$ rpki-client -vvf repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/3135372e32302e3132362e302f32332d3234203d3e20313532343130.roa File: 3135372e32302e3132362e302f32332d3234203d3e20313532343130.roa (raw, json) Hash identifier: mIAtzNrfjeKiFzHKpCt4+yI3FhKtEfckYghfutbPb44= Subject key identifier: DE:DF:A3:D5:78:6A:C8:33:0D:A1:C7:88:94:89:68:B1:E0:DD:1C:CC Certificate issuer: /CN=FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623 Certificate serial: 36BD1EBA29840C89C25DCF857C346A14CC60C893 Authority key identifier: FD:7C:5A:44:A3:CA:AF:7C:D1:40:CF:D1:C6:16:22:BA:5E:A2:E6:23 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/3135372e32302e3132362e302f32332d3234203d3e20313532343130.roa Signing time: Thu 27 Feb 2025 04:01:21 +0000 ROA not before: Thu 27 Feb 2025 03:56:21 +0000 ROA not after: Thu 26 Feb 2026 04:01:21 +0000 asID: 152410 IP address blocks: 157.20.126.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 09:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:bd:1e:ba:29:84:0c:89:c2:5d:cf:85:7c:34:6a:14:cc:60:c8:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623 Validity Not Before: Feb 27 03:56:21 2025 GMT Not After : Feb 26 04:01:21 2026 GMT Subject: CN=DEDFA3D5786AC8330DA1C788948968B1E0DD1CCC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6a:32:c3:62:8e:ba:5b:48:75:38:38:49:31: 8a:86:a4:15:91:eb:ef:8d:20:d5:6b:7d:50:90:2c: d5:d7:53:e6:7c:13:3d:1f:4f:e6:05:5b:fc:0a:b7: 99:23:87:50:41:7d:13:0a:c9:d9:aa:16:c2:d6:ec: d4:93:5e:9e:38:5d:44:c5:89:a3:9e:be:42:84:57: c9:7d:7b:a3:72:20:73:b2:09:6d:48:64:15:49:94: ec:81:ba:79:21:4e:50:a9:29:a6:f5:4d:0b:48:78: f8:03:f3:96:c4:67:fb:8e:19:ca:3b:11:e5:21:88: 12:6c:95:37:e3:4e:b6:a7:3b:80:73:64:2b:e4:77: 1a:09:3e:18:8c:b0:dd:08:2c:dc:78:57:29:e1:be: 71:99:63:f3:23:cf:05:5a:41:c2:31:27:d1:70:73: bf:39:ac:29:68:5c:f7:fb:a7:67:94:c2:74:6c:e7: be:1c:84:3b:54:9d:17:b6:b3:a1:b6:55:a0:68:bf: 5d:b0:d0:41:bc:14:a1:6a:02:78:af:5c:7d:15:57: 0c:82:33:e8:3d:17:2a:35:36:62:31:32:68:85:7e: 9a:22:e2:cf:6e:7f:e8:5f:c4:53:ac:19:15:17:79: 62:a9:d7:93:48:a8:21:4e:7e:45:3f:7e:32:1e:b7: 60:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:DF:A3:D5:78:6A:C8:33:0D:A1:C7:88:94:89:68:B1:E0:DD:1C:CC X509v3 Authority Key Identifier: keyid:FD:7C:5A:44:A3:CA:AF:7C:D1:40:CF:D1:C6:16:22:BA:5E:A2:E6:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/3135372e32302e3132362e302f32332d3234203d3e20313532343130.