$ rpki-client -vvf repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa File: 323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa (raw, json) Hash identifier: jyHfiZ6i7aZCFxYleJN7o61t2gr/9pVuDKWy33Zgxrk= Subject key identifier: E6:45:4A:A4:78:F6:A6:F0:FE:B5:F5:FC:93:62:3B:6B:37:5F:15:20 Certificate issuer: /CN=C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1 Certificate serial: 548DA87A20DADD666C20D3D16414719BB5A2640D Authority key identifier: C8:DD:5D:84:FA:FA:BF:7E:AF:62:B3:B0:F4:E4:5A:23:31:F8:02:E1 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa Signing time: Thu 23 Jan 2025 02:52:13 +0000 ROA not before: Thu 23 Jan 2025 02:47:13 +0000 ROA not after: Thu 22 Jan 2026 02:52:13 +0000 asID: 38320 IP address blocks: 2404:3900:1::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.crl rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 23 Feb 2025 23:33:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:8d:a8:7a:20:da:dd:66:6c:20:d3:d1:64:14:71:9b:b5:a2:64:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1 Validity Not Before: Jan 23 02:47:13 2025 GMT Not After : Jan 22 02:52:13 2026 GMT Subject: CN=E6454AA478F6A6F0FEB5F5FC93623B6B375F1520 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:86:e2:65:41:92:bd:1b:45:dc:84:25:99:4d: af:d6:5b:1b:89:8d:b2:ff:55:99:7d:19:d7:28:00: 71:7f:31:15:c2:34:a9:5e:a4:ed:21:0a:72:cd:d9: fd:89:d9:77:e4:08:f5:75:15:9b:33:a8:86:3a:8c: 69:91:1f:18:17:69:cb:2e:ca:4b:7f:1a:e9:cb:a3: 27:3e:2d:42:b5:39:7d:19:4d:b9:09:42:c0:e9:7f: d1:7a:bc:1f:0d:0b:57:3f:f0:ad:86:a2:b5:d0:4a: 63:df:a0:10:ba:88:0c:4d:ac:54:21:a3:46:41:95: 4b:e8:74:3c:8d:d1:89:6a:0b:40:b6:7b:0c:c5:84: d2:03:fd:c7:4b:59:f9:49:4d:a5:bc:4f:28:1f:2d: bf:25:38:f5:40:ca:7d:1d:25:f9:ba:f9:a4:01:b3: 88:1d:9f:fa:d2:67:17:a8:90:66:be:4a:0b:31:3d: fc:29:1e:aa:ed:e2:18:5a:37:25:cb:a8:c0:7c:82: a0:cb:6d:c7:74:9d:19:80:cd:31:fe:13:8e:a7:c7: f4:10:90:0c:b1:b3:c5:07:67:4b:3d:a1:ff:b9:74: b4:90:e7:e0:50:fb:5c:eb:e6:8c:0f:f0:fb:49:0c: 47:10:49:94:31:b6:6d:b6:69:15:d6:01:aa:cf:ef: 41:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:45:4A:A4:78:F6:A6:F0:FE:B5:F5:FC:93:62:3B:6B:37:5F:15:20 X509v3 Authority Key Identifier: keyid:C8:DD:5D:84:FA:FA:BF:7E:AF:62:B3:B0:F4:E4:5A:23:31:F8:02:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:3900:1::/48 Signature Algorithm: sha256WithRSAEncryption 55:0a:b9:ca:0b:26:54:51:57:38:6b:74:66:bd:8e:87:bf:a0: 0e:d3:cc:86:e3:fc:f6:d4:03:e9:b1:e3:6c:d6:ff:72:77:80: 