$ rpki-client -vvf repo-rpki.idnic.net/repo/acc637bd-5971-4264-997a-749d804a6858/0/323030313a6466353a653238303a3a2f34382d3438203d3e20313431363430.roa File: 323030313a6466353a653238303a3a2f34382d3438203d3e20313431363430.roa (raw, json) Hash identifier: +ZHphLOhvruOuJkUwXhmKIA/kEZXmDLtlpGcK4ZlSQI= Subject key identifier: 64:09:6B:40:46:9A:FA:81:23:93:D8:E8:6E:34:62:66:93:A7:CC:E0 Certificate issuer: /CN=2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994 Certificate serial: 3A9A28F9A4C1C1957849CF64AC6BC6CC28EA3012 Authority key identifier: 2B:69:EA:50:8D:C6:2D:34:C2:B3:CA:4F:BA:57:BF:3A:FF:FD:49:94 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994.cer Subject info access: rsync://repo-rpki.idnic.net/repo/acc637bd-5971-4264-997a-749d804a6858/0/323030313a6466353a653238303a3a2f34382d3438203d3e20313431363430.roa Signing time: Sat 19 Oct 2024 05:00:02 +0000 ROA not before: Sat 19 Oct 2024 04:55:02 +0000 ROA not after: Sat 18 Oct 2025 05:00:02 +0000 asID: 141640 IP address blocks: 2001:df5:e280::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/acc637bd-5971-4264-997a-749d804a6858/0/2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994.crl rsync://repo-rpki.idnic.net/repo/acc637bd-5971-4264-997a-749d804a6858/0/2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 20:53:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:9a:28:f9:a4:c1:c1:95:78:49:cf:64:ac:6b:c6:cc:28:ea:30:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994 Validity Not Before: Oct 19 04:55:02 2024 GMT Not After : Oct 18 05:00:02 2025 GMT Subject: CN=64096B40469AFA812393D8E86E34626693A7CCE0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:13:a8:f9:78:65:94:29:f4:16:14:e7:35:c1: be:70:18:d5:38:f6:d5:3f:b6:17:f2:e2:73:f9:51: 61:23:f1:f6:52:8f:3b:c9:c6:7a:8e:59:d5:e0:1f: b6:a8:6e:3d:cf:1a:23:2d:e3:07:f2:a1:57:97:6b: 53:b5:f4:cf:98:89:3c:d7:a5:42:d8:89:11:ac:33: 44:f2:f0:33:c9:63:a5:2a:44:78:2d:df:f8:1f:e3: f5:0c:ec:9c:79:b3:4b:ef:ee:58:ca:93:2f:35:a1: 84:42:23:9e:7e:3e:ea:15:f6:f7:8d:07:7f:df:f7: 03:0b:07:80:8c:9b:e2:3a:2b:1d:20:35:f7:c4:c1: 85:96:52:b8:3b:8d:18:7d:5c:2b:f3:b3:69:86:4a: e0:f9:1e:3d:0f:73:60:e3:08:d9:d9:d0:7b:6a:f1: 63:33:0a:84:d3:0c:c9:49:7c:e5:19:4c:61:d5:c4: 3b:2b:5f:3b:3d:c8:4a:38:cd:b5:a0:4a:68:01:13: 20:ce:34:c4:03:89:09:f6:4a:67:ab:c8:60:56:c0: 8d:98:4d:c7:b2:48:9d:c4:66:7b:85:f9:72:f5:ed: af:00:f9:48:d3:bb:6a:05:be:64:b7:9f:4f:b6:3f: ea:12:09:c2:bb:30:ff:eb:74:e8:36:9b:98:ab:87: b0:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:09:6B:40:46:9A:FA:81:23:93:D8:E8:6E:34:62:66:93:A7:CC:E0 X509v3 Authority Key Identifier: keyid:2B:69:EA:50:8D:C6:2D:34:C2:B3:CA:4F:BA:57:BF:3A:FF:FD:49:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/acc637bd-5971-4264-997a-749d804a6858/0/2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B69EA508DC62D34C2B3CA4FBA57BF3AFFFD4994.