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.126.0/23 Signature Algorithm: sha256WithRSAEncryption 4e:81:a2:ab:ad:8f:b9:8e:99:58:8d:69:02:55:22:38:f9:62: 9c:a7:97:56:a3:1a:2f:b8:8f:1a:54:3f:dc:64:15:f0:5a:d5: 86:65:1a:68:f1:2d:f9:df:63:aa:7d:0e:34:96:c0:fb:2d:82: d5:0c:38:60:ac:f0:91:15:7e:9d:16:2b:0e:7d:53:e0:89:b4: bc:68:7a:42:b2:7a:d0:4c:74:9e:6e:a9:e9:7e:21:65:b9:65: b8:e9:39:c6:56:de:d2:b7:49:61:68:2e:f0:9d:4d:37:a1:e8: 20:9a:51:7b:59:ba:a4:5e:32:c7:1b:50:dd:85:4e:64:9a:4f: 10:56:4f:d8:96:85:1f:2c:41:18:ee:9a:69:fb:f6:b6:cd:26: d6:40:ed:6d:78:ba:08:24:e7:1f:c5:a6:79:2b:1a:3b:7b:f3: e4:e2:e7:41:c5:16:1c:a4:b4:f5:73:14:db:71:a9:33:54:a2: 4d:ce:11:b3:e3:1a:8c:e0:48:8a:f6:85:cf:3f:2a:c6:3d:d5: 6e:26:f0:d3:26:04:1d:6a:3d:22:a4:4a:03:fb:d7:28:60:da: 8c:e4:2e:27:d8:f9:06:03:37:17:93:d2:01:68:63:40:b2:b6: 7a:2b:1a:8c:c2:00:58:fc:50:12:c8:8b:bc:6a:d5:68:9e:b4: f7:f1:95:b6 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUNr0euimEDInCXc+FfDRqFMxgyJMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIyQkE1 RUEyRTYyMzAeFw0yNTAyMjcwMzU2MjFaFw0yNjAyMjYwNDAxMjFaMDMxMTAvBgNV BAMTKERFREZBM0Q1Nzg2QUM4MzMwREExQzc4ODk0ODk2OEIxRTBERDFDQ0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBajLDYo66W0h1ODhJMYqGpBWR 6++NINVrfVCQLNXXU+Z8Ez0fT+YFW/wKt5kjh1BBfRMKydmqFsLW7NSTXp44XUTF iaOevkKEV8l9e6NyIHOyCW1IZBVJlOyBunkhTlCpKab1TQtIePgD85bEZ/uOGco7 EeUhiBJslTfjTranO4BzZCvkdxoJPhiMsN0ILNx4VynhvnGZY/MjzwVaQcIxJ9Fw c785rCloXPf7p2eUwnRs574chDtUnRe2s6G2VaBov12w0EG8FKFqAnivXH0VVwyC M+g9Fyo1NmIxMmiFfpoi4s9uf+hfxFOsGRUXeWKp15NIqCFOfkU/fjIet2CLAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU3t+j1XhqyDMNoceIlIloseDdHMwwHwYDVR0j BBgwFoAU/XxaRKPKr3zRQM/RxhYiul6i5iMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h MGY3OGJkNC1jMTliLTRkNDAtYWE1NC1lZDhkN2JjNzcyY2EvMC9GRDdDNUE0NEEz Q0FBRjdDRDE0MENGRDFDNjE2MjJCQTVFQTJFNjIzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIyQkE1RUEy RTYyMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EwZjc4YmQ0LWMxOWItNGQ0MC1h YTU0LWVkOGQ3YmM3NzJjYS8wLzMxMzUzNzJlMzIzMDJlMzEzMjM2MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRR+MA0GCSqG SIb3DQEBCwUAA4IBAQBOgaKrrY+5jplYjWkCVSI4+WKcp5dWoxovuI8aVD/cZBXw WtWGZRpo8S3532OqfQ40lsD7LYLVDDhgrPCRFX6dFisOfVPgibS8aHpCsnrQTHSe bqnpfiFluWW46TnGVt7St0lhaC7wnU03oeggmlF7WbqkXjLHG1DdhU5kmk8QVk/Y loUfLEEY7ppp+/a2zSbWQO1teLoIJOcfxaZ5Kxo7e/Pk4udBxRYcpLT1cxTbcakz VKJNzhGz4xqM4EiK9oXPPyrGPdVuJvDTJgQdaj0ipEoD+9coYNqM5C4n2PkGAzcX k9IBaGNAsrZ6KxqMwgBY/FASyIu8atVonrT38ZW2 -----END CERTIFICATE-----Generated at Thu Apr 17 23:58:34 2025 by rpki-client