$ rpki-client -vvf repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138342e302f32342d3234203d3e203338373835.roa File: 3132312e3130312e3138342e302f32342d3234203d3e203338373835.roa (raw, json) Hash identifier: cpQ+yGOPRMcycDguY5pOMH22P4g6dN/h+7VVRFd0gvs= Subject key identifier: 2C:2C:25:9C:33:52:A7:12:58:DD:0D:FE:DD:A6:3F:D8:93:EA:75:73 Certificate issuer: /CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Certificate serial: 7E83050DF032E48A3973C67C899B67090CFCF72E Authority key identifier: 33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138342e302f32342d3234203d3e203338373835.roa Signing time: Thu 03 Apr 2025 05:00:03 +0000 ROA not before: Thu 03 Apr 2025 04:55:03 +0000 ROA not after: Thu 02 Apr 2026 05:00:03 +0000 asID: 38785 IP address blocks: 121.101.184.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 12:41:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:83:05:0d:f0:32:e4:8a:39:73:c6:7c:89:9b:67:09:0c:fc:f7:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Validity Not Before: Apr 3 04:55:03 2025 GMT Not After : Apr 2 05:00:03 2026 GMT Subject: CN=2C2C259C3352A71258DD0DFEDDA63FD893EA7573 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:f6:c5:31:db:aa:eb:f7:f7:43:d9:b0:f6:39: 53:aa:03:0f:84:0f:b0:ad:02:a0:7a:d8:ed:b5:54: 28:e9:15:8a:90:76:53:e6:ba:41:f3:d1:88:20:97: 40:c4:b8:35:f9:4b:23:7c:81:e9:42:1a:13:1d:4e: c0:18:4f:9b:a6:2c:71:da:e7:7e:1a:06:84:2f:b5: 22:8f:c5:0b:de:4e:fc:50:67:c2:27:5e:94:42:fd: 2c:2d:06:1d:3e:db:6d:3b:d8:6f:3e:0f:2e:c0:a3: 54:80:38:d5:4b:ba:86:80:d3:43:ea:c4:93:e8:95: 42:42:ab:c5:8b:91:48:8d:aa:26:cb:e0:d5:f9:b1: a3:0a:2f:7f:87:91:14:35:78:07:2e:ba:9f:e0:a4: b5:af:d9:a7:cd:d1:30:de:1e:45:31:3b:8e:1d:88: f7:67:17:70:83:0d:f6:5b:ef:c0:79:aa:9a:0b:7a: d7:eb:46:91:7e:38:82:3d:62:ac:ba:36:1b:46:aa: 0e:2d:33:cf:50:b4:ad:d3:41:62:87:2d:e1:d0:c4: b7:32:39:3c:14:55:7d:cc:cb:76:d9:0c:0f:13:f4: 52:e8:2f:e6:ad:da:3b:e7:a3:69:33:57:af:b6:02: 1a:96:d9:5e:da:77:f5:c7:2b:1a:d7:a0:55:7c:95: c9:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:2C:25:9C:33:52:A7:12:58:DD:0D:FE:DD:A6:3F:D8:93:EA:75:73 X509v3 Authority Key Identifier: keyid:33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138342e302f32342d3234203d3e203338373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 121.101.184.0/24 Signature Algorithm: sha256WithRSAEncryption a5:8e:5f:83:c6:77:bd:9b:60:b6:a1:13:8d:5c:45:49:70:8e: 