$ rpki-client -vvf repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa File: 3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa (raw, json) Hash identifier: vC1sLrROQammNbgh64OVHa3goyUf/oRsNt6WGQKKJQo= Subject key identifier: 7D:01:56:A6:99:9E:80:3D:91:20:01:54:3C:DE:EC:C2:C5:30:87:DB Certificate issuer: /CN=A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44 Certificate serial: 5D13EA4116FD04BF74444E3EFD6E603AAA04FB87 Authority key identifier: A4:B6:31:C8:CF:E0:EE:72:AC:D5:F2:08:FC:12:39:06:4F:6C:DE:44 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa Signing time: Sun 25 May 2025 10:00:00 +0000 ROA not before: Sun 25 May 2025 09:55:00 +0000 ROA not after: Sun 24 May 2026 10:00:00 +0000 asID: 152797 IP address blocks: 157.66.248.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.crl rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 06:30:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:13:ea:41:16:fd:04:bf:74:44:4e:3e:fd:6e:60:3a:aa:04:fb:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44 Validity Not Before: May 25 09:55:00 2025 GMT Not After : May 24 10:00:00 2026 GMT Subject: CN=7D0156A6999E803D912001543CDEECC2C53087DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:6f:2c:43:41:8f:ca:54:e5:9d:f1:1a:55:b1: f6:e9:2b:e5:b8:36:6f:58:6e:09:e9:f1:7f:3f:df: 9c:36:e8:88:f9:fb:ae:c6:b6:a1:f9:75:62:09:d9: 20:85:af:65:3d:da:fc:55:0d:27:fb:d8:0a:9f:c5: fa:78:8a:15:52:bf:3c:a8:e6:1f:e2:a7:a6:28:f6: bd:b1:f4:42:93:ab:a5:ff:0c:c0:63:52:fc:02:8b: ab:39:d5:21:56:84:d1:f0:be:f1:ff:fc:92:da:6a: c9:86:05:76:a8:13:79:a3:3b:0d:0e:20:03:2d:53: 2b:4b:16:d3:6e:ce:31:88:75:42:a9:b7:a1:b8:52: fb:5f:ba:30:31:98:bd:5c:35:bc:5e:41:0b:fe:0b: f4:cb:28:5a:6f:6c:4a:51:95:28:3d:37:a8:2d:47: 28:a4:90:5c:8d:23:a3:ea:21:1e:51:10:e3:8d:24: 2d:56:0d:02:40:92:24:46:5e:a8:60:c9:3e:d3:b4: b3:e6:00:5b:0c:0f:7b:39:27:30:ee:df:c1:55:6f: cc:2f:36:49:1e:d4:ac:68:4d:24:8f:01:9f:d7:8c: cf:14:3d:29:e1:65:62:20:35:37:bf:95:22:ec:6f: 00:f8:a9:31:33:07:c9:11:15:30:43:6e:33:13:54: 6b:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:01:56:A6:99:9E:80:3D:91:20:01:54:3C:DE:EC:C2:C5:30:87:DB X509v3 Authority Key Identifier: keyid:A4:B6:31:C8:CF:E0:EE:72:AC:D5:F2:08:FC:12:39:06:4F:6C:DE:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.248.0/23 Signature Algorithm: sha256WithRSAEncryption 8e:5f:d3:58:d0:5e:af:55:48:e9:a1:02:8d:63:18:c3:22:ac: ac:cb:78:2b:f7:9d:b4:6a:99:58:0a:bb:ed:96:bd:ba:d7:11: