$ rpki-client -vvf repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa File: 3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa (raw, json) Hash identifier: Csz/yUZ7Lzvn/nuu4THB9U+el9Pek+D7VdsMj61HX6w= Subject key identifier: CF:CA:3C:04:51:85:DA:5A:E6:B5:BA:62:B6:D3:DD:8D:B9:14:D4:CC Certificate issuer: /CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Certificate serial: 1BBA939EE430C46A8C7B9BE4642C4549EB0E796C Authority key identifier: 33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa Signing time: Thu 03 Apr 2025 05:00:03 +0000 ROA not before: Thu 03 Apr 2025 04:55:03 +0000 ROA not after: Thu 02 Apr 2026 05:00:03 +0000 asID: 38785 IP address blocks: 121.101.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 12:41:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:ba:93:9e:e4:30:c4:6a:8c:7b:9b:e4:64:2c:45:49:eb:0e:79:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Validity Not Before: Apr 3 04:55:03 2025 GMT Not After : Apr 2 05:00:03 2026 GMT Subject: CN=CFCA3C045185DA5AE6B5BA62B6D3DD8DB914D4CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a0:c0:9a:3d:c6:68:07:2a:12:e1:27:ab:0f: 06:73:45:bc:13:bc:76:ba:0c:c3:03:82:f5:60:cb: 4b:2f:6e:08:cd:84:f0:7e:f6:ee:fe:4b:ce:24:03: 9d:07:68:e8:83:c7:51:13:a6:85:4a:37:d2:f2:50: e0:6e:4b:9a:60:00:f2:22:b0:25:9d:46:b7:3b:15: bb:9c:94:cf:df:98:56:fa:05:0f:35:db:56:25:8e: 83:eb:30:e5:f5:45:d4:02:a3:5d:ac:30:81:4b:c7: 1f:b2:09:32:18:e4:23:dd:4d:8a:ad:92:45:2f:b8: 90:2e:ff:90:49:57:f9:2a:15:7a:70:c7:7a:2b:6d: 9f:a1:71:d4:3b:0a:ca:d8:9a:b3:e4:e8:f8:b2:f4: c2:b9:01:93:23:99:4b:70:6b:6b:91:05:f0:3e:3c: c3:e0:28:b0:7f:4b:7e:79:3e:99:e5:50:77:b9:fa: 9d:04:b2:3c:2c:05:fc:34:d7:42:09:d4:cc:63:51: 00:4d:a9:ee:17:0f:b5:40:01:08:4e:47:21:55:d8: 8d:88:8e:d0:51:66:c7:85:c5:0e:a9:24:eb:d9:be: 98:1f:f0:e6:f9:c4:45:fa:c9:dd:32:e2:6b:c7:b0: c7:9d:f8:3f:ae:25:2a:12:60:81:f2:16:1f:a7:aa: 59:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:CA:3C:04:51:85:DA:5A:E6:B5:BA:62:B6:D3:DD:8D:B9:14:D4:CC X509v3 Authority Key Identifier: keyid:33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 121.101.189.0/24 Signature Algorithm: sha256WithRSAEncryption a8:da:eb:50:b1:44:f4:8a:5b:f5:97:91:24:e1:65:60:1b:6f: 6b:d5:6f:7e:d1:81:dd:d9:9f:ff:14:39:e1:09:4b:fd:d7:e9: 65:48:14:bc:ae:43:2d:ac:3c:42:21:20:21:0d:4e:7f:67:54: 8e:71:a9:16:af:58:83:73:cb:4f:30:9c:83:23:9d:cc:9a:33: 6c:65:ab:e7:86:3d:d1:e4:1f:45:36:1c:26:ce:8b:d1:0a:06: f6:66:ed:94:5c:b6:fe:ad:c2:f8:80:11:58:45:5c:48:53:22: 98:e9:e7:85:14:66:9d:9f:15:25:a6:5a:5f:23:ee:34:d8:5e: 89:63:d5:d9:cf:c0:5b:4c:8e:8d:eb:7f:13:86:4b:37:45:40: c6:ea:1b:e8:85:54:5b:dd:b7:71:74:11:ed:c2:6f:e8:8d:e5: cd:c5:31:77:fb:8a:e0:93:70:d0:fb:c7:13:f8:1f:4b:09:af: 3b:44:f6:ef:51:01:7c:93:5d:c6:ed:9b:d1:0a:d8:a6:49:09: 65:2b:86:fd:6d:60:6c:9c:3c:ad:c0:92:a6:03:74:dd:3b:ff: 4c:f5:56:6d:b8:0e:55:20:cd:f9:d9:1c:35:83:cb:b1:73:84: 8e:65:44:44:1e:dd:59:43:4a:8f:9e:78:61:f0:d8:53:7b:be: 35:37:be:8c -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUG7qTnuQwxGqMe5vkZCxFSesOeWwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0 Q0MyODE2NDAeFw0yNTA0MDMwNDU1MDNaFw0yNjA0MDIwNTAwMDNaMDMxMTAvBgNV BAMTKENGQ0EzQzA0NTE4NURBNUFFNkI1QkE2MkI2RDNERDhEQjkxNEQ0Q0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/oMCaPcZoByoS4SerDwZzRbwT vHa6DMMDgvVgy0svbgjNhPB+9u7+S84kA50HaOiDx1ETpoVKN9LyUOBuS5pgAPIi sCWdRrc7FbuclM/fmFb6BQ8121YljoPrMOX1RdQCo12sMIFLxx+yCTIY5CPdTYqt kkUvuJAu/5BJV/kqFXpwx3orbZ+hcdQ7CsrYmrPk6Piy9MK5AZMjmUtwa2uRBfA+ PMPgKLB/S355PpnlUHe5+p0EsjwsBfw010IJ1MxjUQBNqe4XD7VAAQhORyFV2I2I jtBRZseFxQ6pJOvZvpgf8Ob5xEX6yd0y4mvHsMed+D+uJSoSYIHyFh+nqlnVAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUz8o8BFGF2lrmtbpittPdjbkU1MwwHwYDVR0j BBgwFoAUMwig+9KfNZrWHKo4kgjh10zCgWQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NTcyZGZiZS00Y2EwLTRhNDYtODAzNy00OTY4ZWQ5N2NhZGMvMC8zMzA4QTBGQkQy OUYzNTlBRDYxQ0FBMzg5MjA4RTFENzRDQzI4MTY0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0Q0My ODE2NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1NzJkZmJlLTRjYTAtNGE0Ni04 MDM3LTQ5NjhlZDk3Y2FkYy8wLzMxMzIzMTJlMzEzMDMxMmUzMTM4MzkyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeWW9MA0GCSqG SIb3DQEBCwUAA4IBAQCo2utQsUT0ilv1l5Ek4WVgG29r1W9+0YHd2Z//FDnhCUv9 1+llSBS8rkMtrDxCISAhDU5/Z1SOcakWr1iDc8tPMJyDI53MmjNsZavnhj3R5B9F NhwmzovRCgb2Zu2UXLb+rcL4gBFYRVxIUyKY6eeFFGadnxUlplpfI+402F6JY9XZ z8BbTI6N638Thks3RUDG6hvohVRb3bdxdBHtwm/ojeXNxTF3+4rgk3DQ+8cT+B9L Ca87RPbvUQF8k13G7ZvRCtimSQllK4b9bWBsnDytwJKmA3TdO/9M9VZtuA5VIM35 2Rw1g8uxc4SOZUREHt1ZQ0qPnnhh8NhTe741N76M -----END CERTIFICATE-----Generated at Sun Apr 6 20:47:01 2025 by rpki-client