1d:58:79:8f:8b:e9:58:7e:17:20:a0:6c:79:9c:88:7f:b2:3b: ae:2a:e9:26:56:fc:64:0b:e3:ac:7c:20:04:32:6c:d7:f2:27: 05:34:e8:f2:af:38:b4:c2:24:14:a6:64:9a:e3:90:24:6c:02: 02:aa:86:d4:57:90:6b:b2:e4:c4:3d:aa:6a:bf:55:6b:0f:0c: b1:1b:7f:e3:46:90:e0:13:bd:4c:43:95:fb:fd:e7:97:98:3b: 99:c1:2b:a7:77:29:4f:7b:e9:1d:a8:fe:27:22:ac:2e:d6:94: c5:36:d4:07:a9:b9:37:08:22:69:fe:d9:8f:d7:e6:3b:7c:70: cc:61:50:8c:a2:7d:07:7b:fb:87:e0:a6:ef:38:19:0c:6a:93: f8:7c:f6:9f:c5:ce:de:27:3b:ba:5b:b2:25:63:32:80:3b:c1: ee:7f:02:2d:8a:d3:ae:de:ee:a3:1e:ef:d1:ee:f9:2a:45:ee: 96:9f:05:3d:20:64:87:18:92:6d:e5:e0:fb:d6:fa:f1:ba:61: 37:35:21:90:63:77:d3:ef:b7:a6:71:6d:14:eb:4a:28:99:c1: 70:ee:7a:58 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUVI2oeiDa3WZsINPRZBRxm7WiZA0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzhERDVEODRGQUZBQkY3RUFGNjJCM0IwRjRFNDVBMjMz MUY4MDJFMTAeFw0yNTAxMjMwMjQ3MTNaFw0yNjAxMjIwMjUyMTNaMDMxMTAvBgNV BAMTKEU2NDU0QUE0NzhGNkE2RjBGRUI1RjVGQzkzNjIzQjZCMzc1RjE1MjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQhuJlQZK9G0XchCWZTa/WWxuJ jbL/VZl9GdcoAHF/MRXCNKlepO0hCnLN2f2J2XfkCPV1FZszqIY6jGmRHxgXacsu ykt/GunLoyc+LUK1OX0ZTbkJQsDpf9F6vB8NC1c/8K2GorXQSmPfoBC6iAxNrFQh o0ZBlUvodDyN0YlqC0C2ewzFhNID/cdLWflJTaW8TygfLb8lOPVAyn0dJfm6+aQB s4gdn/rSZxeokGa+SgsxPfwpHqrt4hhaNyXLqMB8gqDLbcd0nRmAzTH+E46nx/QQ kAyxs8UHZ0s9of+5dLSQ5+BQ+1zr5owP8PtJDEcQSZQxtm22aRXWAarP70E5AgMB AAGjggI3MIICMzAdBgNVHQ4EFgQU5kVKpHj2pvD+tfX8k2I7azdfFSAwHwYDVR0j BBgwFoAUyN1dhPr6v36vYrOw9ORaIzH4AuEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h OTQ1Yjg2ZS0wODk1LTQ3NTktYTc3Yy1hMDZjZTE0ZTI0M2MvMC9DOERENUQ4NEZB RkFCRjdFQUY2MkIzQjBGNEU0NUEyMzMxRjgwMkUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzhERDVEODRGQUZBQkY3RUFGNjJCM0IwRjRFNDVBMjMzMUY4 MDJFMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E5NDViODZlLTA4OTUtNDc1OS1h NzdjLWEwNmNlMTRlMjQzYy8wLzMyMzQzMDM0M2EzMzM5MzAzMDNhMzEzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMzM4MzMzMjMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQ5AAABMA0G CSqGSIb3DQEBCwUAA4IBAQBVCrnKCyZUUVc4a3RmvY6Hv6AO08yG4/z21APpseNs 1v9yd4AdWHmPi+lYfhcgoGx5nIh/sjuuKukmVvxkC+OsfCAEMmzX8icFNOjyrzi0 wiQUpmSa45AkbAICqobUV5BrsuTEPapqv1VrDwyxG3/jRpDgE71MQ5X7/eeXmDuZ wSundylPe+kdqP4nIqwu1pTFNtQHqbk3CCJp/tmP1+Y7fHDMYVCMon0He/uH4Kbv OBkMapP4fPafxc7eJzu6W7IlYzKAO8HufwItitOu3u6jHu/R7vkqRe6WnwU9IGSH GJJt5eD71vrxumE3NSGQY3fT77emcW0U60oomcFw7npY -----END CERTIFICATE-----Generated at Fri Feb 21 11:02:27 2025 by rpki-client