$ rpki-client -vvf repo-rpki.idnic.net/repo/9ed955c8-e6d3-49c2-abd8-e0f92c081247/0/3132342e3135382e3134342e302f32302d3234203d3e203137393935.roa File: 3132342e3135382e3134342e302f32302d3234203d3e203137393935.roa (raw, json) Hash identifier: zsg0MYUUul8ZWAz6HoeSnMP9CkNtx4CP6l+n2iyt5ns= Subject key identifier: D2:30:DB:DC:14:AE:B5:9F:9E:4D:64:50:AF:BD:08:84:54:81:F3:12 Certificate issuer: /CN=3EDBB7844714C545CED724120ED0E5A34EFB45EE Certificate serial: 29E50D73AB2AB384AAD185AE49DC038194AFBF0B Authority key identifier: 3E:DB:B7:84:47:14:C5:45:CE:D7:24:12:0E:D0:E5:A3:4E:FB:45:EE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3EDBB7844714C545CED724120ED0E5A34EFB45EE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9ed955c8-e6d3-49c2-abd8-e0f92c081247/0/3132342e3135382e3134342e302f32302d3234203d3e203137393935.roa Signing time: Mon 02 Jun 2025 02:04:33 +0000 ROA not before: Mon 02 Jun 2025 01:59:33 +0000 ROA not after: Mon 01 Jun 2026 02:04:33 +0000 asID: 17995 IP address blocks: 124.158.144.0/20 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9ed955c8-e6d3-49c2-abd8-e0f92c081247/0/3EDBB7844714C545CED724120ED0E5A34EFB45EE.crl rsync://repo-rpki.idnic.net/repo/9ed955c8-e6d3-49c2-abd8-e0f92c081247/0/3EDBB7844714C545CED724120ED0E5A34EFB45EE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3EDBB7844714C545CED724120ED0E5A34EFB45EE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 21:14:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:e5:0d:73:ab:2a:b3:84:aa:d1:85:ae:49:dc:03:81:94:af:bf:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3EDBB7844714C545CED724120ED0E5A34EFB45EE Validity Not Before: Jun 2 01:59:33 2025 GMT Not After : Jun 1 02:04:33 2026 GMT Subject: CN=D230DBDC14AEB59F9E4D6450AFBD08845481F312 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:47:45:ca:db:5a:84:b7:23:58:1d:f9:0a:71: cf:87:04:db:9f:eb:27:28:65:b9:4d:96:d8:31:42: d2:c2:ec:69:c3:95:87:fc:93:3a:01:37:f7:d7:46: 66:e7:0c:0e:e4:11:d9:02:3c:ef:cf:19:7b:e1:93: 5e:63:fc:c4:b0:ab:cb:68:b5:27:e4:1e:9e:dc:43: 87:22:09:99:03:b1:88:16:ba:16:1a:4d:32:74:c9: b9:9c:57:42:e3:e5:49:65:51:56:2c:73:66:f0:9a: 13:25:3e:60:b7:a9:66:21:db:a4:5c:85:47:8c:07: 05:23:36:e3:0c:0f:ff:46:ae:f2:77:0e:b7:b0:10: 1d:3b:0e:a0:b6:cc:68:57:ba:5e:92:01:60:1a:56: 0d:b8:55:8d:23:37:c3:c5:ff:cb:af:33:29:e6:79: ea:08:11:72:27:7c:26:dd:e7:9f:7f:67:53:cd:66: 6e:cd:af:9f:4f:35:0b:d8:b2:98:bd:35:77:1e:1c: 8c:53:98:12:cd:63:51:f8:54:a8:5d:f7:b8:ee:d0: a2:ff:25:be:01:b1:a6:3e:83:d5:d4:ad:9f:1a:97: f1:5d:02:1c:b1:9e:4d:9a:31:73:c8:04:f1:3b:0b: 60:e9:94:b0:c4:18:c8:0d:c6:17:04:67:e2:b2:97: 29:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:30:DB:DC:14:AE:B5:9F:9E:4D:64:50:AF:BD:08:84:54:81:F3:12 X509v3 Authority Key Identifier: keyid:3E:DB:B7:84:47:14:C5:45:CE:D7:24:12:0E:D0:E5:A3:4E:FB:45:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9ed955c8-e6d3-49c2-abd8-e0f92c081247/0/3EDBB7844714C545CED724120ED0E5A34EFB45EE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3EDBB7844714C545CED724120ED0E5A34EFB45EE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9ed955c8-e6d3-49c2-abd8-e0f92c081247/0/3132342e3135382e3134342e302f32302d3234203d3e203137393935.