e8:f1:12:7b:91:16:40:60:39:51:51:85:fc:6a:a7:6e:ef:db: 93:45:49:a3:2c:2a:37:89:52:1c:14:4b:6f:eb:b1:2b:a7:30: fa:6a:3b:40:9e:88:52:64:d6:1a:2e:dd:04:3b:16:8f:5f:2e: 08:da:8b:2f:fb:f5:59:cc:3d:96:fb:26:10:87:cc:1a:d2:20: 95:4a:4e:93:a5:fa:64:ef:63:96:f0:e5:37:a9:2e:09:7b:b3: bf:c5:da:1a:8f:94:f4:a3:a3:44:6e:58:f8:97:7f:3d:6e:a8: 8c:c2:2c:06:4b:be:1d:cd:bf:4a:35:a6:01:9b:38:55:b3:84: 74:fd:a1:47:73:27:63:48:da:4e:70:2e:6b:a3:9f:28:e0:ca: 63:ae:eb:fc:43:17:7c:63:82:a7:75:c3:fb:0e:8a:30:02:fa: 07:73:4d:e4:79:75:e6:1c:21:2a:e5:54:05:c7:83:d6:b0:8a: 47:13:bc:c7:fa:9f:a7:f7:36:9b:1d:ad:e0:76:35:b2:db:3a: b9:32:9a:7c:84:1f:8e:0c:15:cd:8b:4a:bb:12:d7:7f:85:ab: 80:33:4c:48 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUXRPqQRb9BL90RE4+/W5gOqoE+4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTRCNjMxQzhDRkUwRUU3MkFDRDVGMjA4RkMxMjM5MDY0 RjZDREU0NDAeFw0yNTA1MjUwOTU1MDBaFw0yNjA1MjQxMDAwMDBaMDMxMTAvBgNV BAMTKDdEMDE1NkE2OTk5RTgwM0Q5MTIwMDE1NDNDREVFQ0MyQzUzMDg3REIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgbyxDQY/KVOWd8RpVsfbpK+W4 Nm9Ybgnp8X8/35w26Ij5+67GtqH5dWIJ2SCFr2U92vxVDSf72Aqfxfp4ihVSvzyo 5h/ip6Yo9r2x9EKTq6X/DMBjUvwCi6s51SFWhNHwvvH//JLaasmGBXaoE3mjOw0O IAMtUytLFtNuzjGIdUKpt6G4UvtfujAxmL1cNbxeQQv+C/TLKFpvbEpRlSg9N6gt RyikkFyNI6PqIR5REOONJC1WDQJAkiRGXqhgyT7TtLPmAFsMD3s5JzDu38FVb8wv Nkke1KxoTSSPAZ/XjM8UPSnhZWIgNTe/lSLsbwD4qTEzB8kRFTBDbjMTVGtbAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUfQFWppmegD2RIAFUPN7swsUwh9swHwYDVR0j BBgwFoAUpLYxyM/g7nKs1fII/BI5Bk9s3kQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i Mzk5MWY3YS0wYTcxLTRmMGQtOTMzZi1lY2Y4MTM1MzAyNzQvMC9BNEI2MzFDOENG RTBFRTcyQUNENUYyMDhGQzEyMzkwNjRGNkNERTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQTRCNjMxQzhDRkUwRUU3MkFDRDVGMjA4RkMxMjM5MDY0RjZD REU0NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IzOTkxZjdhLTBhNzEtNGYwZC05 MzNmLWVjZjgxMzUzMDI3NC8wLzMxMzUzNzJlMzYzNjJlMzIzNDM4MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzczOTM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnUL4MA0GCSqG SIb3DQEBCwUAA4IBAQCOX9NY0F6vVUjpoQKNYxjDIqysy3gr9520aplYCrvtlr26 1xHo8RJ7kRZAYDlRUYX8aqdu79uTRUmjLCo3iVIcFEtv67ErpzD6ajtAnohSZNYa Lt0EOxaPXy4I2osv+/VZzD2W+yYQh8wa0iCVSk6Tpfpk72OW8OU3qS4Je7O/xdoa j5T0o6NEblj4l389bqiMwiwGS74dzb9KNaYBmzhVs4R0/aFHcydjSNpOcC5ro58o 4Mpjruv8Qxd8Y4KndcP7DoowAvoHc03keXXmHCEq5VQFx4PWsIpHE7zH+p+n9zab Ha3gdjWy2zq5Mpp8hB+ODBXNi0q7Etd/hauAM0xI -----END CERTIFICATE-----Generated at Mon Jun 9 05:08:14 2025 by rpki-client