a:2b:87:2a:84:c2:6e:a3:5c:33:b9:87:89:1d:6a:2b:e7:f0: 23:5c:bb:e3:f4:43:fe:92:7d:80:ce:99:95:8c:80:4e:7a:39: 83:27:39:3a:c2:5d:08:0c:1e:a8:21:e6:6f:76:bc:9c:ed:1b: 43:a8:da:c6:6b:ea:bb:ce:9e:e5:67:9d:75:ff:27:d0:2b:56: 9f:ac:bd:c3:e3:64:46:d3:54:82:82:f9:91:17:bc:1b:21:f1: ca:b5:02:8c:99:03:68:34:01:8c:1c:8f:37:b1:6d:f3:8e:bf: 1f:c9:71:0a -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUFk/Z0RFbt0I5ryiahJj7ClalHPowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA2MDIwMTU5NDRaFw0yNjA2MDEwMjA0NDRaMDMxMTAvBgNV BAMTKEE0OUNGQUY3RDNCNTc2RTU5MUQ4QTBFRkIzNjhGRkQxRTZGOEJENEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVn5jPrjyOAFZomAGUbTrVIpo 07h5WjDE4FVFg1/J5if+tuW7R46HJVB4ZKTpQyEqs2IvawcAMSOJ6ogPOn3Va0Y4 8sxc8cxQxliQw6+J45apZiOGakI4RHVJbPKJzzJ8UgvNInRYLQqIq3o/HHGyZy6R FHdH6kjBEbbDYFKoGRdjMOTCEeltsaXA2MAXKqzbtgB2PQTrfP8x5rWHXCpBu+/J QqewlUZRPcV9jng2aoPqe+k2ajbjjjUz0jm83rvYhnz/WG+/g1UYk9kZFYtd9J2d mVkYjwLDUhRTSkZEhBZQRCYsZAPDRdVqafeEf33mBFTH4KgNCFLGnGWkMBOVAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUpJz699O1duWR2KDvs2j/0eb4vUowHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk0M2UyZTY3LWExNzEtNGQ5ZS1h OTM1LTQwNjkwMmIxZTEzYi8wLzM0MzMyZTMyMzIzOTJlMzIzMDM0MmUzMDJmMzIz MjJkMzIzNDIwM2QzZTIwMzIzNDM1MzMzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAivlzDANBgkqhkiG 9w0BAQsFAAOCAQEAsQBRqhLMhhajn/EDuY5dYeYtqs9HFV6+Rs8E6B3aUKoq4H/j IJAZnyENdxyMPTJ0SaA2MVUhHkW+ZiCuuwfc/ix77rIJcLAJVjRPu7DaO//HF6Cj 9r/BTsewlEtt+r4GjMaR0e662LrLgmulBNzQjL2XfTBYkQm4bVpTXCrHdXlJnaPK IZbKFqv7Y5zqD75uGiuHKoTCbqNcM7mHiR1qK+fwI1y74/RD/pJ9gM6ZlYyATno5 gyc5OsJdCAweqCHmb3a8nO0bQ6jaxmvqu86e5Weddf8n0CtWn6y9w+NkRtNUgoL5 kRe8GyHxyrUCjJkDaDQBjByPN7Ft846/H8lxCg== -----END CERTIFICATE-----Generated at Thu Jun 5 18:30:14 2025 by rpki-client