2e:e7:72:6c:fe:70:00:44:3d:a5:26:55:d3:c0:62:89:8c:3e: d5:ce:30:2c:bf:b3:40:17:71:da:8f:a1:73:fd:fc:2a:b5:09: ab:b5:5a:1f:9c:1f:16:04:68:7b:b8:02:93:df:b4:bd:94:3b: 40:55:fe:78:5b:86:03:d9:35:9c:ce:63:be:72:e4:76:dc:3d: 76:61:5c:e9:2f:2b:36:fd:72:b0:aa:c1:ac:8e:f9:e6:d1:3c: 62:d7:25:9b:28:cf:e2:e1:12:82:99:45:83:8b:d5:89:77:86: 03:d3:bf:b3:37:53:47:76:42:35:ac:e9:5c:cc:d8:cf:ad:e2: 21:02:02:b3:4d:a0:b4:7e:1b:0c:75:95:b4:4e:68:9a:1b:b4: 97:a1:b0:61:36:0d:9f:14:49:a1:c7:45:e3:fb:1e:9a:a7:b0: b1:7a:7c:61:6c:98:2c:d5:d3:24:74:36:af:64:8c:5c:fb:99: 20:c1:bc:d2:49:26:04:4c:38:55:bf:f9:f0:4f:97:5a:9f:c4: 3a:d0:bb:d8:37:9e:22:ad:31:2f:24:8a:69:2f:a8:3a:6a:24: 34:6b:fe:b7:f9:5c:71:cb:7c:9c:eb:4f:d9:fb:1b:d4:f2:70: d9:b5:44:01 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUfoMFDfAy5Io5c8Z8iZtnCQz89y4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0 Q0MyODE2NDAeFw0yNTA0MDMwNDU1MDNaFw0yNjA0MDIwNTAwMDNaMDMxMTAvBgNV BAMTKDJDMkMyNTlDMzM1MkE3MTI1OEREMERGRUREQTYzRkQ4OTNFQTc1NzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk9sUx26rr9/dD2bD2OVOqAw+E D7CtAqB62O21VCjpFYqQdlPmukHz0Yggl0DEuDX5SyN8gelCGhMdTsAYT5umLHHa 534aBoQvtSKPxQveTvxQZ8InXpRC/SwtBh0+22072G8+Dy7Ao1SAONVLuoaA00Pq xJPolUJCq8WLkUiNqibL4NX5saMKL3+HkRQ1eAcuup/gpLWv2afN0TDeHkUxO44d iPdnF3CDDfZb78B5qpoLetfrRpF+OII9Yqy6NhtGqg4tM89QtK3TQWKHLeHQxLcy OTwUVX3My3bZDA8T9FLoL+at2jvno2kzV6+2AhqW2V7ad/XHKxrXoFV8lcktAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQULCwlnDNSpxJY3Q3+3aY/2JPqdXMwHwYDVR0j BBgwFoAUMwig+9KfNZrWHKo4kgjh10zCgWQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NTcyZGZiZS00Y2EwLTRhNDYtODAzNy00OTY4ZWQ5N2NhZGMvMC8zMzA4QTBGQkQy OUYzNTlBRDYxQ0FBMzg5MjA4RTFENzRDQzI4MTY0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0Q0My ODE2NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1NzJkZmJlLTRjYTAtNGE0Ni04 MDM3LTQ5NjhlZDk3Y2FkYy8wLzMxMzIzMTJlMzEzMDMxMmUzMTM4MzQyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeWW4MA0GCSqG SIb3DQEBCwUAA4IBAQCljl+Dxne9m2C2oRONXEVJcI4u53Js/nAARD2lJlXTwGKJ jD7VzjAsv7NAF3Haj6Fz/fwqtQmrtVofnB8WBGh7uAKT37S9lDtAVf54W4YD2TWc zmO+cuR23D12YVzpLys2/XKwqsGsjvnm0Txi1yWbKM/i4RKCmUWDi9WJd4YD07+z N1NHdkI1rOlczNjPreIhAgKzTaC0fhsMdZW0TmiaG7SXobBhNg2fFEmhx0Xj+x6a p7CxenxhbJgs1dMkdDavZIxc+5kgwbzSSSYETDhVv/nwT5dan8Q60LvYN54irTEv JIppL6g6aiQ0a/63+Vxxy3yc60/Z+xvU8nDZtUQB -----END CERTIFICATE-----Generated at Sun Apr 6 19:10:29 2025 by rpki-client