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 124.158.144.0/20 Signature Algorithm: sha256WithRSAEncryption 0e:29:49:a0:fd:46:80:95:e9:06:ab:56:11:97:f0:4b:c1:91: c2:35:fd:be:c9:45:33:62:20:b1:69:c9:b2:16:27:92:6b:c0: 7c:75:b1:9e:25:df:7c:b0:dd:6f:d7:0f:51:45:b2:e4:a0:e9: 85:57:76:95:92:3b:de:e0:94:de:7a:c7:5e:a0:aa:6c:a1:87: aa:ae:12:33:20:98:0a:22:9e:b0:47:46:7e:2e:a8:c7:94:0c: 49:61:c3:57:0f:26:6e:a8:11:2a:f3:14:2e:2e:37:45:6e:4a: d7:c6:c9:8c:ee:78:d0:25:6c:33:24:a8:80:90:e6:76:f3:f8: 43:ca:89:cd:32:46:88:43:0c:64:3a:a7:20:20:e0:d3:3c:ec: 25:c4:f7:01:1f:22:8a:50:bd:13:3d:be:29:9d:99:8b:28:c0: 69:05:33:ea:a2:2f:2d:35:e8:db:74:03:d7:45:3a:c5:97:ac: 5d:d4:93:26:e9:b8:e9:31:c2:a1:89:31:ba:ae:c5:af:b2:33: 4f:42:8c:95:4b:cf:c6:e1:c5:93:61:69:74:e8:02:87:5b:7f: 66:05:e0:fa:5b:e7:90:96:b4:4e:1e:ab:24:2d:75:58:4a:f3: 9e:74:3a:9f:95:77:01:6a:25:2e:83:eb:68:86:c0:2b:0e:c2: 03:0a:4c:dd -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUKeUNc6sqs4Sq0YWuSdwDgZSvvwswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0VEQkI3ODQ0NzE0QzU0NUNFRDcyNDEyMEVEMEU1QTM0 RUZCNDVFRTAeFw0yNTA2MDIwMTU5MzNaFw0yNjA2MDEwMjA0MzNaMDMxMTAvBgNV BAMTKEQyMzBEQkRDMTRBRUI1OUY5RTRENjQ1MEFGQkQwODg0NTQ4MUYzMTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRR0XK21qEtyNYHfkKcc+HBNuf 6ycoZblNltgxQtLC7GnDlYf8kzoBN/fXRmbnDA7kEdkCPO/PGXvhk15j/MSwq8to tSfkHp7cQ4ciCZkDsYgWuhYaTTJ0ybmcV0Lj5UllUVYsc2bwmhMlPmC3qWYh26Rc hUeMBwUjNuMMD/9GrvJ3DrewEB07DqC2zGhXul6SAWAaVg24VY0jN8PF/8uvMynm eeoIEXInfCbd559/Z1PNZm7Nr59PNQvYspi9NXceHIxTmBLNY1H4VKhd97ju0KL/ Jb4BsaY+g9XUrZ8al/FdAhyxnk2aMXPIBPE7C2DplLDEGMgNxhcEZ+KylykzAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU0jDb3BSutZ+eTWRQr70IhFSB8xIwHwYDVR0j BBgwFoAUPtu3hEcUxUXO1yQSDtDlo077Re4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 ZWQ5NTVjOC1lNmQzLTQ5YzItYWJkOC1lMGY5MmMwODEyNDcvMC8zRURCQjc4NDQ3 MTRDNTQ1Q0VENzI0MTIwRUQwRTVBMzRFRkI0NUVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0VEQkI3ODQ0NzE0QzU0NUNFRDcyNDEyMEVEMEU1QTM0RUZC NDVFRS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzllZDk1NWM4LWU2ZDMtNDljMi1h YmQ4LWUwZjkyYzA4MTI0Ny8wLzMxMzIzNDJlMzEzNTM4MmUzMTM0MzQyZTMwMmYz MjMwMmQzMjM0MjAzZDNlMjAzMTM3MzkzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEfJ6QMA0GCSqG SIb3DQEBCwUAA4IBAQAOKUmg/UaAlekGq1YRl/BLwZHCNf2+yUUzYiCxacmyFieS a8B8dbGeJd98sN1v1w9RRbLkoOmFV3aVkjve4JTeesdeoKpsoYeqrhIzIJgKIp6w R0Z+LqjHlAxJYcNXDyZuqBEq8xQuLjdFbkrXxsmM7njQJWwzJKiAkOZ28/hDyonN MkaIQwxkOqcgIODTPOwlxPcBHyKKUL0TPb4pnZmLKMBpBTPqoi8tNejbdAPXRTrF l6xd1JMm6bjpMcKhiTG6rsWvsjNPQoyVS8/G4cWTYWl06AKHW39mBeD6W+eQlrRO HqskLXVYSvOedDqflXcBaiUug+tohsArDsIDCkzd -----END CERTIFICATE-----Generated at Thu Jun 5 19:45:28 2025 by rpki-client