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/acc637bd-5971-4264-997a-749d804a6858/0/323030313a6466353a653238303a3a2f34382d3438203d3e20313431363430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:e280::/48 Signature Algorithm: sha256WithRSAEncryption 7d:2f:a3:5f:72:27:32:53:fd:4f:7f:a9:17:31:bc:65:46:80: 2c:1d:24:7a:59:91:37:d0:f5:51:f3:4b:cb:e6:be:d4:3e:07: 83:13:76:b3:36:a9:da:cd:88:26:7c:bc:c7:0f:bf:56:23:bb: 77:bc:a9:06:4c:d6:51:c9:06:68:46:c8:71:2a:aa:c5:31:88: c1:5c:ee:0f:87:25:13:d7:a7:1e:9e:0c:c6:22:f2:6e:ee:44: 3e:18:89:3d:49:dd:ea:28:bf:de:ac:08:6a:e7:f1:61:65:7d: a5:5d:b8:d7:c1:85:38:31:90:d8:29:70:0d:5d:7a:19:63:6b: b1:bc:73:52:64:31:62:6d:07:14:b4:71:18:06:d2:db:3f:30: a3:48:8f:01:68:af:e4:7d:f8:d2:29:ec:40:c9:57:0c:33:37: b8:90:bd:0e:e3:ba:d8:0b:92:08:e9:4f:07:87:62:c1:94:a7: 27:90:c4:a8:5e:93:aa:ee:b3:c2:57:5e:75:00:f6:f5:cb:b9: 8e:ff:de:94:d3:e8:16:f5:2e:d2:aa:9e:d1:58:63:3c:1e:4e: 86:81:d2:ae:b8:ef:3b:94:67:8e:cd:5b:22:1a:3c:38:f0:1d: ac:56:f2:66:55:b4:aa:35:e1:ef:f3:7f:e0:04:46:06:5b:10: 03:7c:af:07 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUOpoo+aTBwZV4Sc9krGvGzCjqMBIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkI2OUVBNTA4REM2MkQzNEMyQjNDQTRGQkE1N0JGM0FG RkZENDk5NDAeFw0yNDEwMTkwNDU1MDJaFw0yNTEwMTgwNTAwMDJaMDMxMTAvBgNV BAMTKDY0MDk2QjQwNDY5QUZBODEyMzkzRDhFODZFMzQ2MjY2OTNBN0NDRTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoE6j5eGWUKfQWFOc1wb5wGNU4 9tU/thfy4nP5UWEj8fZSjzvJxnqOWdXgH7aobj3PGiMt4wfyoVeXa1O19M+YiTzX pULYiRGsM0Ty8DPJY6UqRHgt3/gf4/UM7Jx5s0vv7ljKky81oYRCI55+PuoV9veN B3/f9wMLB4CMm+I6Kx0gNffEwYWWUrg7jRh9XCvzs2mGSuD5Hj0Pc2DjCNnZ0Htq 8WMzCoTTDMlJfOUZTGHVxDsrXzs9yEo4zbWgSmgBEyDONMQDiQn2SmeryGBWwI2Y TceySJ3EZnuF+XL17a8A+UjTu2oFvmS3n0+2P+oSCcK7MP/rdOg2m5irh7BzAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUZAlrQEaa+oEjk9jobjRiZpOnzOAwHwYDVR0j BBgwFoAUK2nqUI3GLTTCs8pPule/Ov/9SZQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h Y2M2MzdiZC01OTcxLTQyNjQtOTk3YS03NDlkODA0YTY4NTgvMC8yQjY5RUE1MDhE QzYyRDM0QzJCM0NBNEZCQTU3QkYzQUZGRkQ0OTk0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkI2OUVBNTA4REM2MkQzNEMyQjNDQTRGQkE1N0JGM0FGRkZE NDk5NC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FjYzYzN2JkLTU5NzEtNDI2NC05 OTdhLTc0OWQ4MDRhNjg1OC8wLzMyMzAzMDMxM2E2NDY2MzUzYTY1MzIzODMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMxMzYzNDMwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 9eKAMA0GCSqGSIb3DQEBCwUAA4IBAQB9L6NfcicyU/1Pf6kXMbxlRoAsHSR6WZE3 0PVR80vL5r7UPgeDE3azNqnazYgmfLzHD79WI7t3vKkGTNZRyQZoRshxKqrFMYjB XO4PhyUT16cengzGIvJu7kQ+GIk9Sd3qKL/erAhq5/FhZX2lXbjXwYU4MZDYKXAN XXoZY2uxvHNSZDFibQcUtHEYBtLbPzCjSI8BaK/kffjSKexAyVcMMze4kL0O47rY C5II6U8Hh2LBlKcnkMSoXpOq7rPCV151APb1y7mO/96U0+gW9S7Sqp7RWGM8Hk6G gdKuuO87lGeOzVsiGjw48B2sVvJmVbSqNeHv83/gBEYGWxADfK8H -----END CERTIFICATE-----Generated at Fri Feb 21 11:03:37 2025 by rpki-client